3

We have such kind of certificate being used for developing purposes

        X509v3 extensions:
        X509v3 Basic Constraints: 
            CA:TRUE
        X509v3 Key Usage: 
            Digital Signature, Non Repudiation, Key Encipherment
        X509v3 Subject Alternative Name: 
            DNS:domain1.loc, DNS:domain2.loc

I see CA:TRUE here and because of that I am not sure whether it is safe to install this certificate in OSX keychain as trusted one or not (assuming that almost anybody has access to its private key). I do not see certificate signing in "Key Usage" section, but CA:TRUE makes me a little bit nervous. Is it safe to trust this certificate?

Anton Serdyuk
  • 1,208
  • 10
  • 13
  • 1
    this means it is a CA cert I believe so it can be used to sign other certs. from: https://www.phildev.net/ssl/opensslconf.html "The first x509 extension we set is basicConstraints, and we provide it a value of CA:false which, as you might have guessed, says the certificate cannot be used as a CA. " https://www.phildev.net/ssl/creating_ca.html for omre about the CA:True arena. You should be safe if its a dev environment and your importing this into your Trusted CA Store? – Paul Dunlop May 03 '16 at 08:36
  • 1
    Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See [What topics can I ask about here](http://stackoverflow.com/help/on-topic) in the Help Center. Perhaps [Super User](http://superuser.com/) or [Information Security Stack Exchange](http://security.stackexchange.com/) would be a better place to ask. Also [Where do I post questions about Dev Ops?](http://meta.stackexchange.com/q/134306). – jww May 04 '16 at 00:24

1 Answers1

3

If the private key is widely known, it is a bad idea to trust the certificate for any purpose, regardless of the particulars of the certificate.

Concerning the assertion of CA:TRUE in the Basic Constraints extension without the assertion of keyCertSign in the Key Usage extension, RFC 5280 has this to say:

If the keyUsage extension is present, then the subject public key
MUST NOT be used to verify signatures on certificates or CRLs unless
the corresponding keyCertSign or cRLSign bit is set.

So, a conformant implementation will not use this certificate for verifying signatures on certificates. However, what the OS X implementation actually does may deviate from RFC 5280, particularly if the certificate is explicitly marked as trusted in the Keychain. (I do not use OS X so I cannot verify).

Community
  • 1
  • 1
frasertweedale
  • 5,424
  • 3
  • 26
  • 38
  • // , I agree with frasertweedale on one thing, at least. It is a bad idea to trust the certificate if the private key is widely known, even for development purposes. The trust can be used against you in ways that go way beyond the intended purposes. – Nathan Basanese Dec 20 '19 at 01:43