4 Replies Latest reply: Aug 22, 2011 7:59 PM by Arshad Noor RSS

    Role of certificate chain for client certificate authentication

    880541
      Hello.

      I have a two server setup where the two servers communicate with each other over SSL. The SSL connection requires mutual authentication.

      The SSL handshake happens successfully if both the server certificates have Server Authentication & Client Authentication in their Key Usage. However, if one of the server certificates has only Server Authentication as its Key Usage then the other server rejects this certificate with an error. This is expected.

      The puzzling behavior is that if I use a certificate that is set for Server Authentication only but with its full certificate chain containing all intermediate & root CA certificates, the same certificate is accepted as a valid client certificate by the other server.

      Is there a difference in the validation mechanism for client certificates if the full chain of the client certificate is present?

      Thank You.
        • 1. Re: Role of certificate chain for client certificate authentication
          830591
          What's you JSSE provider? Can you past the exception stack? What's you Java release in client and server side?
          • 2. Re: Role of certificate chain for client certificate authentication
            Arshad Noor
            When the mutual authentication works (i.e. when both certs have ServerAuth and ClientAuth set in the KU extension), do you have the certificate-chain in the truststores? Are the certs with ServerAuth and ClientAuth self-signed certificates? Can you post the PEM-encoded certs that work without the cert-chain, the one that works with the cert-chain (I'm assuming this is the same one that does not work without the cert-chain).

            Arshad Noor
            StrongAuth, Inc.
            • 3. Re: Role of certificate chain for client certificate authentication
              880541
              My certificates have a CA hierarchy in their chain. There is a root CA, intermediate CA & the end certificate.

              When the mutual authentication works, I have the root & intermediate CA certificates in the truststore. I was expecting the cert chain to be traversed using the Authority Key Identifier in the end certificate.

              When the end cert does not have the cert chain & ClientAuth in the KU, it appears that the validation algorithm looks for the presence of either of the two & fails if neither of them are present. If any one of them is present, the cert works. Thus, it seems that both these areas (cert chain & ClientAuth) are checked while validating the client certificate with the cert chain being checked first. If the cert chain is present & corresponding CA certs are present in the server truststore, the client cert is accepted even if ClientAuth is not set. If the cert chain is absent but ClientAuth is set, then the cert chain is traversed using the Authority Key Identifier & the client cert is accepted if the CA certs are successfully traversed from the server truststore. Is this the case ?

              Yes, the cert that works with & without the cert-chain is the same cert. Only difference being the presence of the cert-chain.
              • 4. Re: Role of certificate chain for client certificate authentication
                Arshad Noor
                This is getting a little confusing; lets try to get some housekeeping straight before we try to figure this out:

                1) The keyUsage (KU) extension will NOT have a ClientAuth or ServerAuth bit; only the extendedKeyUsage (EKU) extension has that; are you referring to the EKU when you say ClientAuth and ServerAuth, or are you deducing the values (ClientAuth and ServerAuth) from the digitalSignature bit in the KU extension and the role of the machine?

                2) In order for SSL Mutual Authentication (also called SSL ClientAuth colloquially) to work, you MUST have the cert-chain (except the end-entity cert) on the Server side, and you MUST have the Root CA of the cert-chain on the Client side within their trust-stores. Without this, SSL ClientAuth cannot work, as cert-chain validation cannot be performed.

                Finally, it will be helpful to post the PEM-encoded certificates of the Root and Subordinate CAs, and the client and server certificates, so they can be referred to in the discussion. Otherwise, its all very abstract, causing more confusion to a third-person trying to learn from this thread.

                Arshad Noor
                StrongAuth, Inc.