Curl – Fix SSL Certificate Problem: Unable to Get Local Issuer Certificate

curlrssl

I want to download a file (https://discovery.ucl.ac.uk/1575442/1/Palmisanoetal.zip) from a public server via the R command 

temp <- tempfile()   
utils::download.file(db_url, temp, method = 'curl')

This does not work on my Ubuntu 18.04.3 LTS (Bionic Beaver) system. I get the following error: 

curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
Error in utils::download.file(db_url, temp, method = "curl") : 
'curl' call had nonzero exit status

I get the same error on the command line with curl (curl https://discovery.ucl.ac.uk/1575442/1/Palmisanoetal.zip).

I did some experiments and googling and realized that I can access the file without any problems with my Browser (Chromium). My system/curl seems to lack a CA certificate that my browser has. I tried to determine which certificate this server is using with openssl s_client -showcerts -servername discovery.ucl.ac.uk -connect discovery.ucl.ac.uk:443 and added the result (QuoVadis EV SSL ICA G3) to my /etc/ssl/certs/ca-certificates.crt file. This did not solve the problem.

I don't want to solve this with the curl --insecure flag. I also don't have any control over https://discovery.ucl.ac.uk. I just want to access the file with R.

Best Answer

Curl is failing because that site is incorrectly configured

Certificates are used to sign other certificates, forming chains. A CA has a root certificate, which is trusted by operating systems and browsers. This root certificate is most commonly used to sign one or several intermediate certificates, which in turn are used to sign leaf certificates (that can not sign other certificates), which are what websites use.

Browsers and operating systems tend to carry only the root certificates, but to verify a leaf certificate (and establish a secure connection), a client needs the entire chain of certificates. In practice, that means that a website must not just supply its leaf certificate, it must also supply the used intermediate certificate. And discovery.ucl.ac.uk fails to do that.

I'll show you.

Finding the problem

openssl is a X509 / SSL swiss army knife that proves very useful here:

