> From: owner-openssl-us...@openssl.org On Behalf Of Mr.Rout > Sent: Wednesday, 07 March, 2012 05:33
> While setting up the TLS session i am facing below error. > > TLS Alert Level: Fatal, Description: Unable to verify leaf > signature (21) > > I created the Chained certfificate like below : > ROOTCA---->ServerCA----->ServerCert > I kept ROOTCA at my TLS client and cancatenated version of > all the above > certs (cat ROOTCA.pem ServerCA.pem Servercert.pem > server.pem > Is your server using OpenSSL? I'm assuming it probably is since you ask here, but you didn't say so. If so it can't be using that particular server.pem file, because you would never get as far as a handshake if you give OpenSSL either a cert-file or a chain-file with the root cert (or any cert other than the entity cert) first. Assuming OpenSSL, you have two choices, depending on what the program does (or you change it to do). 1. concatenate the server cert, then the intermediate cert (all of them if more than one), then optionally the root cert, in PEM format in a file and have the program specify that file to _use_certificate_chain_file NOT _use_certificate_file. 2. have the program call _use_certificate_file with a file (PEM or DER) containing the server cert (and optionally the server key if you use the same file for _use_PrivateKey_file) AND ALSO put the intermediate cert(s) and optionally root cert in the server's local truststore, which can be any of: 2A. a concatenated PEM file the program gives to _load_verify_locations 2B. separate PEM files in a directory with hash names ditto 2C,2D. a concatenated file, or directory of hashnamed files, that are the defaults for the build of OpenSSL you are using, typically something like /etc/ssl/certs[/cacerts.pem] and the program calls _set_default_verify_paths. A server-specific truststore (2A,2B) may already exist if the server does client-authentication, otherwise likely not. You may include the root in the chain-file (1) or truststore (2) but don't need to; the client must always use a locally stored copy (which you say it has) and ignore any the server sends. In (2) you often do want the root in the truststore, especially the default one, for other uses. In (1) it's up to you. Technically there is a third alternative: you can put the intermediate(s) (and root) in each client's truststore, and then the server doesn't need to send it(them). This is usually more difficult, and for a public server usually impossible. For client-auth if used (which is rare) repeat above with client and server swapped. > Note: When its 2nd level chained certs then i am facing the > issue where as > for 1-level chained (i.e. CA signed cert) i donot see this issue. > For your '1-level' no intermediate exists for the above to apply to. Self-signed is a bit different but you didn't ask about that. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
