At the time of filing this bug report, when constructing a chain to a trusted root CA certificate, OpenSSL will strictly insist on using the full set of intermediate CA certificates sent by the TLS server during the TLS handshake.
This implementation fails to work with server configurations, where the topmost intermediate CA points to a legacy CA certificate, once it gets removed from the CA trust store.
OpenSSL should attempt to find an alternative trust chain, starting with one of the "middle" intermediate CA certificate.
This strategy is being used by CAs to allow a transition to newer root CA certificates.
This should be an upstream enhancement. This bug is intended to act for tracking such enhancements in the OpenSSL project. At the time this enhancement gets implemented by OpenSSL and provided in Fedora, it could become possible to remove legacy CA certificates from the ca-certificates package.
Kai, will you fill the upstream ticket through the firstname.lastname@example.org issue tracker, or should I do that myself?
I will file the upstream ticket very soon (probably Monday).
openssl upstream ticket:
(In reply to Kai Engert (:kaie) from comment #3)
> openssl upstream ticket:
The above link only works when logged in, so better use the following link for reading the ticket:
Issue fixed in OpenSSL master:
This bug appears to have been reported against 'rawhide' during the Fedora 22 development cycle.
Changing version to '22'.
More information and reason for this action is here:
Can we upgrade Fedora 22 to OpenSSL 1.0.2 ?
The upstream patches to the verification code apply without conflicts on the OpenSSL 1.0.2 stable branch, and the test stream still completes.
Could we add this enhancement to Fedora 22 ?
(In reply to Kai Engert (:kaie) from comment #7)
> the test stream still completes.
the test "SUITE"
I don't think we will update openssl to 1.0.2 on F22. We might backport the patches though.
It seems difficult to merge the patches to 1.0.1
I've tried, and while I initially succeeded, the test suite had failed. The parts of the test suite that returned certificate verification results returned different error reasons than expected.
I'm worried that merging to 1.0.1 would require to backport many additional patches to the 1.0.1 branch from the last 2-3 years.
I'll investigate first what the needed additional backported changes would be. Only if they would be too intrusive I would reconsider the update to 1.0.2.
(In reply to Tomas Mraz from comment #11)
> I'll investigate first what the needed additional backported changes would
> be. Only if they would be too intrusive I would reconsider the update to
Have you been able to investigate yet?
I'm currently working on 1.0.2 rebase in rawhide. After that I want to look at this backport.
Great, thanks for the update!
I've been told that openssl merged the feature into the 1.0.2 branch.
See the commits from April 20:
openssl-1.0.1k-8.fc22 has been submitted as an update for Fedora 22.
* should fix your issue,
* was pushed to the Fedora 22 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing openssl-1.0.1k-8.fc22'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
openssl-1.0.1k-8.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.