0

This may seem rather trivial, but Im' not good with tls.

I have an openvpn server that does mutual tls auth.

my vpn client has a ca.crt file of:

root CA
intermediate CA
issuing CA

my server has a server.crt of:

server certificate # which is signed by the above "issuing CA"

However, if on my vpn client I remove the "issuing CA" and "intermediate CA" from ca.crt, my vpn client still validates the server.crt just fine.

if on my vpn client I put an invalid invalid "root CA" in my ca.crt, then auth fails.

I'm confused as to how I can remove the "issuing CA" and "intermediate CA" from my vpn client's ca.crt and it is still able to validate the server.crt, as the cert that signed the server.crt, "issuing ca", is no longer in my vpn client's ca.crt.

sebastian
  • 133
  • 6
  • Each certificate contains the information where the certificate may be validated. It is usually never necessary to supply the intermediate/root certificates. – Greg Askew Feb 12 '23 at 07:25
  • oh. does his information come from the Authority Information Access -> CA Issuers part of the certificate? – sebastian Feb 12 '23 at 18:12

1 Answers1

1

TLS mandates that the end-entity certificate is accompanied by all certificates required to build the chain, but not necessary the root, as that should be in the verifier's trust-anchor store. It is not an error to provide the root certificate, but verifiers ignore it as they only trust root certificates explicitly added to their trust-anchor store after being received by some other secure method.

The server should send its certificate, along with the intermediate CAs, which the client use to verify against the root it already holds. The intermediate CA certificates at the client end play no part in this.

Similarly, the client must send its certificate along with the intermediates to the server, which it verifies against the root CA certificate held in its trust-anchor store. The client must have the intermediate CA certificates available in order to do this.

In your scenario, removing the intermediates from the client end shouldn't affect how the client verifies the server certificate as the server should have sent those intermediates as part of the TLS handshake.

However, removing the root CA does affect verification as the client now doesn't have a trust-anchor against which to build and verify the certificate chain.

garethTheRed
  • 4,539
  • 14
  • 22