% openssl s_client -connect discovery.ucl.ac.uk:443 -servername discovery.ucl.ac.uk -showcerts
CONNECTED(00000003)
depth=0 jurisdictionC = GB, businessCategory = Government Entity, serialNumber = November-15-77, C = GB, ST = London, L = London, O = University College London, CN = discovery.ucl.ac.uk
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 jurisdictionC = GB, businessCategory = Government Entity, serialNumber = November-15-77, C = GB, ST = London, L = London, O = University College London, CN = discovery.ucl.ac.uk
verify error:num=21:unable to verify the first certificate
verify return:1
140212799304832:error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small:../ssl/statem/statem_clnt.c:2150:
---
Certificate chain
 0 s:jurisdictionC = GB, businessCategory = Government Entity, serialNumber = November-15-77, C = GB, ST = London, L = London, O = University College London, CN = discovery.ucl.ac.uk
   i:C = BM, O = QuoVadis Limited, CN = QuoVadis EV SSL ICA G3
-----BEGIN CERTIFICATE-----
MIIH4DCCBcigAwIBAgIUWsWTIuklFQIki5zk7SzvkyYF4MswDQYJKoZIhvcNAQEL
BQAwSTELMAkGA1UEBhMCQk0xGTAXBgNVBAoMEFF1b1ZhZGlzIExpbWl0ZWQxHzAd
BgNVBAMMFlF1b1ZhZGlzIEVWIFNTTCBJQ0EgRzMwHhcNMTkwOTExMTAyNDExWhcN
MjEwOTExMTAzNDAwWjCBuzETMBEGCysGAQQBgjc8AgEDEwJHQjEaMBgGA1UEDwwR
R292ZXJubWVudCBFbnRpdHkxFzAVBgNVBAUTDk5vdmVtYmVyLTE1LTc3MQswCQYD
VQQGEwJHQjEPMA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25kb24xIjAgBgNV
BAoMGVVuaXZlcnNpdHkgQ29sbGVnZSBMb25kb24xHDAaBgNVBAMME2Rpc2NvdmVy
eS51Y2wuYWMudWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvh4j4
ub+jjytAuayjz1jXpFooMEgg09Opvruzy1Vkz8KT7VYFurfQpp7xO0kDJV9bz4U6
vVUmqd9R2NaJDs0TtpKjyDFwNq1XR2+39L6JlJuIxdGRUMNLh1geNfBB7QJHac0I
xwstH/mXU9H4eU1JyS8TuVnpCbDZnSqCaQ08hl4137FGrloSL+EHqErzrmz8NzNd
725EKSG1/XP8d8O1FJDaAyvES2JfJWuhrcwa6WPPQdCu2cI4GzMRzPes3aD+IjJl
8tGVep5ketM+Kgsrn9tjiZhFcSOcxO0apRAAAYOA6NBoZvPCLr16CGQSJM/0e2N2
PM/PUh14db39Me79AgMBAAGjggNLMIIDRzAMBgNVHRMBAf8EAjAAMB8GA1UdIwQY
MBaAFOWEVNCQSZ84uvLJ4SoIxU6foEg/MHgGCCsGAQUFBwEBBGwwajA5BggrBgEF
BQcwAoYtaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdmV2c3NsZzMu
Y3J0MC0GCCsGAQUFBzABhiFodHRwOi8vZXYub2NzcC5xdW92YWRpc2dsb2JhbC5j
b20wMQYDVR0RBCowKIITZGlzY292ZXJ5LnVjbC5hYy51a4IRZXByaW50cy51Y2wu
YWMudWswWgYDVR0gBFMwUTBGBgwrBgEEAb5YAAJkAQIwNjA0BggrBgEFBQcCARYo
aHR0cDovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTAHBgVngQwB
ATAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwPAYDVR0fBDUwMzAxoC+g
LYYraHR0cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20vcXZldnNzbGczLmNybDAd
BgNVHQ4EFgQU0+IV/WaITVrZeCsIddZvFZSkuUswDgYDVR0PAQH/BAQDAgWgMIIB
fwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdgC72d+8H4pxtZOUI5eqkntHOFeVCqtS
6BqQlmQ2jh7RhQAAAW0f40mRAAAEAwBHMEUCIQDYLCvmTrDxh16qE30yqTirA3A+
Xv6TZlpUssZxI+ApqgIgSGicwtcECtcjsSnKmEwUVv6hQnvksG7dH5AqPZ7jbQ0A
dwBWFAaaL9fC7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAW0f40m4AAAEAwBI
MEYCIQCPhcwTIoiYCt6Esw49b7bcvRyREX29fRuaX36wJxQ6TAIhAJyPt8r3g++L
xWdb/sWRfF7Jn4zlyA7iUWFTF84dwK5xAHYAb1N2rDHwMRnYmQCkURX/dxUcEdkC
wQApBo2yCJo32RMAAAFtH+NKoAAABAMARzBFAiB/85erYq3OelUTEYpdJdIK//2N
AUG6EtuDCR/UspBmnQIhANbyKv+L+b02o5YIRqRKJ49LJEyJFyRxHrRM8lH9qRk8
MA0GCSqGSIb3DQEBCwUAA4ICAQAjJurMYSd9KFvcOcMZNO1DLsKytJ3N6SIkHXph
J2fpXD4sfBHxxG37r7a3hWi7vqNb4PTL8VIixKw+u/Si0tknJIyHsVf64eI4tfMD
kPDJGxMgr9qEsNukwVXgsnerqXYQRAcgYsnMLEdrgo+7SW7caTnm/adfqrc6r9Ar
4fHRidr9p7RuEM/eRCCmBqswHI7hpsE6miKLh1aXqF6I6JiSCApz3X7mJ4OiLVFN
GKw8rZHGEJUsLQBWIW0qZPjrzNG3M/LF5chVhS9D7HcUtXEFP7smNPdNGgbVTtfY
3+sXpFFdhED5ooRJCkX2/JfylXN3LT8v0iNI04HNQ1/fS27k9Q5QBahEBsvSzh88
OdHP/2jyyQwiGqNH9Q+UGGrYBW50OJB13ztobAeEWITPwI40nf3wU3qoCvM/nvJu
8kO0lD3kD4AyLqWnOYvwgjCzgVe2zuLI9F/BZiZnmXaiJq2SSzgTmIzv/HB0zSHF
BWQpgZpacZok7AhZ3vzpbOdJfgcSOCe/W6+drLyA5wTzV3m4+taU5eKvnI9NN5Xb
iUHXmqLElHVZYakpDAJkT20Uud5uIGHGwiHFYvyHgHlNBxa77Bn2gYxKtH95y3o/
C0SaHauNL7ghuyZVxNRWsKcVWlZ+1/TrOlEp00nTFyoWqxbFgwVP9WarCRDX/rZ/
Yzr/sQ==
-----END CERTIFICATE-----
---
Server certificate
subject=jurisdictionC = GB, businessCategory = Government Entity, serialNumber = November-15-77, C = GB, ST = London, L = London, O = University College London, CN = discovery.ucl.ac.uk

issuer=C = BM, O = QuoVadis Limited, CN = QuoVadis EV SSL ICA G3

---
No client certificate CA names sent
---
SSL handshake has read 2653 bytes and written 318 bytes
Verification error: unable to verify the first certificate
---
New, (NONE), Cipher is (NONE)
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID: 0BEE74506F0378851356FE55F7EA41ACE0E5C5C065C19C8EE24F5A1607BAD1FC
    Session-ID-ctx: 
    Master-Key: 
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1578589105
    Timeout   : 7200 (sec)
    Verify return code: 21 (unable to verify the first certificate)
    Extended master secret: no
---

Relevant for us here is the part after Certificate chain. It shows only one certificate.

