Note: This bug is displayed in read-only format because
the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
.Support for certificates signed with `RSA-PSS` in `certutil` has been improved
Support for certificates signed with the `RSA-PSS` algorithm in the `certutil` tool has been improved. Notable enhancements and fixes include:
* The `--pss` option is now documented.
* The `PKCS#1 v1.5` algorithm is no longer used for self-signed signatures when a certificate is restricted to use `RSA-PSS`.
* Empty `RSA-PSS` parameters in the `subjectPublicKeyInfo` field are no longer printed as invalid when listing certificates.
* The `--pss-sign` option for creating regular RSA certificates signed with the `RSA-PSS` algorithm has been added.
Support for certificates signed with `RSA-PSS` in `certutil` is provided as a Technology Preview.
Description of problem:
1. The --pss option to certutil is undocumented
2. NSS will self-sign RSA-PSS certificates using RSASSA-PKCS#1 v1.5 algorithm
3. NSS recognised empty RSA-PSS certificate public key parameters as invalid
4. There is no documented way how to create regular RSA certificates with RSA-PSS signature
Version-Release number of selected component (if applicable):
upstream 3.29.2 beta
How reproducible:
Always
Steps to Reproduce:
mkdir nssdb/
certutil -N --empty-password -d sql:nssdb/
dd if=/dev/urandom of=noise bs=1 count=32
certutil -S -z ./noise -n rsaca -s "cn=RSA PSS Testing CA" -t "C,C,C" -m 1000 -Z SHA256 -k rsa -g 2048 -x -v 12 -d sql:nssdb/ --keyUsage digitalSignature,certSigning,crlSigning,critical -2 --pss
Generating key. This may take a few moments...
Is this a CA certificate [y/N]?
y
Enter the path length constraint, enter to skip [<0 for unlimited path]: > 0
Is this a critical extension [y/N]?
y
certutil -L -d sql:nssdb/ -n rsaca
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1000 (0x3e8)
Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption
Issuer: "CN=RSA PSS Testing CA"
Validity:
Not Before: Tue Feb 21 15:05:16 2017
Not After : Wed Feb 21 15:05:16 2018
Subject: "CN=RSA PSS Testing CA"
Subject Public Key Info:
Public Key Algorithm: PKCS #1 RSA-PSS Signature
Parameters:
Invalid RSA-PSS parameters
RSA Public Key:
Modulus:
ed:b7:3f:87:de:a9:3a:03:d4:08:13:aa:b5:ab:b6:9a:
8f:e9:35:71:28:d4:db:e2:77:48:0b:e6:d8:8a:9b:98:
36:a3:e5:dc:cc:93:02:d1:3a:44:ac:29:db:d0:fc:94:
a2:0d:ae:c1:f2:1c:40:1a:b8:0b:d3:45:0c:30:33:7a:
85:98:e4:f9:5c:bc:98:75:73:92:5c:85:25:5a:da:ba:
d6:77:f6:96:35:d2:43:b3:da:b5:4e:e4:e5:d3:0a:1d:
69:dc:c9:76:47:af:a3:08:3c:1b:7b:3f:7f:1b:aa:32:
11:56:17:37:11:e0:62:8c:bf:6e:21:b2:bc:df:da:b7:
b8:f5:64:d4:91:d6:01:77:3b:62:b3:e7:4b:00:29:23:
7b:be:e7:b0:f5:dd:5f:75:87:45:06:9e:0f:17:9b:95:
34:57:d4:5e:90:7c:8a:2f:c9:fa:13:a3:3b:78:da:e4:
a4:e8:2f:aa:61:b1:1b:43:d3:e2:d0:a0:cb:6b:9e:55:
36:d6:f7:e2:44:51:6a:2f:b0:0a:e7:88:36:84:a1:aa:
ee:39:16:c9:93:03:75:11:56:69:f9:d7:35:0e:69:5d:
43:f6:24:6f:fc:c9:6a:26:92:07:6f:a0:f3:a2:03:d3:
dc:01:73:05:f2:7a:02:e6:bb:2a:53:22:52:c7:ce:d7
Exponent: 65537 (0x10001)
Signed Extensions:
Name: Certificate Basic Constraints
Critical: True
Data: Is a CA with a maximum path length of 0.
