[erlang-questions] SSL Out of Order Cert Chain Question (9.2)

Fri Nov 8 21:45:52 CET 2019

Oh this is wonderful news!! Glad you were able to identify the code not reached !!

Deeply appreciate your support and expertise!

Best,
Curtis

Sent from ProtonMail Mobile

On Fri, Nov 8, 2019 at 12:15 PM, Ingela Andin <ingela.andin@REDACTED> wrote:

> Hi!
>
> I think I am on to the problem, we have only  whitebox tested the unorded chain functionality (we intend to create a blackbox but that is a bigger job as we need to find some introp software that can create such chains or create a simulation modle),
> so I am positive  I found that we do not reach the code for sorting the chain.  I will try to fix it next week. It is easier now that I at least I got a server that I can manually blackbox  test with :)
>
> Regards Ingela Erlang/OTP Team - Ericsson AB
>
> Den tors 7 nov. 2019 kl 20:53 skrev Ingela Andin <ingela.andin@REDACTED>:
>
>> Hi!
>>
>> Den tors 7 nov. 2019 kl 19:35 skrev Michael Viveros <michaelviveros@REDACTED>:
>>
>>> Hi Ingela,
>>>
>>> Curtis' example server from his first message, hooks.glip.com, presents its certificates out-of-order. The correct order is Peer -> Intermediate CA 1 - > Intermediate CA 2 -> Root CA but they get presented as Peer -> Root CA -> Intermediate CA 2 -> Intermediate CA 1 and this returns the "Unknown CA" error. You can confirm this by running `openssl s_client -connect hooks.glip.com:443`.
>>
>> Yes I agree that this is an out of order chain, in contrast to the social.fluffel.io.   I will look into it at work tomorrow.
>>
>> Regards Ingela Erlang/OTP Team - Ericsson AB
>>
>>> On Thu, Nov 7, 2019 at 1:23 PM Curtis J Schofield <curtis@REDACTED> wrote:
>>>
>>>> Hi Ingela
>>>>
>>>> Thank you for your attention- perhaps Micheal can explain this better..
>>>>
>>>> Sent from ProtonMail Mobile
>>>>
>>>> On Thu, Nov 7, 2019 at 6:55 AM, Ingela Andin <ingela.andin@REDACTED> wrote:
>>>>
>>>>> Hi!
>>>>>
>>>>> I tried this out and it is not out of order, it sends the peer cert followed by the intermediate cert repeated, that is the chain looks like [Peer, CA1, CA1].
>>>>> Looking at TLS-1.3 RFC it looks like extra certs should ignored too, so I suppose we need to add that.
>>>>>
>>>>> Regards Ingela Erlang/OTP team - Ericsson AB
>>>>>
>>>>> Den lör 2 nov. 2019 kl 15:24 skrev Mark Reynolds <beastie@REDACTED>:
>>>>>
>>>>>> Hey,
>>>>>>
>>>>>> I confirm that out of order certs does not seems to be fixed, and it fails with 'Unknown CA' error:
>>>>>>
>>>>>> iex(2)> :hackney.get("https://social.fluffel.io")
>>>>>> {:error,
>>>>>> {:tls_alert, {:unknown_ca, 'received CLIENT ALERT: Fatal - Unknown CA'}}}
>>>>>>
>>>>>> the only issue with this server TLS certificates is the chain order (CA is Letsencrypt): https://www.ssllabs.com/ssltest/analyze.html?d=social.fluffel.io
>>>>>>
>>>>>> On Sat, Nov 2, 2019, at 01:12, Curtis J Schofield wrote:
>>>>>>
>>>>>>> Hi!
>>>>>>>
>>>>>>> Just curious if there is an update on out of order certs.
>>>>>>>
>>>>>>> The example has id0, id1, id2, id3  certs with id1 being the natural
>>>>>>> root of id2 who is the root of id3, who is the root of id0.
>>>>>>>
>>>>>>> We can correct the out of order problem by including id1,id2,id3 certs
>>>>>>> in our chain.
>>>>>>>
>>>>>>> It would be nice to hear from the erlang maintainers around what kind of
>>>>>>> "out of order" erlang can handle nicely and if there is planned support for
>>>>>>> our case!
>>>>>>>
>>>>>>> Thank you again,
>>>>>>>
>>>>>>> Curtis.
>>>>>>>
>>>>>>> Sent through [ProtonMail](https://protonmail.com) Encrypted Email Channel.
>>>>>>>
>>>>>>> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
>>>>>>> On Saturday, October 19, 2019 4:34 PM, Curtis J Schofield <curtis@REDACTED> wrote:
>>>>>>>
>>>>>>>> Hi! Thank you.
>>>>>>>>
>>>>>>>> I included the root cert in the example. The root cert is id1 in cert chain - this is evident in the other file.
>>>>>>>>
>>>>>>>> It seems because the root cert is out of order - the cert chain is invalid - IIRC this may be true for tls1.2 - however the negotiation is at TLS1.2
>>>>>>>>
>>>>>>>> Thank you for your consideration!
>>>>>>>>
>>>>>>>> Sent from ProtonMail Mobile
>>>>>>>>
>>>>>>>> On Sat, Oct 19, 2019 at 10:51 AM, Ingela Andin <ingela.andin@REDACTED> wrote:
>>>>>>>>
>>>>>>>>> Hi!
>>>>>>>>>
>>>>>>>>> "Unknown CA"  means that you did not have the ROOT certificate of the chian in your   "trusted store" (cacerts option).
>>>>>>>>> If you do not own the ROOT certificate you can not trust the chain.
>>>>>>>>>
>>>>>>>>> Regards Ingela Erlang/OTP Team - Ericsson AB
>>>>>>>>>
>>>>>>>>> Den fre 18 okt. 2019 kl 21:52 skrev Curtis J Schofield <curtis@REDACTED>:
>>>>>>>>>
>>>>>>>>>> Dear Erlang Questions:
>>>>>>>>>>
>>>>>>>>>> SSL 9.0.2 mentions a patch to fix out of order cert chains
>>>>>>>>>>
>>>>>>>>>> In SSL 9.2 we have a root CA and an out of order cert chain
>>>>>>>>>> for host hooks.glip.com.
>>>>>>>>>>
>>>>>>>>>> When we try to verify peer with the out of order cert
>>>>>>>>>> chain we get 'Unknown CA'.
>>>>>>>>>>
>>>>>>>>>> Is this expected behaviour for Erlang SSL 9.2 with verify_peer ?
>>>>>>>>>>
>>>>>>>>>> The http://erlang.org/doc/apps/ssl/notes.html#ssl-9.0.2 notes
>>>>>>>>>> mention that other care may need to be taken to ensure compatibility.
>>>>>>>>>>
>>>>>>>>>> Reproduce error:
>>>>>>>>>>
>>>>>>>>>> https://github.com/robotarmy/out-of-order-ssl
>>>>>>>>>>
>>>>>>>>>> Thank you,
>>>>>>>>>> Curtis and Team DevEco
>>>>>>>>>>
>>>>>>>>>> Sent through ProtonMail Encrypted Email Channel.
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> erlang-questions mailing list
>>>>>>>>>> erlang-questions@REDACTED
>>>>>>>>>> http://erlang.org/mailman/listinfo/erlang-questions
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20191108/a56e58b7/attachment.htm>