Firefox says certificate is untrusted even though the certificate chain is good - firefox

HTTPS for https://www.bigfont.ca is working in Chrome, Internet Explorer, and Safari but not in Firefox. It also passes all the tests at this SSL Checkers. Firefox says:
An error occurred during a connection to www.bigfont.ca.
Peer's certificate has been marked as not trusted by the user.
(Error code: sec_error_untrusted_cert)
This is a known situation with Firefox. We looked at the StartSSL FAQ and the advice is:
You must add the intermediate CA certificate to your installation.
We are using SmartSSL and OpenSSL to create an SSL Certificate. So, we added the intermediate CA certificate by following Troy Hunt's tutorial and ran this command to create the PFX.
OpenSSL> pkcs12 -export -in bigfont.ca.crt -inkey bigfont.ca-encrypted.key
-certfile sub.class1.server.ca.pem -out bigfont.ca.pfx -password pass:my-password
We uploaded the resultant bigfont.ca.pfx file to at the Azure Website's Config page.
To test further, we ran openssl s_client -servername www.bigfont.ca -connect www.bigfont.ca:443 -showcerts. The results show that the certificate chain is working well.
depth=1 C = IL,
O = StartCom Ltd.,
OU = Secure Digital Certificate Signing,
CN = StartCom Class 1 Primary Intermediate Server CA
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:
/description=T8eg9X1a04Scp3hM
/C=CA
/CN=www.bigfont.ca
/emailAddress=shaunluttin#bigfont.ca
i:
/C=IL
/O=StartCom Ltd.
/OU=Secure Digital Certificate Signing
/CN=StartCom Class 1 Primary Intermediate Server CA
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
1 s:
/C=IL
/O=StartCom Ltd.
/OU=Secure Digital Certificate Signing
/CN=StartCom Class 1 Primary Intermediate Server CA
i:
/C=IL
/O=StartCom Ltd.
/OU=Secure Digital Certificate Signing
/CN=StartCom Certification Authority
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
---
Server certificate
subject=
/description=T8eg9X1a04Scp3hM
/C=CA
/CN=www.bigfont.ca
/emailAddress=shaunluttin#bigfont.ca
issuer=
/C=IL
/O=StartCom Ltd.
/OU=Secure Digital Certificate Signing
/CN=StartCom Class 1 Primary Intermediate Server CA
---
No client certificate CA names sent
---
SSL handshake has read 3369 bytes and written 547 bytes
---
New, TLSv1/SSLv3, Cipher is RC4-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : RC4-SHA
Session-ID: 6E1F00009...FDD7B7BF7B7
Session-ID-ctx:
Master-Key: 2FA3C020A506198C1319081F9E023D35...5AEB01985323AADCF9
Key-Arg : None
PSK identity: None
PSK identity hint: None
Start Time: 1413947020
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
---
read:errno=10054
If the chain is working, why does Firefox complain?

Solution
Reset Firefox to its default state.
Firefox
Help
Troubleshooting Information
Reset Firefox
Details
The problem turned out to be related to the cert8.db file that stores the Firefox certificates. Find it here:
Firefox
Help
Troubleshooting Information
Application Basics
Profile Folder
Show Folder
The problem was probably that we messed with Firefox's Authorities Certificate for StartCom. We probably did this while muddling thru the process of restoring our StartSSL Client Authentication certificate.
Your Certificates (Client Authentication)
Authorities
We probably accidentally messed with these, thereby making Firefox not trust StartCom.

It wasn't relevant when the question was asked, but it is worth mentioning now.
A lot of browsers has stopped trusting StartCom.
The previous answers might still help with similar problems for other issuers than StartCom.
But if you are still using StartCom, you might want to switch to https://letsencrypt.org

Deleting the CA certificate and importing it again did the trick for me.