Name: Certificate Key Usage
Critical: True
Usages: Digital Signature
Certificate Signing
CRL Signing
Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption
Signature:
1c:94:85:0f:61:1b:44:65:57:10:5e:07:e8:d6:58:4c:
6c:b4:fa:86:b7:72:81:4f:ac:1c:b4:78:4f:f1:26:8d:
44:0c:9b:98:ef:c4:fa:04:06:aa:73:3f:b3:08:b9:d1:
fc:7e:2b:69:8d:9b:a3:03:14:7b:9f:cb:76:75:d4:e6:
2c:3b:d0:b3:5a:a8:0d:2e:c4:27:fe:dc:35:28:87:6b:
52:05:5a:68:46:3e:44:21:06:9c:77:0e:38:e8:ca:53:
9c:5b:24:e6:38:7b:4e:b8:ab:7a:fa:2f:de:35:5f:f8:
7b:bc:f5:dd:c4:cb:7a:c4:08:7c:14:74:6c:df:2d:6f:
6b:da:ac:f3:d6:5c:98:86:fa:a2:95:74:8f:5b:91:5c:
68:31:38:8a:47:6b:d7:78:f5:4e:5c:3b:02:1f:ae:9f:
55:55:dd:2f:23:b5:49:cb:e9:fc:b3:98:ab:43:c8:3f:
9b:96:59:b8:0e:72:b6:c9:4c:20:7c:3f:43:8b:4c:e3:
69:8e:de:9c:eb:6f:8e:7a:1d:e1:a8:37:f6:ea:68:76:
cd:92:46:0e:92:7f:af:47:cc:2a:27:d1:31:d0:2f:75:
ea:9c:a6:14:86:ea:11:9d:f8:0e:c3:b0:84:c3:9f:b5:
f7:60:ba:61:bc:0f:fb:3b:6a:98:1d:3f:91:d9:bd:01
Fingerprint (SHA-256):
E8:48:C6:D7:A5:41:6D:10:CE:78:E2:8A:2F:DE:7F:D4:91:05:30:FC:51:B9:02:6F:A9:85:14:E9:DD:77:59:59
Fingerprint (SHA1):
24:2F:67:6B:5C:0D:5B:24:16:9D:C7:ED:6B:EC:7F:21:AA:6E:82:9F
Mozilla-CA-Policy: false (attribute missing)
Certificate Trust Flags:
SSL Flags:
Valid CA
Trusted CA
User
Email Flags:
Valid CA
Trusted CA
User
Object Signing Flags:
Valid CA
Trusted CA
User
at the same time, openssl recognises it as "No PSS parameter restrictions":
openssl x509 -in cert.pem -noout -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1000 (0x3e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN = RSA PSS Testing CA
Validity
Not Before: Feb 21 15:05:16 2017 GMT
Not After : Feb 21 15:05:16 2018 GMT
Subject: CN = RSA PSS Testing CA
Subject Public Key Info:
Public Key Algorithm: rsassaPss
RSA-PSS Public-Key: (2048 bit)
Modulus:
00:ed:b7:3f:87:de:a9:3a:03:d4:08:13:aa:b5:ab:
b6:9a:8f:e9:35:71:28:d4:db:e2:77:48:0b:e6:d8:
8a:9b:98:36:a3:e5:dc:cc:93:02:d1:3a:44:ac:29:
db:d0:fc:94:a2:0d:ae:c1:f2:1c:40:1a:b8:0b:d3:
45:0c:30:33:7a:85:98:e4:f9:5c:bc:98:75:73:92:
5c:85:25:5a:da:ba:d6:77:f6:96:35:d2:43:b3:da:
b5:4e:e4:e5:d3:0a:1d:69:dc:c9:76:47:af:a3:08:
3c:1b:7b:3f:7f:1b:aa:32:11:56:17:37:11:e0:62:
8c:bf:6e:21:b2:bc:df:da:b7:b8:f5:64:d4:91:d6:
01:77:3b:62:b3:e7:4b:00:29:23:7b:be:e7:b0:f5:
dd:5f:75:87:45:06:9e:0f:17:9b:95:34:57:d4:5e:
90:7c:8a:2f:c9:fa:13:a3:3b:78:da:e4:a4:e8:2f:
aa:61:b1:1b:43:d3:e2:d0:a0:cb:6b:9e:55:36:d6:
f7:e2:44:51:6a:2f:b0:0a:e7:88:36:84:a1:aa:ee:
