Yes. It use openssl lib.
My client & server looks like follow to set up sub ca and certificate, the
CERTFILE only include the certificate signed by sub ca. Thanks.
...
if (SSL_CTX_load_verify_locations(ctx, CAFILE, CADIR) != 1)
int_error("Error loading CA file and/or directory");
if (SSL_CTX_set_default_verify_paths(ctx) != 1)
int_error("Error loading default CA file and/or directory");
if (SSL_CTX_use_certificate_chain_file(ctx, CERTFILE) != 1)
int_error("Error loading certificate from file");
if (SSL_CTX_use_PrivateKey_file(ctx, KEYFILE, SSL_FILETYPE_PEM) != 1)
int_error("Error loading private key from file");
....
Br
Ben
-----Original Message-----
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of ext Serge Fonville
Sent: Wednesday, September 02, 2009 12:52 PM
To: openssl-users@openssl.org
Subject: Re: Verify certificate using subordinate ca
Wat exactly are the applications you use, are they compiled against
openssl libraries?
On Wed, Sep 2, 2009 at 11:49 AM, Yin, Ben 1. (NSN - CN/Cheng
Du)<ben.1....@nsn.com> wrote:
> Yes. When server send certificate signed by sub ca to client. How client can
> verify it only use sub ca. would you please show me the client side code? :-)
> Thanks.
>
>
> Br
>
> Ben
>
> -----Original Message-----
> From: owner-openssl-us...@openssl.org
> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville
> Sent: Wednesday, September 02, 2009 12:43 PM
> To: openssl-users@openssl.org
> Subject: Re: Verify certificate using subordinate ca
>
> Everytime an application connects to an ssl-enabled server the
> certificate chain is verified.
>
> On Wed, Sep 2, 2009 at 11:37 AM, Yin, Ben 1. (NSN - CN/Cheng
> Du)<ben.1....@nsn.com> wrote:
>> Hi,
>>
>> What's you mean "If your client application supports that", do you mean I do
>> the verify by client itself, don't use openssl default verify functionality?
>>
>>
>> Br
>>
>> Ben
>>
>> -----Original Message-----
>> From: owner-openssl-us...@openssl.org
>> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville
>> Sent: Wednesday, September 02, 2009 11:59 AM
>> To: openssl-users@openssl.org
>> Subject: Re: Verify certificate using subordinate ca
>>
>> If your client application supports that, it could be done. but no
>> standard compliant application allows that to my knowledge.
>>
>> On Wed, Sep 2, 2009 at 10:35 AM, Yin, Ben 1. (NSN - CN/Cheng
>> Du)<ben.1....@nsn.com> wrote:
>>> Hi Serge,
>>>
>>> Maybe we can put the root ca into the verification chain if I can prove the
>>> verfiy certificate using only sub ca is impossible. But before that, do you
>>> know if it's possible to verfiy certificate without root ca? Thanks.
>>>
>>>
>>> Br
>>>
>>> Ben
>>>
>>> -----Original Message-----
>>> From: owner-openssl-us...@openssl.org
>>> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville
>>> Sent: Wednesday, September 02, 2009 11:28 AM
>>> To: openssl-users@openssl.org
>>> Subject: Re: Verify certificate using subordinate ca
>>>
>>> How do you think compromising a CA would occur, because a CA could
>>> only becom compromised when someone leaks the key for that specific CA
>>> And if it happens once, it will likely happen twice. And I hope in
>>> your best interest, you are not distributing keys to terminals.
>>>
>>> Also, if you need to copy a file to 1000^2 terminals, use a script.
>>> I assume you have a list of all these terminals (otherwise you have a
>>> serious problem)
>>>
>>> I assume you are using server certificates and client certificates.
>>> with these there corresponds a CRL, this crl can be automatically used
>>> by any clientapplication that uses a certificate issued by any CA
>>>
>>> Bacically, are you distributing keys to terminals?