Related

SelfSignedCertificate not accepted in MS Edge (Win 10)

To get Edge to trust the localhost development server, I created a selfsigned certificate following this tutorial. I just replaced all instances of client-1.local by localhost.
So in short, I created a trusted authority by creating a .pem-file with the commands
openssl genrsa -des3 -out rootSSL.key 2048
and then
openssl req -x509 -new -nodes -key rootSSL.key -sha256 -days 1024 -out rootSSL.pem
and imported those into the trusted authorities store in the MMC.
Then I created a private key with
openssl req -new -sha256 -nodes -out localhost.csr -newkey rsa:2048 -keyout localhost.key -subj "/C=AU/ST=NSW/L=Sydney/O=Client One/OU=Dev/CN=localhost/emailAddress=local#local.com"
and a certificate with
openssl x509 -req -in localhost.csr -CA rootSSL.pem -CAkey rootSSL.key -CAcreateserial -out localhost.crt -days 50000 -sha256 -extensions "authorityKeyIdentifier=keyid,issuer\n basicConstraints=CA:FALSE\n keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment\n subjectAltName=DNA:localhost"
The certificate shows up as valid when double clicking on it.
For the exception I need to import the certificate into the browsers. For Firefox I got at first the error
You do not own the private key for the certificate
So I created a PKCS12 file
openssl pkcs12 -export -inkey ./sample.key -in ./sample.crt -out ./sample.p12
and imported that one in Firefox under "My Certificates". That works, I host with ng serve "ssl/localhost.crt" and Firefox with the imported .p12 accepts my localhost. Now for MS Edge it still complains, my certificate is not valid.
I also tried .pfx-merging, but no change. I also read the certificates should not be installed under My Certificates but as Authorities. That sounds wrong to me but I tried it and imported both the .crt and the .p12 into Authorities and Root Authorities, because why not, but no change. I also installed the certificate through the Windows Wizard.
What am I missing for MS Edge? I sadly have no way around it.
===== Update =====
Additional information:
Edge does not give any helpful error. Here is an image of the message. It is in German but all it says is the default text "The connection is not secure. The certificate is invalid. Your credit card information might be stolen." If there is some way to get a more informative message for Edge I would be very happy. In the developer console the message is:
This site does not have a valid SSL certificate! Without SSL, your site's and visitors' data is vulnerable to theft and tampering. Get a valid SSL certificate before releasing your website to the public.
The certificate files and the output of openssl x509 -text localhost.crt can be viewed here (password is pass or password, if necessary) and an image of the .crt here. It is sitting in my development folder, I host the site with
ng serve --ssl true --ssl-cert \"ssl/localhost.crt\" --ssl-key \"ssl/localhost.key\"
and access the server locally through localhost:3000.
I imported the .p12 file into edge through manage certificates -> My Certificates -> Import. The result looks like this.
What am I missing for MS Edge? I
The certificate does not contain any subject alternative names, which makes it invalid for Edge and Chrome. There is an attempt to specify these information, but the attempt is wrong.
I created a selfsigned certificate following this tutorial.
Looks like this tutorial is broken.
openssl x509 -req ... -extensions "authorityKeyIdentifier ... subjectAltName=DNA:localhost"
The -extension command line option is used to give the name of an extension section in a configuration file and not the extensions itself. Additionally the subjectAltName should be DNS:... not DNA:....
To fix create an extension file my.ext which includes the extensions you want to use:
[myext]
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName=DNS:localhost
Then use this file as extension file with -extfile my.ext and specify the extension to use with -extensions myext:
openssl x509 -req ... -extfile my.ext -extensions myext