39:16:c9:93:03:75:11:56:69:f9:d7:35:0e:69:5d:
43:f6:24:6f:fc:c9:6a:26:92:07:6f:a0:f3:a2:03:
d3:dc:01:73:05:f2:7a:02:e6:bb:2a:53:22:52:c7:
ce:d7
Exponent: 65537 (0x10001)
No PSS parameter restrictions
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
1c:94:85:0f:61:1b:44:65:57:10:5e:07:e8:d6:58:4c:6c:b4:
fa:86:b7:72:81:4f:ac:1c:b4:78:4f:f1:26:8d:44:0c:9b:98:
ef:c4:fa:04:06:aa:73:3f:b3:08:b9:d1:fc:7e:2b:69:8d:9b:
a3:03:14:7b:9f:cb:76:75:d4:e6:2c:3b:d0:b3:5a:a8:0d:2e:
c4:27:fe:dc:35:28:87:6b:52:05:5a:68:46:3e:44:21:06:9c:
77:0e:38:e8:ca:53:9c:5b:24:e6:38:7b:4e:b8:ab:7a:fa:2f:
de:35:5f:f8:7b:bc:f5:dd:c4:cb:7a:c4:08:7c:14:74:6c:df:
2d:6f:6b:da:ac:f3:d6:5c:98:86:fa:a2:95:74:8f:5b:91:5c:
68:31:38:8a:47:6b:d7:78:f5:4e:5c:3b:02:1f:ae:9f:55:55:
dd:2f:23:b5:49:cb:e9:fc:b3:98:ab:43:c8:3f:9b:96:59:b8:
0e:72:b6:c9:4c:20:7c:3f:43:8b:4c:e3:69:8e:de:9c:eb:6f:
8e:7a:1d:e1:a8:37:f6:ea:68:76:cd:92:46:0e:92:7f:af:47:
cc:2a:27:d1:31:d0:2f:75:ea:9c:a6:14:86:ea:11:9d:f8:0e:
c3:b0:84:c3:9f:b5:f7:60:ba:61:bc:0f:fb:3b:6a:98:1d:3f:
91:d9:bd:01
but looking at ASN.1 decoding, it looks like they are simply missing:
openssl asn1parse -in cert.pem
0:d=0 hl=4 l= 730 cons: SEQUENCE
4:d=1 hl=4 l= 450 cons: SEQUENCE
8:d=2 hl=2 l= 3 cons: cont [ 0 ]
10:d=3 hl=2 l= 1 prim: INTEGER :02
13:d=2 hl=2 l= 2 prim: INTEGER :03E8
17:d=2 hl=2 l= 13 cons: SEQUENCE
19:d=3 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption
30:d=3 hl=2 l= 0 prim: NULL
32:d=2 hl=2 l= 29 cons: SEQUENCE
34:d=3 hl=2 l= 27 cons: SET
36:d=4 hl=2 l= 25 cons: SEQUENCE
38:d=5 hl=2 l= 3 prim: OBJECT :commonName
43:d=5 hl=2 l= 18 prim: PRINTABLESTRING :RSA PSS Testing CA
63:d=2 hl=2 l= 30 cons: SEQUENCE
65:d=3 hl=2 l= 13 prim: UTCTIME :170221150516Z
80:d=3 hl=2 l= 13 prim: UTCTIME :180221150516Z
95:d=2 hl=2 l= 29 cons: SEQUENCE
97:d=3 hl=2 l= 27 cons: SET
99:d=4 hl=2 l= 25 cons: SEQUENCE
101:d=5 hl=2 l= 3 prim: OBJECT :commonName
106:d=5 hl=2 l= 18 prim: PRINTABLESTRING :RSA PSS Testing CA
126:d=2 hl=4 l= 288 cons: SEQUENCE
130:d=3 hl=2 l= 11 cons: SEQUENCE
132:d=4 hl=2 l= 9 prim: OBJECT :rsassaPss
143:d=3 hl=4 l= 271 prim: BIT STRING
418:d=2 hl=2 l= 38 cons: cont [ 3 ]
420:d=3 hl=2 l= 36 cons: SEQUENCE
422:d=4 hl=2 l= 18 cons: SEQUENCE
424:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
429:d=5 hl=2 l= 1 prim: BOOLEAN :255
432:d=5 hl=2 l= 8 prim: OCTET STRING [HEX DUMP]:30060101FF020100
442:d=4 hl=2 l= 14 cons: SEQUENCE
444:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
449:d=5 hl=2 l= 1 prim: BOOLEAN :255
452:d=5 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:03020186
458:d=1 hl=2 l= 13 cons: SEQUENCE
460:d=2 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption
471:d=2 hl=2 l= 0 prim: NULL
473:d=1 hl=4 l= 257 prim: BIT STRING
openssl asn1parse -in cert.pem -strparse 143
0:d=0 hl=4 l= 266 cons: SEQUENCE
4:d=1 hl=4 l= 257 prim: INTEGER :EDB73F87DEA93A03D40813AAB5ABB69A8FE9357128D4DBE277480BE6D88A9B9836A3E5DCCC9302D13A44AC29DBD0FC94A20DAEC1F21C401AB80BD3450C30337A8598E4F95CBC987573925C85255ADABAD677F69635D243B3DAB54EE4E5D30A1D69DCC97647AFA3083C1B7B3F7F1BAA321156173711E0628CBF6E21B2BCDFDAB7B8F564D491D601773B62B3E74B0029237BBEE7B0F5DD5F758745069E0F179B953457D45E907C8A2FC9FA13A33B78DAE4A4E82FAA61B11B43D3E2D0A0CB6B9E5536D6F7E244516A2FB00AE7883684A1AAEE3916C9930375115669F9D7350E695D43F6246FFCC96A2692076FA0F3A203D3DC017305F27A02E6BB2A532252C7CED7
265:d=1 hl=2 l= 3 prim: INTEGER :010001
Additional info:
Comment 1Kai Engert (:kaie) (inactive account)
2017-02-22 18:55:18 UTC
It isn't clear if we'll be able to get these issues fixed for rhel 7.4.0, and who will work on them.
Volunteers welcome.
Bob suggested, it would be good to get the incorrect behavior fixed, because if we ship an incorrect behavior in 7.4.0, it would be difficult to switch to a different behavior in later 7.x releases.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHEA-2018:0679
Description of problem: 1. The --pss option to certutil is undocumented 2. NSS will self-sign RSA-PSS certificates using RSASSA-PKCS#1 v1.5 algorithm 3. NSS recognised empty RSA-PSS certificate public key parameters as invalid 4. There is no documented way how to create regular RSA certificates with RSA-PSS signature Version-Release number of selected component (if applicable): upstream 3.29.2 beta How reproducible: Always Steps to Reproduce: mkdir nssdb/ certutil -N --empty-password -d sql:nssdb/ dd if=/dev/urandom of=noise bs=1 count=32 certutil -S -z ./noise -n rsaca -s "cn=RSA PSS Testing CA" -t "C,C,C" -m 1000 -Z SHA256 -k rsa -g 2048 -x -v 12 -d sql:nssdb/ --keyUsage digitalSignature,certSigning,crlSigning,critical -2 --pss Generating key. This may take a few moments... Is this a CA certificate [y/N]? y Enter the path length constraint, enter to skip [<0 for unlimited path]: > 0 Is this a critical extension [y/N]? y certutil -L -d sql:nssdb/ -n