Opened 2 years ago

Last modified 2 years ago

#1005 new Bug / Defect

Chain CA fails with 1.2.6

Reported by: benjy Owned by:
Priority: major Milestone:
Component: Crypto Version: OpenVPN 2.4.4 (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc: Steffan Karger

Description

Hi,

Since 1.2.6 it seems the chain CA validation is broken.
Our infra is a bit particular as we have two differents CA
Server: CA1 -> subCA1 -> Sub-subCA1 -> server cert
Clients: CA2 -> subCA2 -> Sub-subCA2 -> client cert

The server includes CA2 in addition to the CA1 chain in its CA file to validate our clients.
The clients include CA1 in addition to the CA2 chain in its CA file as well.

All works for windows/linux/OSX/Android clients. But it fails for IOS since 1.2.6 (and maybe 1.2.5), it was working before though.

The server log shows that if fails to check the client chain:

VERIFY ERROR: depth=0, error=unable to get local issuer certificate: OU=OpenVPN-Mobile, CN=xxx

I tried different combination to include in the client CA but it never manages to get the local issuer.

There is a thread here: https://forums.openvpn.net/viewtopic.php?f=36&t=25674

With the help of ordex, we've identified that the problem comes from mbed TLS as the same issue occurs with mbed TLS on linux but not with openssl.

Thanks,
Ben

Change History (4)

comment:1 Changed 2 years ago by Antonio

Thanks for the report.
It would be interesting to understand why mbedTLS is failing this case..there might be a reason behind (or might not). The error message points to something like "I can't find the CA to validate this client certificate". I wonder if by pushing multiple CAs mbedTLS is actually not storing them all...(just a rough and wild guess here).

comment:2 Changed 2 years ago by Antonio

Component: OpenVPN ConnectCrypto
Version: OpenVPN Connect for iOS v1.2.6OpenVPN 2.4.4 (Community Ed)

switching the issue to OpenVPN community edition, so that a broader audience can consider it. (we verified it is not a problem in the iOS-only code)

comment:3 Changed 2 years ago by benjy

OK, so to add a note, the issue comes from having two chains.
If I provide a certificate generated from Sub-subCA1 (SHA1) in my scenario (instead of Sub-subCA2) the client connects properly with mbedtls 2.6

comment:4 Changed 2 years ago by Gert Döring

Cc: Steffan Karger added
Note: See TracTickets for help on using tickets.