Chrome Reject certificate generated by MBEDTLS

I am using mbedtls 2.16.3 .
I use mbedtls library to create two level certificate and use the certificate to set up https communication.
The root certification(also be CA) is a self-signed certificate using ECC secp256r1.
The device certification is signed by the root certificate, and the key algorithm is also ECC secp256r1.
I install the root certification in the OS system and Firefox certification manager.
Chrome will show “Certificate Unknown” after receiving the certificate(The chrome version is 86.0.4240.75)
The wireshark shows as followings:
Wireshark caption
The chrome shows as followings:
NET::ERR_CERT_INVALID
Subject: 10.9.1.67
Issuer: Web Server Root
Expires on: 2021/10/13
Current date: 2020/10/19
PEM encoded chain:
-----BEGIN CERTIFICATE-----
MIIBejCCAR6gAwIBAgISANm85JYVS9N1992FvOfHxhsAMAwGCCqGSM49BAMCBQAw
JzELMAkGA1UEBhMCQ04xGDAWBgNVBAMMD1dlYiBTZXJ2ZXIgUm9vdDAeFw0yMDEw
MTYwMTIzMTdaFw0yMTEwMTMwMjQyNDRaMCExCzAJBgNVBAYTAkNOMRIwEAYDVQQD
DAkxMC45LjEuNjcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATdpywNJKmMvDr2
esvqe9CVhjhQDgzzUo6WhMD91CosNJhkDtkMAbexQkq/je6IQyZABxFkiDMweLWe
uJR3rTbNoy4wLDAPBgNVHREECDAGhwQKCQFDMAkGA1UdEwQCMAAwDgYDVR0PAQH/
BAQDAgOoMAwGCCqGSM49BAMCBQADSAAwRQIgPRgDnfR7NIXfUlvaUyDtsIJDUGV2
BFKf7wxElxfbKDICIQDpVu5Ty9tZznQeuch+5LV0vDqXm6EWg+Viv6w5O59QIg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIBdDCCARigAwIBAgIRfRupqU8vSJw2LfGv1LSuXwAwDAYIKoZIzj0EAwIFADAn
MQswCQYDVQQGEwJDTjEYMBYGA1UEAwwPV2ViIFNlcnZlciBSb290MB4XDTIwMTAx
NjA5MjMxNloXDTQwMTAxNjA5MjMxNlowJzELMAkGA1UEBhMCQ04xGDAWBgNVBAMM
D1dlYiBTZXJ2ZXIgUm9vdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMZaKSeR
hoDgIeVbNkBYY0/n7z4JD+y+bZBXuDsFzYbz4odAe2C3WxpJ7fUw6sOCs1jpy8mv
neV1sRH3KXEXqNOjIzAhMA8GA1UdEwQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgKE
MAwGCCqGSM49BAMCBQADSAAwRQIgPa8BVP5Bt2YLQ3DHEbGsg79nJbtTSAKmAPaa
5NLEIEcCIQCENcnKEdTKV0L/1c3evynH/hP97mid58trLgBRlFU3Dw==
-----END CERTIFICATE-----
But the certification works well on Firefox/Edge.
And if I change the self-signed certificate to RSA 1024, the https connection in Chrome is okay.
There is a very quick fix to this issue.
In function: mbedtls_asn1_write_algorithm_identifier of asn1write.cpp, just delete this line of code:MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_null( p, start ) );

