Everytime an application connects to an ssl-enabled server the certificate chain is verified.
On Wed, Sep 2, 2009 at 11:37 AM, Yin, Ben 1. (NSN - CN/Cheng Du)<ben.1....@nsn.com> wrote: > Hi, > > What's you mean "If your client application supports that", do you mean I do > the verify by client itself, don't use openssl default verify functionality? > > > Br > > Ben > > -----Original Message----- > From: owner-openssl-us...@openssl.org > [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville > Sent: Wednesday, September 02, 2009 11:59 AM > To: openssl-users@openssl.org > Subject: Re: Verify certificate using subordinate ca > > If your client application supports that, it could be done. but no > standard compliant application allows that to my knowledge. > > On Wed, Sep 2, 2009 at 10:35 AM, Yin, Ben 1. (NSN - CN/Cheng > Du)<ben.1....@nsn.com> wrote: >> Hi Serge, >> >> Maybe we can put the root ca into the verification chain if I can prove the >> verfiy certificate using only sub ca is impossible. But before that, do you >> know if it's possible to verfiy certificate without root ca? Thanks. >> >> >> Br >> >> Ben >> >> -----Original Message----- >> From: owner-openssl-us...@openssl.org >> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville >> Sent: Wednesday, September 02, 2009 11:28 AM >> To: openssl-users@openssl.org >> Subject: Re: Verify certificate using subordinate ca >> >> How do you think compromising a CA would occur, because a CA could >> only becom compromised when someone leaks the key for that specific CA >> And if it happens once, it will likely happen twice. And I hope in >> your best interest, you are not distributing keys to terminals. >> >> Also, if you need to copy a file to 1000^2 terminals, use a script. >> I assume you have a list of all these terminals (otherwise you have a >> serious problem) >> >> I assume you are using server certificates and client certificates. >> with these there corresponds a CRL, this crl can be automatically used >> by any clientapplication that uses a certificate issued by any CA >> >> Bacically, are you distributing keys to terminals? >> >> Regards, >> >> Serge Fonville >> >> On Wed, Sep 2, 2009 at 8:21 AM, Yin, Ben 1. (NSN - CN/Cheng >> Du)<ben.1....@nsn.com> wrote: >>> OK, regarding the CA deploy, such as, we have a one root ca and 1000 sub ca >>> signed by root ca. and each sub ca used as ca by 1000 terminals.so the >>> total network size is 1000*1000. All our ca, including root ca and sub ca, >>> was stored offline. I need copy sub ca to terminal it was used. So if one >>> of sub ca was compromised, what I need to do is sign a new sub ca using >>> root ca and copy it to 1000 terminal where sub ca has been compromised. And >>> if root ca was compromised, I need to re-deploy CA on 1000*1000 terminal >>> mannuly. That is why I want to keep root ca out of the chain. And only >>> using sub ca and certificate to do the verification. Dose it possible? It >>> seems that openssl always try to find the issuer of sub ca during tht chain >>> verification because it wasn't self signed root ca. >>> >>> >>> Br >>> >>> Ben >>> >>> -----Original Message----- >>> From: owner-openssl-us...@openssl.org >>> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville >>> Sent: Tuesday, September 01, 2009 5:14 PM >>> To: openssl-users@openssl.org >>> Subject: Re: Verify certificate using subordinate ca >>> >>> I don't see your problem honestly. Figuring out a private key is close >>> to impossible. >>> And stealing it, well, that is more related to security itself than to >>> the actual key being secure or not. >>> >>> >From what I understand, a chain works somewhat like this >>> >>> you >>> --peter >>> ----john >>> ------carl >>> >>> You talk to peter, peter is trusted by john, john is trusted by carl, >>> you trust carl >>> Say if you were to obsolete carl in this chain (by trusting john) john >>> would then become the root >>> If this is the case, why would you want to have carl at all? >>> >>> Thawte, verisign etc work the same way >>> >>> Also, why is distributing a CA cert so difficult? >>> What is your environment? >>> What applications are using the certs? >>> And how do they verify the chain? >>> >>> Again, without the key for each CA it can't be compromised >>> Has this actually happened or is this someone eing paranoid? >>> >>> Who has created the chain? >>> >>> I'm still not clear of the purpose of the root ca if it should not >>> need to be trusted >>> >>> Regards, >>> >>> Serge Fonville >>> >>> On Tue, Sep 1, 2009 at 3:52 PM, Yin, Ben 1. (NSN - CN/Cheng >>> Du)<ben.1....