mosquitto

Certificate Chain support missing

Bug #1189444 reported by Aki Tuomi on 2013-06-10

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	mosquitto	Fix Released	Undecided	Unassigned	mosquitto 1.2

Bug Description

Our PKI uses industry standard

Root CA
|
|
Intermediate CA
|
|
Actual certificate

but there is no way to configure this intermediate CA for mosquitto. This is usually done using
SSL_CTX_use_certificate_chain_file() method (OpenSSL library example) so that the server can hint the clients about how to reach root via intermediate. Perhaps you could consider adding chain option so that the server certificate would be verifiable by clients?

Steps to reproduce:
1. obtain certificate from some PKI using intermediate CAs
2. configure mosquitto to use
3. run openssl s_client -c server:8883 -CAfile /path/to/root.crt
4. you should get error message about not being able to verify certificate

Revision history for this message

Roger Light (roger.light) wrote on 2013-06-10:

Thanks for the report, I'll have a look at it later.

Changed in mosquitto:
milestone:	none → 1.2
status:	New → Confirmed

Revision history for this message

Roger Light (roger.light) wrote on 2013-06-14:

ssl.zip Edit (5.1 KiB, application/zip)

I've attached a zip file containing files that I've used to try to reproduce this problem.

If you unzip and run gen.sh (answering "y" to everything) a root CA, intermediate CA and signing CA will be generated, along with a server certificate signed by the signing CA.

There are three config files, two of which work and one, cafile-fail.conf, fails. It still fails if I use SSL_CTX_use_certificate_chain_file() because the intermediate and root certificates are not loaded at all.

Does this match what you are seeing?

Revision history for this message

Aki Tuomi (cmouse-desteem) wrote on 2013-06-15:

The usual way this is done, f.ex. in Apache, is that you use the CHAIN file to contain the intermediate cert, so that it can provide a path from leaf cert to root cert. SSL_CTX_use_certificate_chain_file() should be provided with the intermediate cert(s) in correct order. Would have to check some documentation somewhere whether it was from root or leaf up. The actual root certificate is not required to be on the chain file.

Revision history for this message

Roger Light (roger.light) wrote on 2013-06-22:

I have changed the SSL_CTX_use_certificate_file() calls to SSL_CTX_use_certificate_chain_file(), but wasn't able to reproduce the failure you were seeing before the change was made.

If you generate the certificates using the gen.sh script in the attachment, but modify the line

cat test-signing-ca.crt test-inter-ca.crt test-root-ca.crt > all.crt

cat test-signing-ca.crt test-inter-ca.crt > all.crt

(i.e. no root certificate), then using "mosquitto -c cafile-ok.conf" matches the scenario you describe in comment #4. This doesn't result in verification failure for me. If you can describe how what you are doing is different, then I may be able to reproduce the problem.