0

I have SSL client and server, and a testing PKI like this

root_ca -> server_singing_ca -> ssl server
      |--> client_signing_ca -> ssl client

in the server, I put the server certificate and the server_signing_ca certificate into the same file, and load the file using 

SSL_CTX_use_certificate_chain_file().

That works. The untrusted intermediate cert is automatically send to the client during the handshake.

My question is: I want to minimize the data exchange during the handshake. Is there way to let the client to hold a copy of the server_signing_ca's cert beforehand, so I can remove it from the sever side?
And I don't want to add the server_signing_ca's cert to the trusted store.
What is the API for the client to load the server_signing_ca's certificate? I looked into

SSL_CTX_add_extra_chain_cert().

But it seems it is for the client to load the client_signing_ca's certificate to form the cert chain.

John Crane
  • 371
  • 5
  • 14

1 Answers1

1

Please refer to the RFCs related to SSL/TLS protocol (one of them is here). Generally, server should send the chain of the certificate where the root CA can be optionally omitted. Client should have trust on the trusted root and have the certificate.

However, you can omit the chain (excepting the client to have certificate chain). You need to ensure that the server certificate should be verified.

You can do the post connection verification using the chain you have or check SSL_CTX_set_cert_verify_callback.

Community
  • 1
  • 1
doptimusprime
  • 9,115
  • 6
  • 52
  • 90
  • Thanks for the answer.One more question: I added the server_signing_ca's certificate into the client trusted store. The server side does not have the server_signing_ca's certificate at all. It works. But I am wondering is this allowed by the standard? Is this the best practice? I remember "only self-signed cert can be in the trusted cert store" – John Crane Apr 15 '13 at 17:46
  • @JohnCrane: As per standard, only the topmost root CA can be omitted from the chain. I am not sure about best practices. You are right that trusted self signed certificate of Root level trusted CA(such as Verisign) are in trusted cert store. However, user on his own risk can add other certificate as per choice. The only thing is required that the client must be able to verify the identity of the server without any exception being raised. – doptimusprime Apr 16 '13 at 03:56