@nsn.com> wrote: >>>> No. In our enviroment. The root CA private key is isolated and absolutly >>>> safe. Regarding the compromised, I means CA can't be trusted any more, >>>> Such as the private key was stolen some how or someone find a way to >>>> figure out private key for one CA. it easy to set up new sub ca in one >>>> domain if those compromise happened on sub ca. but if it happened on root >>>> ca, it's quite hard to fix the our whole network. Thanks. >>>> >>>> >>>> Br >>>> >>>> Ben >>>> >>>> -----Original Message----- >>>> From: owner-openssl-us...@openssl.org >>>> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville >>>> Sent: Tuesday, September 01, 2009 4:31 PM >>>> To: openssl-users@openssl.org >>>> Subject: Re: Verify certificate using subordinate ca >>>> >>>> Based on what you state. >>>> There is no purpose for the root CA. >>>> >>>> What do you mean by compromised. >>>> If you publish a CA certificate to clients, it does not include the >>>> key. (normally) >>>> So the only thing a client can do is use it in the session at best. >>>> There is NO way a client can use a CA certificate to sign anything >>>> without the corresponding key. >>>> >>>> I have a chain on my website, and noone (except me, because I can >>>> access the server) is able to sign anything. Since the CAs are only >>>> used for signing and verifying and not for encrypting, if the CA keys >>>> are stored safely, there is no 'compromise' >>>> >>>> Are you distributing the keys as well? >>>> >>>> HTH >>>> >>>> Regards, >>>> >>>> Serge Fonville >>>> >>>> >>>> On Tue, Sep 1, 2009 at 2:13 PM, Yin, Ben 1. (NSN - CN/Cheng >>>> Du)<ben.1....@nsn.com> wrote: >>>>> I only want to verfiy the signature (I mean the procedure when sub ca >>>>> sign the certiticate). So I guess sub ca and certification should has >>>>> enough info to do it because we needn't root ca when we use sub ca to >>>>> sign the certificate. Is there a way for this requirement? Thanks. >>>>> >>>>> >>>>> Br >>>>> >>>>> Ben >>>>> >>>>> -----Original Message----- >>>>> From: owner-openssl-us...@openssl.org >>>>> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Yin, Ben 1. >>>>> (NSN - CN/Cheng Du) >>>>> Sent: Tuesday, September 01, 2009 3:06 PM >>>>> To: openssl-users@openssl.org >>>>> Subject: RE: Verify certificate using subordinate ca >>>>> >>>>> Hi Serge, >>>>> >>>>> My intention is to keep my root ca out of compromise. We want to use sub >>>>> ca to splite the domain in the our whole network. Then, we can easy to >>>>> re-sign a new sub ca and publish it if we find one domain sub ca was >>>>> compromised. And if we expose the the root ca to public ,it hard to >>>>> maintain if root ca was cracked. >>>>> >>>>> And as you said, "create a new chain and let sub ca as root", I don't >>>>> know how to do it. In my testing, I set verify depth to 1. I guess it >>>>> will make chain only include certificate and sub ca. the testing show >>>>> that the openssl still try to find the issuer of sub ca, and so the >>>>> verification was failed. >>>>> >>>>> Here is the output: >>>>> >>>>> -with certificate at depth: 1 >>>>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA >>>>> subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA >>>>> err 20:unable to get local issuer certificate >>>>> -with certificate at depth: 1 >>>>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA >>>>> subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA >>>>> err 27:certificate not trusted >>>>> -with certificate at depth: 0 >>>>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA >>>>> subject = /C=FI/ST=Tampere/L=Tampere/O=NSN/CN=lab. >>>>> err 27:certificate not trusted >>>>> >>>>> And FYI. Here is the complete chain verfication output. >>>>> >>>>> -with certificate at depth: 2 >>>>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA >>>>> subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA >>>>> err 0:ok >>>>> -with certificate at depth: 1 >>>>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA >>>>> subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA >>>>> err 0:ok >>>>> -with certificate at depth: 0 >>>>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA >>>>> subject = /C=FI/ST=Tampere/L=Tampere/O=NSN/CN=lab. >>>>> err 0:ok >>>>> >>>>> Thanks. >>>>> >>>>> Br >>>>> >>>>> Ben >>>>> >>>>> -----Original Message----- >>>>> From: owner-openssl-us...