rsaca Certificate: Data: Version: 3 (0x2) Serial Number: 1000 (0x3e8) Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption Issuer: "CN=RSA PSS Testing CA" Validity: Not Before: Tue Feb 21 15:05:16 2017 Not After : Wed Feb 21 15:05:16 2018 Subject: "CN=RSA PSS Testing CA" Subject Public Key Info: Public Key Algorithm: PKCS #1 RSA-PSS Signature Parameters: Invalid RSA-PSS parameters RSA Public Key: Modulus: ed:b7:3f:87:de:a9:3a:03:d4:08:13:aa:b5:ab:b6:9a: 8f:e9:35:71:28:d4:db:e2:77:48:0b:e6:d8:8a:9b:98: 36:a3:e5:dc:cc:93:02:d1:3a:44:ac:29:db:d0:fc:94: a2:0d:ae:c1:f2:1c:40:1a:b8:0b:d3:45:0c:30:33:7a: 85:98:e4:f9:5c:bc:98:75:73:92:5c:85:25:5a:da:ba: d6:77:f6:96:35:d2:43:b3:da:b5:4e:e4:e5:d3:0a:1d: 69:dc:c9:76:47:af:a3:08:3c:1b:7b:3f:7f:1b:aa:32: 11:56:17:37:11:e0:62:8c:bf:6e:21:b2:bc:df:da:b7: b8:f5:64:d4:91:d6:01:77:3b:62:b3:e7:4b:00:29:23: 7b:be:e7:b0:f5:dd:5f:75:87:45:06:9e:0f:17:9b:95: 34:57:d4:5e:90:7c:8a:2f:c9:fa:13:a3:3b:78:da:e4: a4:e8:2f:aa:61:b1:1b:43:d3:e2:d0:a0:cb:6b:9e:55: 36:d6:f7:e2:44:51:6a:2f:b0:0a:e7:88:36:84:a1:aa: ee:39:16:c9:93:03:75:11:56:69:f9:d7:35:0e:69:5d: 43:f6:24:6f:fc:c9:6a:26:92:07:6f:a0:f3:a2:03:d3: dc:01:73:05:f2:7a:02:e6:bb:2a:53:22:52:c7:ce:d7 Exponent: 65537 (0x10001) Signed Extensions: Name: Certificate Basic Constraints Critical: True Data: Is a CA with a maximum path length of 0. Name: Certificate Key Usage Critical: True Usages: Digital Signature Certificate Signing CRL Signing Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption Signature: 1c:94:85:0f:61:1b:44:65:57:10:5e:07:e8:d6:58:4c: 6c:b4:fa:86:b7:72:81:4f:ac:1c:b4:78:4f:f1:26:8d: 44:0c:9b:98:ef:c4:fa:04:06:aa:73:3f:b3:08:b9:d1: fc:7e:2b:69:8d:9b:a3:03:14:7b:9f:cb:76:75:d4:e6: 2c:3b:d0:b3:5a:a8:0d:2e:c4:27:fe:dc:35:28:87:6b: 52:05:5a:68:46:3e:44:21:06:9c:77:0e:38:e8:ca:53: 9c:5b:24:e6:38:7b:4e:b8:ab:7a:fa:2f:de:35:5f:f8: 7b:bc:f5:dd:c4:cb:7a:c4:08:7c:14:74:6c:df:2d:6f: 6b:da:ac:f3:d6:5c:98:86:fa:a2:95:74:8f:5b:91:5c: 68:31:38:8a:47:6b:d7:78:f5:4e:5c:3b:02:1f:ae:9f: 55:55:dd:2f:23:b5:49:cb:e9:fc:b3:98:ab:43:c8:3f: 9b:96:59:b8:0e:72:b6:c9:4c:20:7c:3f:43:8b:4c:e3: 69:8e:de:9c:eb:6f:8e:7a:1d:e1:a8:37:f6:ea:68:76: cd:92:46:0e:92:7f:af:47:cc:2a:27:d1:31:d0:2f:75: ea:9c:a6:14:86:ea:11:9d:f8:0e:c3:b0:84:c3:9f:b5: f7:60:ba:61:bc:0f:fb:3b:6a:98:1d:3f:91:d9:bd:01 Fingerprint (SHA-256): E8:48:C6:D7:A5:41:6D:10:CE:78:E2:8A:2F:DE:7F:D4:91:05:30:FC:51:B9:02:6F:A9:85:14:E9:DD:77:59:59 Fingerprint (SHA1): 