Feeding that -----BEGIN CERTIFICATE----- block through openssl x509 -text -noout presents the certificate in a more readable form:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:c5:93:22:e9:25:15:02:24:8b:9c:e4:ed:2c:ef:93:26:05:e0:cb
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = BM, O = QuoVadis Limited, CN = QuoVadis EV SSL ICA G3
        Validity
            Not Before: Sep 11 10:24:11 2019 GMT
            Not After : Sep 11 10:34:00 2021 GMT
        Subject: jurisdictionC = GB, businessCategory = Government Entity, serialNumber = November-15-77, C = GB, ST = London, L = London, O = University College London, CN = discovery.ucl.ac.uk
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:87:88:f8:b9:bf:a3:8f:2b:40:b9:ac:a3:cf:
                    58:d7:a4:5a:28:30:48:20:d3:d3:a9:be:bb:b3:cb:
                    55:64:cf:c2:93:ed:56:05:ba:b7:d0:a6:9e:f1:3b:
                    49:03:25:5f:5b:cf:85:3a:bd:55:26:a9:df:51:d8:
                    d6:89:0e:cd:13:b6:92:a3:c8:31:70:36:ad:57:47:
                    6f:b7:f4:be:89:94:9b:88:c5:d1:91:50:c3:4b:87:
                    58:1e:35:f0:41:ed:02:47:69:cd:08:c7:0b:2d:1f:
                    f9:97:53:d1:f8:79:4d:49:c9:2f:13:b9:59:e9:09:
                    b0:d9:9d:2a:82:69:0d:3c:86:5e:35:df:b1:46:ae:
                    5a:12:2f:e1:07:a8:4a:f3:ae:6c:fc:37:33:5d:ef:
                    6e:44:29:21:b5:fd:73:fc:77:c3:b5:14:90:da:03:
                    2b:c4:4b:62:5f:25:6b:a1:ad:cc:1a:e9:63:cf:41:
                    d0:ae:d9:c2:38:1b:33:11:cc:f7:ac:dd:a0:fe:22:
                    32:65:f2:d1:95:7a:9e:64:7a:d3:3e:2a:0b:2b:9f:
                    db:63:89:98:45:71:23:9c:c4:ed:1a:a5:10:00:01:
                    83:80:e8:d0:68:66:f3:c2:2e:bd:7a:08:64:12:24:
                    cf:f4:7b:63:76:3c:cf:cf:52:1d:78:75:bd:fd:31:
                    ee:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Authority Key Identifier: 
                keyid:E5:84:54:D0:90:49:9F:38:BA:F2:C9:E1:2A:08:C5:4E:9F:A0:48:3F

            Authority Information Access: 
                CA Issuers - URI:http://trust.quovadisglobal.com/qvevsslg3.crt
                OCSP - URI:http://ev.ocsp.quovadisglobal.com

            X509v3 Subject Alternative Name: 
                DNS:discovery.ucl.ac.uk, DNS:eprints.ucl.ac.uk
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.8024.0.2.100.1.2
                  CPS: http://www.quovadisglobal.com/repository
                Policy: 2.23.140.1.1

            X509v3 Extended Key Usage: 
                TLS Web Client Authentication, TLS Web Server Authentication
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:http://crl.quovadisglobal.com/qvevsslg3.crl