>>>
>>> Regards,
>>>
>>> Serge Fonville
>>>
>>> On Wed, Sep 2, 2009 at 8:21 AM, Yin, Ben 1. (NSN - CN/Cheng
>>> Du)<ben.1....@nsn.com> wrote:
>>>> OK, regarding the CA deploy, such as, we have a one root ca and 1000 sub
>>>> ca signed by root ca. and each sub ca used as ca by 1000 terminals.so the
>>>> total network size is 1000*1000. All our ca, including root ca and sub ca,
>>>> was stored offline. I need copy sub ca to terminal it was used. So if one
>>>> of sub ca was compromised, what I need to do is sign a new sub ca using
>>>> root ca and copy it to 1000 terminal where sub ca has been compromised.
>>>> And if root ca was compromised, I need to re-deploy CA on 1000*1000
>>>> terminal mannuly. That is why I want to keep root ca out of the chain. And
>>>> only using sub ca and certificate to do the verification. Dose it
>>>> possible? It seems that openssl always try to find the issuer of sub ca
>>>> during tht chain verification because it wasn't self signed root ca.
>>>>
>>>>
>>>> Br
>>>>
>>>> Ben
>>>>
>>>> -----Original Message-----
>>>> From: owner-openssl-us...@openssl.org
>>>> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville
>>>> Sent: Tuesday, September 01, 2009 5:14 PM
>>>> To: openssl-users@openssl.org
>>>> Subject: Re: Verify certificate using subordinate ca
>>>>
>>>> I don't see your problem honestly. Figuring out a private key is close
>>>> to impossible.
>>>> And stealing it, well, that is more related to security itself than to
>>>> the actual key being secure or not.
>>>>
>>>> >From what I understand, a chain works somewhat like this
>>>>
>>>> you
>>>> --peter
>>>> ----john
>>>> ------carl
>>>>
>>>> You talk to peter, peter is trusted by john, john is trusted by carl,
>>>> you trust carl
>>>> Say if you were to obsolete carl in this chain (by trusting john) john
>>>> would then become the root
>>>> If this is the case, why would you want to have carl at all?
>>>>
>>>> Thawte, verisign etc work the same way
>>>>
>>>> Also, why is distributing a CA cert so difficult?
>>>> What is your environment?
>>>> What applications are using the certs?
>>>> And how do they verify the chain?
>>>>
>>>> Again, without the key for each CA it can't be compromised
>>>> Has this actually happened or is this someone eing paranoid?
>>>>
>>>> Who has created the chain?
>>>>
>>>> I'm still not clear of the purpose of the root ca if it should not
>>>> need to be trusted
>>>>
>>>> Regards,
>>>>
>>>> Serge Fonville
>>>>
>>>> On Tue, Sep 1, 2009 at 3:52 PM, Yin, Ben 1. (NSN - CN/Cheng
>>>> Du)<ben.1....@nsn.com> wrote:
>>>>> No. In our enviroment. The root CA private key is isolated and absolutly
>>>>> safe. Regarding the compromised, I means CA can't be trusted any more,
>>>>> Such as the private key was stolen some how or someone find a way to
>>>>> figure out private key for one CA. it easy to set up new sub ca in one
>>>>> domain if those compromise happened on sub ca. but if it happened on root
>>>>> ca, it's quite hard to fix the our whole network. Thanks.
>>>>>
>>>>>
>>>>> Br
>>>>>
>>>>> Ben
>>>>>
>>>>> -----Original Message-----
>>>>> From: owner-openssl-us...@openssl.org
>>>>> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville
>>>>> Sent: Tuesday, September 01, 2009 4:31 PM
>>>>> To: openssl-users@openssl.org
>>>>> Subject: Re: Verify certificate using subordinate ca
>>>>>
>>>>> Based on what you state.
>>>>> There is no purpose for the root CA.
>>>>>
>>>>> What do you mean by compromised.
>>>>> If you publish a CA certificate to clients, it does not include the
>>>>> key. (normally)
>>>>> So the only thing a client can do is use it in the session at best.
>>>>> There is NO way a client can use a CA certificate to sign anything
>>>>> without the corresponding key.
