[Bug]: openssl s_client fails with "unable to get issuer certificate"

Question

[Bug]: openssl s_client fails with "unable to get issuer certificate"

cowwoc opened this issue 3 months ago · 2 comments

cowwoc commented 3 months ago

Steps to Reproduce

type root_ca.pem intermediate_ca.pem >combined.pem
openssl s_client -host localhost -port 307 -showcerts -CAfile combined_ca.pem

Meaning, in my case ca-step is running on localhost:307 and the above command asks openssl to verify its certificate.

Your Environment

OS - Microsoft Windows [Version 10.0.19045.4894]
step-ca Version -

Smallstep CLI/0.27.4 (windows/amd64)
Release Date: 2024-09-13T17:37:59Z

Expected Behavior

openssl should accept the certificate chain

Actual Behavior

openssl s_client returns:

Connecting to 127.0.0.1
CONNECTED(000001D4)
Can't use SSL_get_servername
depth=1 O=step-ca, CN=step-ca Intermediate CA
verify error:num=2:unable to get issuer certificate
issuer= O=step-ca, CN=step-ca Root CA
verify return:1
depth=0 CN=Step Online CA
issuer= O=step-ca, CN=step-ca Intermediate CA
verify return:1
---
Certificate chain
 0 s:CN=Step Online CA
   i:O=step-ca, CN=step-ca Intermediate CA
   a:PKEY: id-ecPublicKey, 256 (bit); sigalg: ecdsa-with-SHA256
   v:NotBefore: Oct  8 09:40:58 2024 GMT; NotAfter: Oct  9 09:41:58 2024 GMT
-----BEGIN CERTIFICATE-----
MIIB0DCCAXagAwIBAgIRAI5VlMtA3EXhVvJSmv/Q6IUwCgYIKoZIzj0EAwIwNDEQ
MA4GA1UEChMHc3RlcC1jYTEgMB4GA1UEAxMXc3RlcC1jYSBJbnRlcm1lZGlhdGUg
Q0EwHhcNMjQxMDA4MDk0MDU4WhcNMjQxMDA5MDk0MTU4WjAZMRcwFQYDVQQDEw5T
dGVwIE9ubGluZSBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDSdN9zig0ZA
ObO9LSpUX2lc1Ppt+a+MRJRVqREDiAq9OUlHCiq9/LS+HQHYtLKyJUkl6o1x2wxz
60JOTjfPddyjgYMwgYAwDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUlw2UlGKKrOFQP0ghKOPWLvrx1o4wHwYD
VR0jBBgwFoAU5dh7qewSawm7EGI8hxuEkUfwHMAwDwYDVR0RBAgwBocEfwAAATAK
BggqhkjOPQQDAgNIADBFAiEAhCxjgewkEcywiDT1RY/+BZk+DgW9xQGcyMr7/DU8
5AYCIClNduAsxurB6s2OhSlYE+n/GY++I5FHT3a9RP09gyZG
-----END CERTIFICATE-----
 1 s:O=step-ca, CN=step-ca Intermediate CA
   i:O=step-ca, CN=step-ca Root CA
   a:PKEY: id-ecPublicKey, 256 (bit); sigalg: ecdsa-with-SHA256
   v:NotBefore: Oct  8 09:41:15 2024 GMT; NotAfter: Oct  6 09:41:15 2034 GMT
-----BEGIN CERTIFICATE-----
MIIBxDCCAWugAwIBAgIRAJW2OMN8HrIqilbRT7KchYEwCgYIKoZIzj0EAwIwLDEQ
MA4GA1UEChMHc3RlcC1jYTEYMBYGA1UEAxMPc3RlcC1jYSBSb290IENBMB4XDTI0
MTAwODA5NDExNVoXDTM0MTAwNjA5NDExNVowNDEQMA4GA1UEChMHc3RlcC1jYTEg
MB4GA1UEAxMXc3RlcC1jYSBJbnRlcm1lZGlhdGUgQ0EwWTATBgcqhkjOPQIBBggq
hkjOPQMBBwNCAARW5Ox3nl4KzhVPL1ob+Gz6AZhu+PJfWvSu0owKI+0LXAYfwpQ0
gQyUVLcDmq6DwaHqdSRz6jlFEtPP/4RdJjUXo2YwZDAOBgNVHQ8BAf8EBAMCAQYw
EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU5dh7qewSawm7EGI8hxuEkUfw