            X509v3 Subject Key Identifier: 
                D3:E2:15:FD:66:88:4D:5A:D9:78:2B:08:75:D6:6F:15:94:A4:B9:4B
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : BB:D9:DF:BC:1F:8A:71:B5:93:94:23:97:AA:92:7B:47:
                                38:57:95:0A:AB:52:E8:1A:90:96:64:36:8E:1E:D1:85
                    Timestamp : Sep 11 10:34:12.241 2019 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:D8:2C:2B:E6:4E:B0:F1:87:5E:AA:13:
                                7D:32:A9:38:AB:03:70:3E:5E:FE:93:66:5A:54:B2:C6:
                                71:23:E0:29:AA:02:20:48:68:9C:C2:D7:04:0A:D7:23:
                                B1:29:CA:98:4C:14:56:FE:A1:42:7B:E4:B0:6E:DD:1F:
                                90:2A:3D:9E:E3:6D:0D
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 56:14:06:9A:2F:D7:C2:EC:D3:F5:E1:BD:44:B2:3E:C7:
                                46:76:B9:BC:99:11:5C:C0:EF:94:98:55:D6:89:D0:DD
                    Timestamp : Sep 11 10:34:12.280 2019 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:8F:85:CC:13:22:88:98:0A:DE:84:B3:
                                0E:3D:6F:B6:DC:BD:1C:91:11:7D:BD:7D:1B:9A:5F:7E:
                                B0:27:14:3A:4C:02:21:00:9C:8F:B7:CA:F7:83:EF:8B:
                                C5:67:5B:FE:C5:91:7C:5E:C9:9F:8C:E5:C8:0E:E2:51:
                                61:53:17:CE:1D:C0:AE:71
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
                                15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
                    Timestamp : Sep 11 10:34:12.512 2019 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:7F:F3:97:AB:62:AD:CE:7A:55:13:11:8A:
                                5D:25:D2:0A:FF:FD:8D:01:41:BA:12:DB:83:09:1F:D4:
                                B2:90:66:9D:02:21:00:D6:F2:2A:FF:8B:F9:BD:36:A3:
                                96:08:46:A4:4A:27:8F:4B:24:4C:89:17:24:71:1E:B4:
                                4C:F2:51:FD:A9:19:3C
    Signature Algorithm: sha256WithRSAEncryption
         23:26:ea:cc:61:27:7d:28:5b:dc:39:c3:19:34:ed:43:2e:c2:
         b2:b4:9d:cd:e9:22:24:1d:7a:61:27:67:e9:5c:3e:2c:7c:11:
         f1:c4:6d:fb:af:b6:b7:85:68:bb:be:a3:5b:e0:f4:cb:f1:52:
         22:c4:ac:3e:bb:f4:a2:d2:d9:27:24:8c:87:b1:57:fa:e1:e2:
         38:b5:f3:03:90:f0:c9:1b:13:20:af:da:84:b0:db:a4:c1:55:
         e0:b2:77:ab:a9:76:10:44:07:20:62:c9:cc:2c:47:6b:82:8f:
         bb:49:6e:dc:69:39:e6:fd:a7:5f:aa:b7:3a:af:d0:2b:e1:f1:
         d1:89:da:fd:a7:b4:6e:10:cf:de:44:20:a6:06:ab:30:1c:8e:
         e1:a6:c1:3a:9a:22:8b:87:56:97:a8:5e:88:e8:98:92:08:0a:
         73:dd:7e:e6:27:83:a2:2d:51:4d:18:ac:3c:ad:91:c6:10:95:
         2c:2d:00:56:21:6d:2a:64:f8:eb:cc:d1:b7:33:f2:c5:e5:c8:
         55:85:2f:43:ec:77:14:b5:71:05:3f:bb:26:34:f7:4d:1a:06:
         d5:4e:d7:d8:df:eb:17:a4:51:5d:84:40:f9:a2:84:49:0a:45:
         f6:fc:97:f2:95:73:77:2d:3f:2f:d2:23:48:d3:81:cd:43:5f:
         df:4b:6e:e4:f5:0e:50:05:a8:44:06:cb:d2:ce:1f:3c:39:d1:
         cf:ff:68:f2:c9:0c:22:1a:a3:47:f5:0f:94:18:6a:d8:05:6e:
         74:38:90:75:df:3b:68:6c:07:84:58:84:cf:c0:8e:34:9d:fd:
         f0:53:7a:a8:0a:f3:3f:9e:f2:6e:f2:43:b4:94:3d:e4:0f:80:
         32:2e:a5:a7:39:8b:f0:82:30:b3:81:57:b6:ce:e2:c8:f4:5f:
         c1:66:26:67:99:76:a2:26:ad:92:4b:38:13:98:8c:ef:fc:70:
         74:cd:21:c5:05:64:29:81:9a:5a:71:9a:24:ec:08:59:de:fc:
         e9:6c:e7:49:7e:07:12:38:27:bf:5b:af:9d:ac:bc:80:e7:04:
         f3:57:79:b8:fa:d6:94:e5:e2:af:9c:8f:4d:37:95:db:89:41:
         d7:9a:a2:c4:94:75:59:61:a9:29:0c:02:64:4f:6d:14:b9:de:
         6e:20:61:c6:c2:21:c5:62:fc:87:80:79:4d:07:16:bb:ec:19:
         f6:81:8c:4a:b4:7f:79:cb:7a:3f:0b:44:9a:1d:ab:8d:2f:b8:
         21:bb:26:55:c4:d4:56:b0:a7:15:5a:56:7e:d7:f4:eb:3a:51:
         29:d3:49:d3:17:2a:16:ab:16:c5:83:05:4f:f5:66:ab:09:10:
         d7:fe:b6:7f:63:3a:ff:b1

