> From: owner-openssl-dev On Behalf Of Kurt Roeckx via RT > Sent: Monday, January 06, 2014 04:22
> I received an smime signed email but I had a problem verifying the > signature. What I get was 3 certificates in the chain, but it > didn't look for the certificate in my CApath. > > The orders of the certs as shown by pkcs7 -print_certs was: > 2 > 3 > 1 > > Where 1 was the end user certificate, 2 is the is an intermediate > CA and 3 is one in my CApath but in't a self signed certificate > but issued by an other certificate. > > The problem now is that it's trying to find the issuer of > certificate 3 which is not in my CApath and then fail with this > message: > 139720205891240:error:21075075:PKCS7 routines:PKCS7_verify:certificate > verify error:pk7_smime.c:342:Verify error:unable to get local issuer > certificate > Since the issuer of 3 (call it 4 for convenience) isn't in your truststore, yes this error is expected. > When only certificate 2 and 1 are send, I the verififcation is > succesful because it's now trying to find the issuer of 2, being > 3, and does find that in my CApath. > Are you sure the '3' in your truststore is the same as the one sent? If so, openssl should find 3 and then look for 4 and fail the same way. I'd bet you actually have '3A' -- a different cert for the same CA name (and key), which is self signed and thus a root. In that case the chain 1,2,3A verifies, but the chain 1,2,3,(4) fails. > I assume this would also work if the 3rd certificate was a self > signed version instead of the something that was signed by someone > else. The issuer would then be itself and it would look that up. > If you have a self-signed cert >in your truststore< -- what I call 3A -- yes that should work. Note that just sending 1,2,3A in the message and not having 3A in your truststore would still fail. openssl must always find the root locally whether or not it is sent. > Wouldn't it make sense to check that any of the certificates that > are send are in the CApath rather than just the issuer of the > last one in the chain? > In other words, try multiple or 'alternate' CA paths, not just the 'first' one given by the message (or other protocol). Yes, many (most?) other SSL implementations do that. openssl,at least through 1.0.1, does not. There are apparently changes in cert/chain verification coming in 1.0.2, but I don't know if it includes this. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