macOS SecureTransport refuses to import a certificate accepted by OpenSSL

I'm trying to fix a failing test in the urllib3 open source Python project.
This test is called test_client_no_intermediate and tries to use a X.509 certificate called client_no_intermediate.pem. The goal is to fail with a "unknown CA" error. The test works as expected with OpenSSL: the import succeeds and the certificate is rejected.
However, on macOS with SecureTransport, the import fails with Import/Export format unsupported.. What's surprising is that it fails consistently on my machine with macOS 10.13.5 and Xcode 9.4.1 but only fails intermittently in continuous integration with macOS 10.12 and XCode 8.3.
Here is the certificate:
-----BEGIN CERTIFICATE-----
MIIC/jCCAmegAwIBAgImFhgDOYh0mJSEggRYaDQ2VjgRdyAwkXmAV2KGITVEhiJw
UmBGKBgwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCRkkxDjAMBgNVBAgMBWR1
bW15MQ4wDAYDVQQKDAVkdW1teTEOMAwGA1UECwwFZHVtbXkxETAPBgNVBAMMCFNu
YWtlT2lsMR8wHQYJKoZIhvcNAQkBFhBkdW1teUB0ZXN0LmxvY2FsMB4XDTE3MDUx
MjE4MzQyNloXDTIxMTIxOTE4MzQyNlowdzELMAkGA1UEBhMCRkkxDjAMBgNVBAgM
BWR1bW15MQ4wDAYDVQQKDAVkdW1teTEOMAwGA1UECwwFZHVtbXkxFzAVBgNVBAMM
DlNuYWtlT2lsQ2xpZW50MR8wHQYJKoZIhvcNAQkBFhBkdW1teUB0ZXN0LmxvY2Fs
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCadkbPLXPfA1bNjgL9F6+rVLs3
uZdbXemHf1oKkT4q9uruZTQCTDFvvWHq32r6G8KV7MASariSz+bIgpx1euZEOmwu
cd+ULs0HMdfqorRa3MuUtKuIzYiQvCsv788VoNKjs+NNMIexO6p6S9E36ce2trze
BCmpYmi0WofO0bSwnwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQf
Fh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUbe9reSw2
C72JuGVpc+/L/O2hVjwwHwYDVR0jBBgwFoAUnltsnuh2mjtqqDWk2RNSwC7njHkw
DQYJKoZIhvcNAQELBQADgYEADlJp3uMKxgS2hgCK+JZV4qsXGuZ/rcHgq5qlrfg0
i76+wwZ6fs3WQe+zNgXbJnRviM0VScSUBM8IuclyovFWLvs0Z0piELtZ7KPwrDVf
5S5ynJHnJSG+sj4N6v+tvtpGDb1S3ueLQm79MGXv9pmbaYBmUJ0YSEnrScWy90Bv
Tno=
-----END CERTIFICATE-----
OpenSSL happily decodes it:
$ openssl x509 -noout -in client_no_intermediate.pem -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:18:03:39:88:74:98:94:84:82:04:58:68:34:36:56:38:11:77:20:30:91:79:80:57:62:86:21:35:44:86:22:70:52:60:46:28:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=FI, ST=dummy, O=dummy, OU=dummy, CN=SnakeOil/emailAddress=dummy#test.local
Validity
Not Before: May 12 18:34:26 2017 GMT
Not After : Dec 19 18:34:26 2021 GMT
Subject: C=FI, ST=dummy, O=dummy, OU=dummy, CN=SnakeOilClient/emailAddress=dummy#test.local
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:9a:76:46:cf:2d:73:df:03:56:cd:8e:02:fd:17:
af:ab:54:bb:37:b9:97:5b:5d:e9:87:7f:5a:0a:91:
3e:2a:f6:ea:ee:65:34:02:4c:31:6f:bd:61:ea:df:
6a:fa:1b:c2:95:ec:c0:12:6a:b8:92:cf:e6:c8:82:
9c:75:7a:e6:44:3a:6c:2e:71:df:94:2e:cd:07:31:
d7:ea:a2:b4:5a:dc:cb:94:b4:ab:88:cd:88:90:bc:
2b:2f:ef:cf:15:a0:d2:a3:b3:e3:4d:30:87:b1:3b:
aa:7a:4b:d1:37:e9:c7:b6:b6:bc:de:04:29:a9:62:
68:b4:5a:87:ce:d1:b4:b0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
6D:EF:6B:79:2C:36:0B:BD:89:B8:65:69:73:EF:CB:FC:ED:A1:56:3C
X509v3 Authority Key Identifier:
keyid:9E:5B:6C:9E:E8:76:9A:3B:6A:A8:35:A4:D9:13:52:C0:2E:E7:8C:79
Signature Algorithm: sha256WithRSAEncryption
0e:52:69:de:e3:0a:c6:04:b6:86:00:8a:f8:96:55:e2:ab:17:
1a:e6:7f:ad:c1:e0:ab:9a:a5:ad:f8:34:8b:be:be:c3:06:7a:
7e:cd:d6:41:ef:b3:36:05:db:26:74:6f:88:cd:15:49:c4:94:
04:cf:08:b9:c9:72:a2:f1:56:2e:fb:34:67:4a:62:10:bb:59:
ec:a3:f0:ac:35:5f:e5:2e:72:9c:91:e7:25:21:be:b2:3e:0d:
ea:ff:ad:be:da:46:0d:bd:52:de:e7:8b:42:6e:fd:30:65:ef:
f6:99:9b:69:80:66:50:9d:18:48:49:eb:49:c5:b2:f7:40:6f:
4e:7a
But SecureTransport fails on this specific certificate:
$ security verify-cert -c cacert.pem
Cert Verify Result: CSSMERR_TP_NOT_TRUSTED
$ security verify-cert -c client_no_intermediate.pem
SecCertificateCreateFromData: Unknown format in import.
What is wrong in this certificate?
The only thing obviously "wrong" with the certificate is the serial number is 38 bytes long.
https://www.rfc-editor.org/rfc/rfc3280#section-4.1.2.2
Given the uniqueness requirements above, serial numbers can be
expected to contain long integers. Certificate users MUST be able to
handle serialNumber values up to 20 octets. Conformant CAs MUST NOT
use serialNumber values longer than 20 octets.
While there is also guidance that non-conformant CAs exist, it's possible that Apple put in a limit lower than 38 bytes.
That wouldn't explain intermittency, but having a certificate which doesn't look "conformant" is always asking for unreliability.

