Bug#607616: libgnutls26: the GnuTLS searches CA certs by subject and stops on first? (fails on more CA with the same subj)
Vaclav Ovsik
vaclav.ovsik at gmail.com
Mon Dec 20 10:19:17 UTC 2010
Package: libgnutls26
Version: 2.8.6-1
Severity: normal
Hi,
after renewing intermediate CA certificate of our company CA I can't
connect to some servers using ldaps. GnuTLS validation is broken.
Renewed CA has the same subject as previous. The certs are accessible at
http://www.i.cz/ca/ (Issued by MS CA).
zito at bobek:/usr/share/ca-certificates/local$ openssl x509 -subject -dates -serial -noout -in ICZ-Issuing-CA.crt
subject= /C=CZ/O=ICZ a.s./CN=ICZ Issuing CA
notBefore=Oct 16 12:05:52 2007 GMT
notAfter=Oct 16 12:15:52 2011 GMT
serial=1101979C000000000002
zito at bobek:/usr/share/ca-certificates/local$ openssl x509 -subject -dates -serial -noout -in ICZ-Issuing-CA-1.crt
subject= /C=CZ/O=ICZ a.s./CN=ICZ Issuing CA
notBefore=Oct 15 11:06:03 2010 GMT
notAfter=Oct 15 11:16:03 2014 GMT
serial=6106B6F4000000000003
zito at bobek:/usr/share/ca-certificates/local$
I think it is legal to have subject DN the same for successive
certificates.
zito at bobek:~$ grep ICZ /etc/ca-certificates.conf
local/ICZ-Issuing-CA.crt
local/ICZ-Issuing-CA-1.crt
local/ICZ-Root-CA.crt
zito at bobek:~$ sudo update-ca-certificates
Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d....
updating keystore /etc/ssl/certs/java/cacerts...
done.
done.
According the above the old Issuing CA cert is the first now.
Connection to a server with a cert issued by the new CA:
zito at bobek:~$ gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p 636 foo.i.cz
Processed 146 CA certificate(s).
Resolving 'foo.i.cz'...
Connecting to '10.0.0.2:636'...
- Successfully sent 0 certificate(s) to server.
- Server has requested a certificate.
- Certificate type: X.509
- Got a certificate list of 2 certificates.
- Certificate[0] info:
- subject `C=CZ,ST=Czech Republic,L=Prague,O=ICZ a.s.,CN=foo.i.cz', issuer `C=CZ,O=ICZ a.s.,CN=ICZ Issuing CA', RSA key 2048 bits, signed using RSA-SHA, activated `2010-12-17 15:10:36 UTC', expires `2011-12-17 15:10:36 UTC', SHA-1 fingerprint `b92db94bb3386f9906c154879a2b6c6390e3a5af'
- Certificate[1] info:
- subject `C=CZ,O=ICZ a.s.,CN=ICZ Issuing CA', issuer `C=CZ,O=ICZ a.s.,CN=ICZ Root CA', RSA key 2048 bits, signed using RSA-SHA, activated `2010-10-15 11:06:03 UTC', expires `2014-10-15 11:16:03 UTC', SHA-1 fingerprint `b95fb82d16fe06c316465ac087b335ad3d938e99'
- The hostname in the certificate matches 'foo.i.cz'.
- Peer's certificate is NOT trusted
- Version: TLS1.0
- Key Exchange: RSA
- Cipher: ARCFOUR-128
- MAC: MD5
- Compression: NULL
*** Verifying server certificate failed...
Connection to a server with a cert issued by the old CA:
zito at bobek:~$ gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt bar.i.cz
Processed 146 CA certificate(s).
Resolving 'bar.i.cz'...
Connecting to '10.0.0.1:443'...
- Ephemeral Diffie-Hellman parameters
- Using prime: 1024 bits
- Secret key: 1022 bits
- Peer's public key: 1024 bits
- Certificate type: X.509
- Got a certificate list of 4 certificates.
- Certificate[0] info:
- subject `C=CZ,O=ICZ a.s.,OU=Machines,CN=bar.i.cz', issuer `C=CZ,O=ICZ a.s.,CN=ICZ Issuing CA', RSA key 1024 bits, signed using RSA-SHA, activated `2010-08-16 08:59:50 UTC', expires `2011-08-16 08:59:50 UTC', SHA-1 fingerprint `5a1d9f505fdc80e46b3e6594b1eed80a3b95a523'
- Certificate[1] info:
- subject `C=CZ,O=ICZ a.s.,CN=ICZ Root CA', issuer `C=CZ,O=ICZ a.s.,CN=ICZ Root CA', RSA key 2048 bits, signed using RSA-SHA, activated `2007-10-16 08:06:26 UTC', expires `2014-10-16 08:15:03 UTC', SHA-1 fingerprint `ea02ef9e4bc20f822a9bd2adb4dc263749f89241'
- Certificate[2] info:
- subject `C=CZ,O=ICZ a.s.,CN=ICZ Issuing CA', issuer `C=CZ,O=ICZ a.s.,CN=ICZ Root CA', RSA key 2048 bits, signed using RSA-SHA, activated `2007-10-16 12:05:52 UTC', expires `2011-10-16 12:15:52 UTC', SHA-1 fingerprint `daa9c584ba23020fc9c3d266a2ba65d739e9f5f4'
- Certificate[3] info:
- subject `C=CZ,O=ICZ a.s.,CN=ICZ Issuing CA', issuer `C=CZ,O=ICZ a.s.,CN=ICZ Root CA', RSA key 2048 bits, signed using RSA-SHA, activated `2010-10-15 11:06:03 UTC', expires `2014-10-15 11:16:03 UTC', SHA-1 fingerprint `b95fb82d16fe06c316465ac087b335ad3d938e99'
- The hostname in the certificate matches 'bar.i.cz'.
- Peer's certificate is trusted
- Version: TLS1.0
- Key Exchange: DHE-RSA
- Cipher: AES-128-CBC
- MAC: SHA1
- Compression: NULL
- Handshake was completed
- Simple Client Mode:
Reordering Issuing CA certs, so the new CA will be the first...
zito at bobek:~$ grep ICZ /etc/ca-certificates.conf
local/ICZ-Issuing-CA-1.crt
local/ICZ-Issuing-CA.crt
local/ICZ-Root-CA.crt
zito at bobek:~$ sudo update-ca-certificates
Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d....
updating keystore /etc/ssl/certs/java/cacerts...
done.
done.
Connection to a server with a cert issued by the new CA:
zito at bobek:~$ gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt -p 636 foo.i.cz
Processed 146 CA certificate(s).
Resolving 'foo.i.cz'...
Connecting to '10.0.0.2:636'...
- Successfully sent 0 certificate(s) to server.
- Server has requested a certificate.
- Certificate type: X.509
- Got a certificate list of 2 certificates.
- Certificate[0] info:
- subject `C=CZ,ST=Czech Republic,L=Prague,O=ICZ a.s.,CN=foo.i.cz', issuer `C=CZ,O=ICZ a.s.,CN=ICZ Issuing CA', RSA key 2048 bits, signed using RSA-SHA, activated `2010-12-17 15:10:36 UTC', expires `2011-12-17 15:10:36 UTC', SHA-1 fingerprint `b92db94bb3386f9906c154879a2b6c6390e3a5af'
- Certificate[1] info:
- subject `C=CZ,O=ICZ a.s.,CN=ICZ Issuing CA', issuer `C=CZ,O=ICZ a.s.,CN=ICZ Root CA', RSA key 2048 bits, signed using RSA-SHA, activated `2010-10-15 11:06:03 UTC', expires `2014-10-15 11:16:03 UTC', SHA-1 fingerprint `b95fb82d16fe06c316465ac087b335ad3d938e99'
- The hostname in the certificate matches 'foo.i.cz'.
- Peer's certificate is trusted
- Version: TLS1.0
- Key Exchange: RSA
- Cipher: ARCFOUR-128
- MAC: MD5
- Compression: NULL
- Handshake was completed
- Simple Client Mode:
Connection to a server with a cert issued by the old CA:
zito at bobek:~$ gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt bar.i.cz
Processed 146 CA certificate(s).
Resolving 'bar.i.cz'...
Connecting to '10.0.0.1:443'...
- Ephemeral Diffie-Hellman parameters
- Using prime: 1024 bits
- Secret key: 1022 bits
- Peer's public key: 1022 bits
- Certificate type: X.509
- Got a certificate list of 4 certificates.
- Certificate[0] info:
- subject `C=CZ,O=ICZ a.s.,OU=Machines,CN=bar.i.cz', issuer `C=CZ,O=ICZ a.s.,CN=ICZ Issuing CA', RSA key 1024 bits, signed using RSA-SHA, activated `2010-08-16 08:59:50 UTC', expires `2011-08-16 08:59:50 UTC', SHA-1 fingerprint `5a1d9f505fdc80e46b3e6594b1eed80a3b95a523'
- Certificate[1] info:
- subject `C=CZ,O=ICZ a.s.,CN=ICZ Root CA', issuer `C=CZ,O=ICZ a.s.,CN=ICZ Root CA', RSA key 2048 bits, signed using RSA-SHA, activated `2007-10-16 08:06:26 UTC', expires `2014-10-16 08:15:03 UTC', SHA-1 fingerprint `ea02ef9e4bc20f822a9bd2adb4dc263749f89241'
- Certificate[2] info:
- subject `C=CZ,O=ICZ a.s.,CN=ICZ Issuing CA', issuer `C=CZ,O=ICZ a.s.,CN=ICZ Root CA', RSA key 2048 bits, signed using RSA-SHA, activated `2007-10-16 12:05:52 UTC', expires `2011-10-16 12:15:52 UTC', SHA-1 fingerprint `daa9c584ba23020fc9c3d266a2ba65d739e9f5f4'
- Certificate[3] info:
- subject `C=CZ,O=ICZ a.s.,CN=ICZ Issuing CA', issuer `C=CZ,O=ICZ a.s.,CN=ICZ Root CA', RSA key 2048 bits, signed using RSA-SHA, activated `2010-10-15 11:06:03 UTC', expires `2014-10-15 11:16:03 UTC', SHA-1 fingerprint `b95fb82d16fe06c316465ac087b335ad3d938e99'
- The hostname in the certificate matches 'bar.i.cz'.
- Peer's certificate is NOT trusted
- Version: TLS1.0
- Key Exchange: DHE-RSA
- Cipher: AES-128-CBC
- MAC: SHA1
- Compression: NULL
*** Verifying server certificate failed...
Hostnames and IP addresses was substituted...
As you can see the reordering of CA certificates can't work.
Openssl s_client handles this situation correctly.
Best Regards
--
Zito
-- System Information:
Debian Release: 6.0
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=cs_CZ.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libgnutls26 depends on:
ii libc6 2.11.2-7 Embedded GNU C Library: Shared lib
ii libgcrypt11 1.4.5-2 LGPL Crypto library - runtime libr
ii libtasn1-3 2.7-1 Manage ASN.1 structures (runtime)
ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime
libgnutls26 recommends no packages.
Versions of packages libgnutls26 suggests:
ii gnutls-bin 2.8.6-1 the GNU TLS library - commandline
-- no debconf information
More information about the Pkg-gnutls-maint
mailing list