"Manual" certificate checking
Phil Mayers
p.mayers at imperial.ac.uk
Mon Jul 9 14:38:11 CEST 2012
On 09/07/12 13:27, Sven Dreyer wrote:
> Am 09.07.2012 14:18, schrieb Phil Mayers:
>>> - The phones have the Sub CA certificate locally installed as
>>> "trustworthy" (NOT the Root CA certificate!)
>>> - The RADIUS server must only send its server certificate (not the whole
>>> chain)
>>
>> Why?
>
> Not my decision - our customer said something like "that's the way it
> works in our network". I suggested to send the whole chain, but their
> answer was like "no RFC forces anyone to send the whole chain, so it
> must work that way".
RFC 2246, section 7.4.2 says:
certificate_list
This is a sequence (chain) of X.509v3 certificates. The sender's
certificate must come first in the list. Each following
certificate must directly certify the one preceding it. Because
certificate validation requires that root keys be distributed
independently, the self-signed certificate which specifies the
root certificate authority may optionally be omitted from the
chain, under the assumption that the remote end must already
possess it in order to validate it in any case.
This intent of this paragraph seems plain. Send the server cert,
followed by all intermediate certs, followed optionally by the root CA cert.
Unfortunately, 2246 does not make use of RFC 2119 language to indicate
this is mandatory in the usual way, and this text remains unchanged in
4346 (TLS 1.1); however it was updated in 5246 (TLS 1.2), and the
wording is far clearer.
In short, my reading of the TLS RFCs suggests that sending the server
and all intermediate certs is mandatory.
Clearly the OpenSSL authors agree. But "the customer is always right" ;o)
More information about the Freeradius-Users
mailing list