<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div class="">So, I have a question about how to configure an Erlang endpoint to actually _send_ a complete certificate chain (or the chain minus the root cert, as I just consider that an optimization).</div><div class=""><br class=""></div><div class="">Specifically, the docs state that a (client or server) certificate is specified via:</div><div class=""><br class=""></div><blockquote style="margin: 0 0 0 40px; border: none; padding: 0px;" class=""><div class=""><font face="Menlo" class="">{cert, public_key:der_encoded()} |</font></div><div class=""><font face="Menlo" class="">{certfile, path()}</font></div></blockquote><div class=""><br class=""></div><div class="">where <span style="color: rgb(26, 26, 26); font-family: mono, Courier, monospace; font-size: 16px; background-color: rgb(243, 243, 243);" class="">public_key:der_encoded()</span> is a <span style="color: rgb(26, 26, 26); font-family: mono, Courier, monospace; font-size: 16px; background-color: rgb(243, 243, 243);" class="">binary()</span>.</div><div class=""><br class=""></div><div class="">Looking at the source code, <font face="Monaco" class="">certfile</font> may indeed contain a catenation of PEM certificates. However, it appears that only the first is used as <font face="Menlo" class="">OwnCert</font>, and the rest are discarded (at least when specified via a file), e.g.,</div><div class=""><br class=""></div><div class=""><a href="https://github.com/erlang/otp/blob/OTP-20.3.1/lib/ssl/src/ssl_config.erl#L78" class="">https://github.com/erlang/otp/blob/OTP-20.3.1/lib/ssl/src/ssl_config.erl#L78</a></div><div class=""><a href="https://github.com/erlang/otp/blob/OTP-20.3.1/lib/ssl/src/ssl_config.erl#L86" class="">https://github.com/erlang/otp/blob/OTP-20.3.1/lib/ssl/src/ssl_config.erl#L86</a></div><div class=""><br class=""></div><div class="">The spec in the docs say that the cert parameter over-rides the certfile, but the type spec for cert is a binary, not a list of binaries. (I don't know if the OTP build enforces dialyzer specs)</div><div class=""><br class=""></div><div class="">With a CA hierarchy like:</div><div class=""><br class=""></div><blockquote style="margin: 0 0 0 40px; border: none; padding: 0px;" class=""><div class=""><font face="Menlo" class="">CA</font></div><div class=""><font face="Menlo" class="">+- ICA1</font></div><div class=""><font face="Menlo" class=""> +- ICA2</font></div><div class=""><font face="Menlo" class=""> +- peer1</font></div><div class=""><div class=""><font face="Menlo" class=""> +- peer2</font></div></div><div class=""><font face="Menlo" class=""> ...</font></div></blockquote><div class=""><br class=""></div><div class="">I would like the server to send the client (as part of the handshake) the following certificate chain:</div><div class=""><br class=""></div><blockquote style="margin: 0 0 0 40px; border: none; padding: 0px;" class=""><div class=""><font face="Menlo" class="">peer1, ICA2, ICA1 [, CA]</font></div></blockquote><div class=""><br class=""></div><div class="">But in my experiments, I can only get the server to send peer1.</div><div class=""><br class=""></div><div class="">(I am specifically interested in server behavior, but also generally interested in client behavior, as well.)</div><div class=""><br class=""></div><div class="">Note that the only guarantee I have about my peer is that CA is a trusted CA; the SSL peer may have no knowledge of ICA2 or ICA1.</div><div class=""><br class=""></div><div class="">Thoughts?</div><div class=""><br class=""></div><div class="">-Fred</div><div class=""><br class=""></div><br class=""><div><blockquote type="cite" class=""><div class="">On Feb 23, 2018, at 8:53 AM, Ingela Andin <<a href="mailto:ingela.andin@gmail.com" class="">ingela.andin@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div style="font-family: Verdana; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><div class="gmail_extra"><div class="gmail_quote"><div class="">That breaks the TLS protocol. The peer in either direction should send the whole certificate chain with the exception of the ROOT certificate that is optional as the peer has to own it to be able to verify it.<br class=""></div><div class=""><br class=""></div></div></div></div></div></blockquote></div><br class=""></body></html>