Signing WLMA.ocx with ev signing code certificate

In order to get Microsoft PlayReady Server Agreement I need to sign WMLA.ocx file with Extended Validation Code Signing Certificate and send it back to Microsoft.
I've obtained Extended Validation Code Signing Certificate pack from Thawte, it contains:
1. Code Signing certificate itself
2. CA
3. PKCS7 certificate
Put Code Signing certificate itself to separate file with .cer extension.
I've downloaded Microsoft Code Signing pack from http://go.microsoft.com/fwlink/?LinkID=148072 contains:
a. Signcode.exe
b. WMLA.ocx
c. WMLA Instructions for EV Cert OCX v10 17 16.pdf
Following instructions (option 3) from http://msdn2.microsoft.com/en-us/library/ms537364.aspx we've tried to sign .ocx file using Signcode.exe and Code Signing certificate itself in .cer file.
Enter following command in command line:
C:\Users\User123\WMLA>signcode.exe -c ev.cer WMLA.ocx
And got error:
Error: There is no valid certificate in the my cert store
Error: Signing Failed. Result = 8009200c, (-2146885620)
Certificate is valid, but I'm not sure about signcode.exe options and putting certificate in separate .cer file?

OpenSSL verify certificate from own CA

Hello all and thanks for your time reading this.
I need to verify certificates issued by my own CA, for which I have a
certificate. How can I do the equivalent to openssl's
openssl verify -CAfile
in Ruby code? The RDoc for OpenSSL is not very helpful in this regard.
I've tried:
require 'openssl'
ca = OpenSSL::X509::Certificate.new(File.read('ca-cert.pem'))
lic = OpenSSL::X509::Certificate.new(File.read('cert.pem'))
puts lic.verify( ca )
but I get:
test.rb:7:in `verify': wrong argument (OpenSSL::X509::Certificate)!
(Expected kind of OpenSSL::PKey::PKey) (TypeError)
from test.rb:7
I can't even find "verify" in the OpenSSL Rdoc at
http://www.ruby-doc.org/stdlib/libdoc/openssl/rdoc/index.html.
Any help is appreciated. Thanks again!
You need to validate with
lic.verify(ca.public_key)
in addition before that you can verify certificate issuer with
lic.issuer.to_s == ca.subject.to_s
I used one Japanese help page to get the list of available methods :)
lic.verify() only verify the key from the certificate that signed lic. Ccommercial root CAs do not sign end user certificates directly. Usually there is one or 2 intermediate signing certificates involved.
So if CA -> signer -> user cert then
lic.verify( signer.public_key) and signer.verify( CA.public_key) will return true but lic.verify( CA.public_key ) will return false.

Resources