[Help-gnutls] GnuTLS generating invalid/corrupt certificates? (was: Re: CA certificates -- root vs intermediate)

Sam Morris sam at robots.org.uk
Fri Aug 10 14:29:44 CEST 2007

On Thu, 2007-04-05 at 22:57 +0200, Simon Josefsson wrote:
> Sam Morris <sam at robots.org.uk> writes:
> > I've been using my own CA certificate to secure my access (with SSL/TLS)
> > to my personal email & web server for a while now. I originally
> > generated the CA certificate with gnutls' certtool program. I now need
> > to get the certificate working on a client running Mac OS X.
> >
> > It's fairly straightforward to import the certificate into OS X's
> > Keychain application; however, Keychain insists that my CA is only an
> > "intermediate certificate authority", and therefore OS X refuses to
> > trust the certificate.
> >
> > I have gone through the output of 'certtool --info' and 'openssl x509
> > -text', and have done quite some Googling by now, but I can't find any
> > way to determine the criteria by which Keychain decides that my
> > certificate is that of a root authority, or an intermediate authority.
> >
> > So my question is: is this root/intermediate setting actually in the
> > certificate itself (in which case it's something I can fix by generating
> > a new certificate--although I can't find any options for this in
> > certtol's documentation; is it possible, or will I have to use openssl?)
> > or is it something I need to do in the Keychain application?
> Basically, root certificates have subject==issuer, intermediate
> certificates have subject!=issuer.
> > The certificate is available from
> > https://crypt.ethx.net/robots.org.uk-CA.crt in case anyone wants a copy.
> The certificate is missing the 'key usage' bits of certificate
> signing, and a subject key ID.  But that doesn't seem relevant to the
> error message you got.  And, many commercial CAs also lack those
> fields so you aren't alone in this.
> I think you'll need to debug this as a Keychain problem further, to
> understand exactly why it is complaining.  Can you add any other
> certificate as a new trusted root CA?

So, I finally had some time to look into this. I asked on the Apple-cdsa
mailing list[0] and recieved a reply from someone who seems to work for
Apple[1] that indicated that the problem is with my certificate; the
Apple crypto libraries cannot parse it for some reason.

 [0] http://lists.apple.com/archives/Apple-cdsa/2007/Aug/msg00009.html
 [1] http://lists.apple.com/archives/Apple-cdsa/2007/Aug/msg00016.html

I also had problems trying to get my certificate to import into a Sony
Ericsson K800i mobile phone. For months I assumed it was a limitation of
the phone itself (it would only bleat, "invalid certificate" at me, and
Sony Ericsson's tech support service was worse than useless)...

... but today I sat down and generated a root certificate with OpenSSL,
which imported fine into both the Mac OS Keychain software, and the
K800i phone.

So my conclusion is that GnuTLS is generating invalid/corrupt
certificates, or at least, that it is using some part of the certificate
that other X509 implementations don't commonly implement (although my
original certificate did function correctly with OpenSSL, NSS and
whatever Windows uses).

To double-check, I generated a new root certificate with GnuTLS 1.4.4,
and tried to import it into the Mac OS Keychain; I had exactly the same
problem again. The command I used was:

        certtool --generate-self-signed --load-privkey private-key --template CA.cfg

Whereas CA.cfg contained:

        organization = "Test Org"
        country = GB
        cn = "Test Org certificate authority"
        serial = 0
        expiration_days = 1825

I would file a bug about this, but I see that newer versions of GnuTLS
are now available, and so it is possible that this bug has been fixed in
a subsequent version. I no longer have the Mac to perform further
testing with, so I can't currently create a certificate with 1.6 or 1.7
and test with that instead. :(

Anyway, thanks for your help!

> /Simon

Sam Morris <sam at robots.org.uk>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: </pipermail/attachments/20070810/9fbb3c35/attachment.pgp>

More information about the Gnutls-help mailing list