[gnutls-help] full-chain ocsp stapling
Jeremy Harris
jgh at wizmail.org
Sun Nov 10 22:48:09 CET 2019
On 10/11/2019 20:45, Jeremy Harris wrote:
> GnuTLS 3.6.8
>
> I'm testing $subject using a 3-layer cert chain, and stapled ocsp
> under TLS1.3 for which the middle item is non-valid.
(followup to myself...)
I note that
https://www.gnutls.org/manual/html_node/OCSP-stapling.html
suggests cat'ing multiple ocsp respose PEMs. While GnuTLS is
happy with that, it's not what I am doing since it results
in a TLS wire-format which is incompatible with OpenSSL
(and, I think, RFCs). The result of a file with several
PEMs is (speaking from memory of wireshark sessions...) a
Server Hello with a Certificates record having certificates
interleaved with cert-status extensions.
If you instead create an OCSP request for all the certs of
the chain, and then an OCSP response from that, you get one
"basicresponse" containing multiple "status" elements, all
in one DER (or PEM). Either GnuTLS or OpenSSL is happy to
swallow that on the server, and the wire format has a single
"status" extension, placed between the first and second
certificates, in the Server Hello. OpenSSL is happy with
that wire format as the client.
I'm wondering if GnuTLS, when validating certs, is not
properly interpreting the multi-element basicresponse.
--
Cheers,
Jeremy
More information about the Gnutls-help
mailing list