>>>>>
>>>>> I have a chain on my website, and noone (except me, because I can
>>>>> access the server) is able to sign anything. Since the CAs are only
>>>>> used for signing and verifying and not for encrypting, if the CA keys
>>>>> are stored safely, there is no 'compromise'
>>>>>
>>>>> Are you distributing the keys as well?
>>>>>
>>>>> HTH
>>>>>
>>>>> Regards,
>>>>>
>>>>> Serge Fonville
>>>>>
>>>>>
>>>>> On Tue, Sep 1, 2009 at 2:13 PM, Yin, Ben 1. (NSN - CN/Cheng
>>>>> Du)<ben.1....@nsn.com> wrote:
>>>>>> I only want to verfiy the signature (I mean the procedure when sub ca
>>>>>> sign the certiticate). So I guess sub ca and certification should has
>>>>>> enough info to do it because we needn't root ca when we use sub ca to
>>>>>> sign the certificate. Is there a way for this requirement? Thanks.
>>>>>>
>>>>>>
>>>>>> Br
>>>>>>
>>>>>> Ben
>>>>>>
>>>>>> -----Original Message-----
>>>>>> From: owner-openssl-us...@openssl.org
>>>>>> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Yin, Ben 1.
>>>>>> (NSN - CN/Cheng Du)
>>>>>> Sent: Tuesday, September 01, 2009 3:06 PM
>>>>>> To: openssl-users@openssl.org
>>>>>> Subject: RE: Verify certificate using subordinate ca
>>>>>>
>>>>>> Hi Serge,
>>>>>>
>>>>>> My intention is to keep my root ca out of compromise. We want to use sub
>>>>>> ca to splite the domain in the our whole network. Then, we can easy to
>>>>>> re-sign a new sub ca and publish it if we find one domain sub ca was
>>>>>> compromised. And if we expose the the root ca to public ,it hard to
>>>>>> maintain if root ca was cracked.
>>>>>>
>>>>>> And as you said, "create a new chain and let sub ca as root", I don't
>>>>>> know how to do it. In my testing, I set verify depth to 1. I guess it
>>>>>> will make chain only include certificate and sub ca. the testing show
>>>>>> that the openssl still try to find the issuer of sub ca, and so the
>>>>>> verification was failed.
>>>>>>
>>>>>> Here is the output:
>>>>>>
>>>>>> -with certificate at depth: 1
>>>>>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA
>>>>>> subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA
>>>>>> err 20:unable to get local issuer certificate
>>>>>> -with certificate at depth: 1
>>>>>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA
>>>>>> subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA
>>>>>> err 27:certificate not trusted
>>>>>> -with certificate at depth: 0
>>>>>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA
>>>>>> subject = /C=FI/ST=Tampere/L=Tampere/O=NSN/CN=lab.
>>>>>> err 27:certificate not trusted
>>>>>>
>>>>>> And FYI. Here is the complete chain verfication output.
>>>>>>
>>>>>> -with certificate at depth: 2
>>>>>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA
>>>>>> subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA
>>>>>> err 0:ok
>>>>>> -with certificate at depth: 1
>>>>>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA
>>>>>> subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA
>>>>>> err 0:ok
>>>>>> -with certificate at depth: 0
>>>>>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA
>>>>>> subject = /C=FI/ST=Tampere/L=Tampere/O=NSN/CN=lab.
>>>>>> err 0:ok
>>>>>>
>>>>>> Thanks.
>>>>>>
>>>>>> Br
>>>>>>
>>>>>> Ben
>>>>>>
>>>>>> -----Original Message-----
>>>>>> From: owner-openssl-us...@openssl.org
>>>>>> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville
>>>>>> Sent: Tuesday, September 01, 2009 2:14 PM
>>>>>> To: openssl-users@openssl.org
>>>>>> Subject: Re: Verify certificate using subordinate ca
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> Hmm...
>>>>>>
>>>>>> I've had the same issue.
>>>>>> Basically it came down to "how do you know if the sub is reliable if
>>>>>> you do not know whether to trust the root?"