Particularly relevant are these lines:

Issuer: C = BM, O = QuoVadis Limited, CN = QuoVadis EV SSL ICA G3
Subject: jurisdictionC = GB  [...]  CN = discovery.ucl.ac.uk

This shows that the provided certificate is a leaf certificate, for discovery.ucl.ac.uk, and that it is signed by some certificate (or rather entity) named QuoVadis EV SSL ICA G3. It will become clear later that this is not a root certificate (for now, the lack of CA in the name is a hint; and ICA commonly means intermediate certificate authority).

The certificate @little_dog suggested you download is the missing intermediate certificate (NOT the root certificate!). You can see that from the following lines in his answer:

Issuer: C = BM, O = QuoVadis Limited, CN = QuoVadis Root CA 2 G3
Subject: C = BM, O = QuoVadis Limited, CN = QuoVadis EV SSL ICA G3

That certificate is the QuoVadis EV SSL ICA G3 referenced by the leaf certificate above! But this certificate is not a root certificate. Root certificates are signed by themselves, but this certificate is signed by QuoVadis Root CA 2 G3. Which, by the way, has CA in its name.

So, where do we get the root certificate? Ideally, it should be in your browser or OS. For Debian at least (and probably Ubuntu as well), we can check with this monstrosity: 

% awk -v cmd='openssl x509 -noout -subject' '/BEGIN/{close(cmd)};{print | cmd}' < /etc/ssl/certs/ca-certificates.crt | grep 'QuoVadis Root CA 2 G3'
subject=C = BM, O = QuoVadis Limited, CN = QuoVadis Root CA 2 G3

The first part of the command produces the certificate subjects ("names") of all system-trusted CA certificates, which we then search for the relevant QuoVadis root certificate. On my system it finds this, so the root certificate is present.

To recap

  • Root cert QuoVadis Root CA 2 G3 (on your system)
    • signs intermediate cert QuoVadis EV SSL ICA G3 (missing)
      • signs leaf cert discovery.ucl.ac.uk (provided by web server)

Where should the intermediate cert come from? The answer to that is simple: the web server should provide it as well. Then the client can check the whole chain up until the root certificate (which comes from its trust store).

Getting it fixed

@little_dog's answer had you download the intermediate, and install that in your trust store, effectively turning that intermediate into a root cert for your system. That will work for this particular problem, for now, but there are drawbacks:

  • It will only solve this very particular problem on your particular machine. Download from another misconfigured web server? Same problem. Download from this site on another machine? Same problem.
  • Intermediates are usually shorter-lived than root certs. At some point in the future, your manually-installed intermediate will expire, and then it will stop working.
  • Intermediates are there for a reason. In the case of a CA compromise, intermediates can be compromised as well. A CA will then revoke those intermediates, and create new ones and re-issue leaf certs. But because you manually trusted your intermediate, it won't be revoked and your system might end up trusting servers it shouldn't.

The real solution is getting the website fixed. Try reporting it to the discovery.ucl.ac.uk webmasters. Any decent web server admin should know exactly what's up when you report to them that the webserver isn't serving the intermediate CA certificate. If they need more information, this answer has plenty :)

There are also dozens of online services that will check any web server you specify and report a list of potential security issues and configuration problems. I tried a handful, and they all complained about the missing intermediate certificate. A few popular ones include:

But it worked in Chrome?

The story becomes more complicated here. There's a mechanism called Authority Information Access (AIA) that allows HTTP clients to query the CA for the intermediate certificate. You can see URLs provided for it in the textual certificate output earlier in this answer.

But not every client implements AIA fetching. Internet Explorer and Safari do. Chrome relies on the OS to do this (so yes on some platforms, no on others). Android does not. Firefox does not, because of privacy concerns. Curl and wget do not, as far as I can tell.

Complicating things further, browsers can cache intermediate certificates they encountered, so if you visit a website that correctly sends the QuoVadis EV SSL ICA G3 intermediate with your browser, that certificate may be cached, and then website that otherwise wouldn't work suddenly would. Finally, browsers/OSes could come with (some) intermediate certificates pre-loaded, which would also hide this issue. At least Firefox is exploring this option.

None of these things can be relied on though; plenty of clients don't do AIA fetching or pre-loading. So until these mechanisms become mandatory and universally supported, web servers will still need to include all the certificates to complete the chain.

Related Question