HMAwHwYDVR0jBBgwFoAUBTFzky2TBNZSwS4o3pZo8WjwXskwCgYIKoZIzj0EAwID
RwAwRAIgTvZN4wuXJ1vBTs4W4HX7jn3nQuDkQ1DNyti0R6zg4zACIDEJyTmnW7Q/
qZgBz/oNUrZyAvTWSv6GY/3zEzkq+e2K
-----END CERTIFICATE-----
---
Server certificate
subject=CN=Step Online CA
issuer=O=step-ca, CN=step-ca Intermediate CA
---
Acceptable client certificate CA names
O=step-ca, CN=step-ca Root CA
O=step-ca, CN=step-ca Intermediate CA
Requested Signature Algorithms: RSA-PSS+SHA256:ECDSA+SHA256:Ed25519:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA384:ECDSA+SHA512:RSA+SHA1:ECDSA+SHA1
Shared Requested Signature Algorithms: RSA-PSS+SHA256:ECDSA+SHA256:Ed25519:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA384:ECDSA+SHA512
Peer signing digest: SHA256
Peer signature type: ECDSA
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 1462 bytes and written 393 bytes
Verification error: unable to get issuer certificate
---
New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256
Server public key is 256 bit
This TLS version forbids renegotiation.
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 2 (unable to get issuer certificate)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_128_GCM_SHA256
    Session-ID: 0530DF6D3C80882ED8167BA5100D31121C5211F2E27864B671685B2FE44C612F
    Session-ID-ctx: 
    Resumption PSK: 939E5DF7FE015D4EA11012BD63566C41E42F1954C114026D29106B12ADEEFEDA
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 604800 (seconds)
    TLS session ticket:
    0000 - 08 fd 75 e5 f3 b3 6d d8-8f 07 75 be 59 7f 3d 30   ..u...m...u.Y.=0
    0010 - 2e 02 78 1d 36 0c d8 03-e8 b2 3a 0d 15 f8 bf f3   ..x.6.....:.....
    0020 - 2f 74 0d 47 16 c2 84 2d-e8 4e 18 b6 52 da ff 4f   /t.G...-.N..R..O
    0030 - 3a 16 e7 28 fe 5c 21 d0-c2 f5 ec 29 43 c6 99 06   :..(.\!....)C...
    0040 - 84 68 1d 38 a5 ca 51 48-9a bd c9 af 37 76 bd 72   .h.8..QH....7v.r
    0050 - e1 f1 cf 88 a6 3a cb 87-1c 24 3d e2 f2 d7 6e ca   .....:...$=...n.
    0060 - 2c ce 67 78 e3 71 3a 95-54                        ,.gx.q:.T

    Start Time: 1728384049
    Timeout   : 7200 (sec)
    Verify return code: 2 (unable to get issuer certificate)
    Extended master secret: no
    Max Early Data: 0
---
read R BLOCK
closed

Additional Context

No response

Contributing

Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

Answer 1 · 2024-10-08T11:22:18.000Z

What happens if you only supply the root with -CAfile root_ca.pem? Ensure you're using the right root CA certificate. There should be no need to combine the root and intermediate, as the server will send the leaf and intermediate, as a sane web server should do.

Answer 2 · 2024-10-08T15:05:01.000Z

Wow. That's unexpected :) Using -CAfile root_ca.pem (omitting the intermediate certificate) worked. Thank you for your help.