>>>>>> If you do not wish to have the root as part of the chain, create a new
>>>>>> chain where the sub is the root
>>>>>> What is the reason you do not want to use the root in the chain check,
>>>>>> but it should be part of the chain?
>>>>>>
>>>>>> HTH
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Serge Fonville
>>>>>>
>>>>>> On Tue, Sep 1, 2009 at 1:04 PM, Yin, Ben 1. (NSN - CN/Cheng
>>>>>> Du)<ben.1....@nsn.com> wrote:
>>>>>>> Hi,
>>>>>>>
>>>>>>> It there a way to verify certificate with out root ca? I have 4
>>>>>> certificate:
>>>>>>> rootca.pem is the root ca (self signed). subca.pem was signed by
>>>>>> rootca.pem.
>>>>>>> cert1.pem & cert2.pem was signed by subca.pem. I was supposed to
>>>>>> configure
>>>>>>> the client and server using subca.pem as ca, and cert1.pem & cert2.pem
>>>>>> as
>>>>>>> certificate. It seem that openssl still try to find rootca.pem to
>>>>>> verfiy
>>>>>>> subca.pem when handshake. But I don't what root.pem can bo accessed
>>>>>> for
>>>>>>> keeping it safe. So It there a way to verify certificate with out root
>>>>>> ca,
>>>>>>> only using sub ca and certificate signed by sub ca? Thanks.
>>>>>>>
>>>>>>> Br
>>>>>>>
>>>>>>> Ben
>>>>>> ______________________________________________________________________
>>>>>> OpenSSL Project http://www.openssl.org
>>>>>> User Support Mailing List openssl-us...@openssl.org
>>>>>> Automated List Manager majord...@openssl.org
>>>>>> ______________________________________________________________________
>>>>>> OpenSSL Project http://www.openssl.org
>>>>>> User Support Mailing List openssl-us...@openssl.org
>>>>>> Automated List Manager majord...@openssl.org
>>>>>> ______________________________________________________________________
>>>>>> OpenSSL Project http://www.openssl.org
>>>>>> User Support Mailing List openssl-us...@openssl.org
>>>>>> Automated List Manager majord...@openssl.org
>>>>>>
>>>>> ______________________________________________________________________
>>>>> OpenSSL Project http://www.openssl.org
>>>>> User Support Mailing List openssl-us...@openssl.org
>>>>> Automated List Manager majord...@openssl.org
>>>>> ______________________________________________________________________
>>>>> OpenSSL Project http://www.openssl.org
>>>>> User Support Mailing List openssl-us...@openssl.org
>>>>> Automated List Manager majord...@openssl.org
>>>>>
>>>> ______________________________________________________________________
>>>> OpenSSL Project http://www.openssl.org
>>>> User Support Mailing List openssl-us...@openssl.org
>>>> Automated List Manager majord...@openssl.org
>>>> ______________________________________________________________________
>>>> OpenSSL Project http://www.openssl.org
>>>> User Support Mailing List openssl-us...@openssl.org
>>>> Automated List Manager majord...@openssl.org
>>>>
>>> ______________________________________________________________________
>>> OpenSSL Project http://www.openssl.org
>>> User Support Mailing List openssl-us...@openssl.org
>>> Automated List Manager majord...@openssl.org
>>> ______________________________________________________________________
>>> OpenSSL Project http://www.openssl.org
>>> User Support Mailing List openssl-us...@openssl.org
>>> Automated List Manager majord...@openssl.org
>>>
>> ______________________________________________________________________
>> OpenSSL Project http://www.openssl.org
>> User Support Mailing List openssl-us...@openssl.org
>> Automated List Manager majord...@openssl.org
>> ______________________________________________________________________
>> OpenSSL Project http://www.openssl.org
>> User Support Mailing List openssl-us...@openssl.org
>> Automated List Manager majord...@openssl.org
>>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-us...@openssl.org
> Automated List Manager majord...@openssl.org
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-us...@openssl.org
> Automated List Manager majord...@openssl.org
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