@openssl.org >>>>> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville >>>>> Sent: Tuesday, September 01, 2009 2:14 PM >>>>> To: openssl-users@openssl.org >>>>> Subject: Re: Verify certificate using subordinate ca >>>>> >>>>> Hi, >>>>> >>>>> Hmm... >>>>> >>>>> I've had the same issue. >>>>> Basically it came down to "how do you know if the sub is reliable if >>>>> you do not know whether to trust the root?" >>>>> If you do not wish to have the root as part of the chain, create a new >>>>> chain where the sub is the root >>>>> What is the reason you do not want to use the root in the chain check, >>>>> but it should be part of the chain? >>>>> >>>>> HTH >>>>> >>>>> Regards, >>>>> >>>>> Serge Fonville >>>>> >>>>> On Tue, Sep 1, 2009 at 1:04 PM, Yin, Ben 1. (NSN - CN/Cheng >>>>> Du)<ben.1....@nsn.com> wrote: >>>>>> Hi, >>>>>> >>>>>> It there a way to verify certificate with out root ca? I have 4 >>>>> certificate: >>>>>> rootca.pem is the root ca (self signed). subca.pem was signed by >>>>> rootca.pem. >>>>>> cert1.pem & cert2.pem was signed by subca.pem. I was supposed to >>>>> configure >>>>>> the client and server using subca.pem as ca, and cert1.pem & cert2.pem >>>>> as >>>>>> certificate. It seem that openssl still try to find rootca.pem to >>>>> verfiy >>>>>> subca.pem when handshake. But I don't what root.pem can bo accessed >>>>> for >>>>>> keeping it safe. So It there a way to verify certificate with out root >>>>> ca, >>>>>> only using sub ca and certificate signed by sub ca? Thanks. >>>>>> >>>>>> Br >>>>>> >>>>>> Ben >>>>> ______________________________________________________________________ >>>>> OpenSSL Project http://www.openssl.org >>>>> User Support Mailing List openssl-us...@openssl.org >>>>> Automated List Manager majord...@openssl.org >>>>> ______________________________________________________________________ >>>>> OpenSSL Project http://www.openssl.org >>>>> User Support Mailing List openssl-us...@openssl.org >>>>> Automated List Manager majord...@openssl.org >>>>> ______________________________________________________________________ >>>>> OpenSSL Project http://www.openssl.org >>>>> User Support Mailing List openssl-us...@openssl.org >>>>> Automated List Manager majord...@openssl.org >>>>> >>>> ______________________________________________________________________ >>>> OpenSSL Project http://www.openssl.org >>>> User Support Mailing List openssl-us...@openssl.org >>>> Automated List Manager majord...@openssl.org >>>> ______________________________________________________________________ >>>> OpenSSL Project http://www.openssl.org >>>> User Support Mailing List openssl-us...@openssl.org >>>> Automated List Manager majord...@openssl.org >>>> >>> ______________________________________________________________________ >>> OpenSSL Project http://www.openssl.org >>> User Support Mailing List openssl-us...@openssl.org >>> Automated List Manager majord...@openssl.org >>> ______________________________________________________________________ >>> OpenSSL Project http://www.openssl.org >>> User Support Mailing List openssl-us...@openssl.org >>> Automated List Manager majord...@openssl.org >>> >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-us...@openssl.org >> Automated List Manager majord...@openssl.org >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-us...@openssl.org >> Automated List Manager majord...@openssl.org >> > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-us...@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-us...@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