24:2F:67:6B:5C:0D:5B:24:16:9D:C7:ED:6B:EC:7F:21:AA:6E:82:9F Mozilla-CA-Policy: false (attribute missing) Certificate Trust Flags: SSL Flags: Valid CA Trusted CA User Email Flags: Valid CA Trusted CA User Object Signing Flags: Valid CA Trusted CA User at the same time, openssl recognises it as "No PSS parameter restrictions": openssl x509 -in cert.pem -noout -text Certificate: Data: Version: 3 (0x2) Serial Number: 1000 (0x3e8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN = RSA PSS Testing CA Validity Not Before: Feb 21 15:05:16 2017 GMT Not After : Feb 21 15:05:16 2018 GMT Subject: CN = RSA PSS Testing CA Subject Public Key Info: Public Key Algorithm: rsassaPss RSA-PSS Public-Key: (2048 bit) Modulus: 00:ed:b7:3f:87:de:a9:3a:03:d4:08:13:aa:b5:ab: b6:9a:8f:e9:35:71:28:d4:db:e2:77:48:0b:e6:d8: 8a:9b:98:36:a3:e5:dc:cc:93:02:d1:3a:44:ac:29: db:d0:fc:94:a2:0d:ae:c1:f2:1c:40:1a:b8:0b:d3: 45:0c:30:33:7a:85:98:e4:f9:5c:bc:98:75:73:92: 5c:85:25:5a:da:ba:d6:77:f6:96:35:d2:43:b3:da: b5:4e:e4:e5:d3:0a:1d:69:dc:c9:76:47:af:a3:08: 3c:1b:7b:3f:7f:1b:aa:32:11:56:17:37:11:e0:62: 8c:bf:6e:21:b2:bc:df:da:b7:b8:f5:64:d4:91:d6: 01:77:3b:62:b3:e7:4b:00:29:23:7b:be:e7:b0:f5: dd:5f:75:87:45:06:9e:0f:17:9b:95:34:57:d4:5e: 90:7c:8a:2f:c9:fa:13:a3:3b:78:da:e4:a4:e8:2f: aa:61:b1:1b:43:d3:e2:d0:a0:cb:6b:9e:55:36:d6: f7:e2:44:51:6a:2f:b0:0a:e7:88:36:84:a1:aa:ee: 39:16:c9:93:03:75:11:56:69:f9:d7:35:0e:69:5d: 43:f6:24:6f:fc:c9:6a:26:92:07:6f:a0:f3:a2:03: d3:dc:01:73:05:f2:7a:02:e6:bb:2a:53:22:52:c7: ce:d7 Exponent: 65537 (0x10001) No PSS parameter restrictions X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE, pathlen:0 X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption 1c:94:85:0f:61:1b:44:65:57:10:5e:07:e8:d6:58:4c:6c:b4: fa:86:b7:72:81:4f:ac:1c:b4:78:4f:f1:26:8d:44:0c:9b:98: ef:c4:fa:04:06:aa:73:3f:b3:08:b9:d1:fc:7e:2b:69:8d:9b: a3:03:14:7b:9f:cb:76:75:d4:e6:2c:3b:d0:b3:5a:a8:0d:2e: c4:27:fe:dc:35:28:87:6b:52:05:5a:68:46:3e:44:21:06:9c: 77:0e:38:e8:ca:53:9c:5b:24:e6:38:7b:4e:b8:ab:7a:fa:2f: de:35:5f:f8:7b:bc:f5:dd:c4:cb:7a:c4:08:7c:14:74:6c:df: 2d:6f:6b:da:ac:f3:d6:5c:98:86:fa:a2:95:74:8f:5b:91:5c: 68:31:38:8a:47:6b:d7:78:f5:4e:5c:3b:02:1f:ae:9f:55:55: dd:2f:23:b5:49:cb:e9:fc:b3:98:ab:43:c8:3f:9b:96:59:b8: 0e:72:b6:c9:4c:20:7c:3f:43:8b:4c:e3:69:8e:de:9c:eb:6f: 8e:7a:1d:e1:a8:37:f6:ea:68:76:cd:92:46:0e:92:7f:af:47: cc:2a:27:d1:31:d0:2f:75:ea:9c:a6:14:86:ea:11:9d:f8:0e: c3:b0:84:c3:9f:b5:f7:60:ba:61:bc:0f:fb:3b:6a:98:1d:3f: 91:d9:bd:01 but looking at ASN.1 decoding, it looks like they are simply missing: openssl asn1parse -in cert.pem 0:d=0 hl=4 l= 730 cons: SEQUENCE 4:d=1 hl=4 l= 450 cons: SEQUENCE 8:d=2 hl=2 l= 3 cons: cont [ 0 ] 10:d=3 hl=2 l= 1 prim: INTEGER :02 13:d=2 hl=2 l= 2 prim: INTEGER :03E8 17:d=2 hl=2 l= 13 cons: SEQUENCE 19:d=3 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption 30:d=3 hl=2 l= 0 prim: NULL 32:d=2 hl=2 l= 29 cons: SEQUENCE 34:d=3 hl=2 l= 27 cons: SET 36:d=4 hl=2 l= 25 cons: SEQUENCE 38:d=5 hl=2 l= 3 prim: OBJECT :commonName 43:d=5 hl=2 l= 18 prim: PRINTABLESTRING :RSA PSS Testing CA 63:d=2 hl=2 l= 30 cons: SEQUENCE 65:d=3 hl=2 l= 13 prim: UTCTIME :170221150516Z 80:d=3 hl=2 l= 13 prim: UTCTIME :180221150516Z 95:d=2 hl=2 l= 29 cons: SEQUENCE 97:d=3 hl=2 l= 27 cons: SET 99:d=4 hl=2 l= 25 cons: SEQUENCE 101:d=5 hl=2 l= 3 prim: OBJECT :commonName 106:d=5 hl=2 l= 18 prim: PRINTABLESTRING :RSA PSS Testing CA 126:d=2 hl=4 l= 288 cons: SEQUENCE 130:d=3 hl=2 l= 11 cons: SEQUENCE 132:d=4 hl=2 l= 9 prim: OBJECT :rsassaPss 143:d=3 hl=4 l= 271 prim: BIT STRING 418:d=2 hl=2 l= 38 cons: cont [ 3 ] 420:d=3 hl=2 l= 36 cons: SEQUENCE 422:d=4 hl=2 l= 18 cons: SEQUENCE 424:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints 429:d=5 hl=2 l= 1 prim: BOOLEAN :255 432:d=5 hl=2 l= 8 prim: OCTET STRING [HEX DUMP]:30060101FF020100 442:d=4 hl=2 l= 14 cons: SEQUENCE 444:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage 449:d=5 hl=2 l= 1 prim: BOOLEAN :255 452:d=5 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:03020186 458:d=1 hl=2 l= 13 cons: SEQUENCE 460:d=2 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption 471:d=2 hl=2 l= 0 prim: NULL 473:d=1 hl=4 l= 257 prim: BIT STRING openssl asn1parse -in cert.pem -strparse 143 0:d=0 hl=4 l= 266 cons: SEQUENCE 4:d=1 hl=4 l= 257 prim: INTEGER :EDB73F87DEA93A03D40813AAB5ABB69A8FE9357128D4DBE277480BE6D88A9B9836A3E5DCCC9302D13A44AC29DBD0FC94A20DAEC1F21C401AB80BD3450C30337A8598E4F95CBC987573925C85255ADABAD677F69635D243B3DAB54EE4E5D30A1D69DCC97647AFA3083C1B7B3F7F1BAA321156173711E0628CBF6E21B2BCDFDAB7B8F564D491D601773B62B3E74B0029237BBEE7B0F5DD5F758745069E0F179B953457D45E907C8A2FC9FA13A33B78DAE4A4E82FAA61B11B43D3E2D0A0CB6B9E5536D6F7E244516A2FB00AE7883684A1AAEE3916C9930375115669F9D7350E695D43F6246FFCC96A2692076FA0F3A203D3DC017305F27A02E6BB2A532252C7CED7 265:d=1 hl=2 l= 3 prim: INTEGER :010001 Additional info: