1

I have a SSL client/server application.

My SSL client has only one root certificate authority (lets call it rootCA1) configured in its trust store.
However my ssl server produces a certificate that is signed by an intermediate CA (lets call it interCA1).
The intermediate CA has its certificate (lets call it deviceCert) signed by rootCA1 (which the client trusts). The SSL server produces the certificates of interCA1 as well as rootCA1 along with deviceCert during ssl hello.

Now openssl rejects such a connection at the client side.

Openssl should be able to establish the chain of trust by looking at
deviceCert--signed by-->interCA1--signed by-->rootCA1

Since it trusts rootCA1 and the chain of trust can be seen in my understanding.

So why does it fail? why is it required to have intermediate CA's cofigured in client's trust store?

Improve this question
3
  • "Why is it required to have intermediate CA'" - The entire chain must be trusted for the certificate to be trusted. Just trusting the root CA isn't enough.
    – Ramhound
    Commented Jan 30, 2018 at 15:23
  • My assumption was since you trust root CA, you can trust all parties that are certified by a party certified by root CA, maybe my assumption is naive.
    – Keshava
    Commented Jan 30, 2018 at 16:17
  • @Keshava: if the server provides both server and chain certificates the the client can verify the full trust chain until the local root CA. If the servers does not provide the chain certificates the client cannot build the local trust chain since it does not know the missing certificates of the chain. Note that the server should not provide the root CA in the TLS handshake and that the certificates need to be in the right order.
    – Steffen Ullrich
    Commented Jan 30, 2018 at 16:56

1 Answer 1

Reset to default
-2

I think the reason for having all intermeidiate CA's certificate configured is as follows.

Lets for argument sake assume that it is only necessary to have only root CA's certificate in trust chain.
Client can then trust all certificates signed by root CA as well as any other intermeidate CA whose certificate is singed by root CA (or signed by any other intermediate CA who bear a certificate signed by root CA).

Now if the private key of the intermediate CA is compromised for some reason, then this would be a problem.

So by configuring the intermediate CAs in trust store the client declares that it trust certificates signed by it and its private key is not compromised.

Of course there CRLs, but that’s a sub topic

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .