Background:
- Ubuntu Server 14.10 64-bit on aws.amazon.com/ec2
- Cheap PositiveSSL server certificate from COMODO
- 1 server certificate, 2 intermediate CA certificates and 1 Root CA certificate as ZIP archive from COMODO
- Citadel's WebCit httpsd
Problem:
The concatenated certificate chain seems to be correct but verification fails.
openssl s_client myhost:port
shows the certificate chain and the issuer-subject pairs line up correctly through the chain, but:
verify error:num=19:self signed certificate in certificate chain
The root CA certificate is not accepted by openssl, although it is found per default in the Ubuntu server trust store.
Specifically:
AddTrustExternalCARoot.crt
received per email from COMODO and
/etc/ssl/certs/AddTrust_External_Root.pem
which links to
/usr/share/ca-certificates/mozilla/AddTrust_External_Root.crt
are indentical.
What is wrong here?
Best Answer
OpenSSL at least through current (1.0.2a) has a bug where
s_client
with NO-CA{path,file}
argument doesn't actually use the default truststore as it should, and thus fails to verify certs that are valid according to that truststore. (Alsos_server
ands_time
, but caring about verification in those is rare.) See https://serverfault.com/questions/607233/how-to-make-openssl-s-client-using-default-ca . A fix is announced in dev, but may take some time to be released and distributed. In the meantime you need to explicitly specify the-CA*
argument(s). Note thatopenssl verify
does not have this bug, and therefore correctly reported the cert/chain as valid.UPDATES 2015/08/26: fix was released 2015/06/12 in 1.0.1o and 1.0.2c. Also, while investigating something else I found that RedHat packages may have been okay. More specifically the CentOS source RPM for
openssl-1.0.1e-30.el6.11
which I understand is a copy of the RedHat one (but can't easily confirm) containsopenssl-1.0.1c-default-paths.patch
which contains changes tos_client.c s_server.c s_time.c
dated 2012/12/06 that appear equivalent to (though not textually the same as) the 2015/06/12 upstream fixes. Assuming this patch was applied in RedHat and CentOS packages, which I can't easily go back and check, they would (have) work(ed) as expected.