自签名证书路径约束超过限制。

huangapple go评论90阅读模式
英文:

Self signed certificate path constraint exceeded

问题

我有以下自签名证书链:

RootCA -> IntermediateCA(由根证书签名)-> Server Cert(用于TLS的叶子证书,由中间证书签名)

RootCA 的 MaxPathLen = 0

我的证书是使用 certstrap 生成的,使用 CreateCertificateAuthorityCreateIntermediateCertificateAuthority,所以我认为默认设置是正确的。但是,当我尝试在 Python 或 Node 客户端上使用自签名证书时,遇到了 path length constraint exceeded 错误。

注意:当使用 Go TLS 客户端只提供中间 CA 证书时,设置是正常工作的。Python 和 Node 似乎需要完整的证书链,因此才出现了问题。

根据 rfc5280 中的说明:

在这种情况下,它给出了在有效的认证路径中可以跟随此证书的非自签发中间证书的最大数量。

我对于 non-self-issued intermediate certificates 感到困惑。这是否意味着我的证书链是有效的,因为 RootCA 签署了中间证书(因此它不是非自签发的)。或者它是无效的,因为中间证书被视为 non-self-issued 证书。这里的 self 到底是指什么?它可能是自签名或者根证书是自签名的。

在这种情况下,我的 RootCA 是否应该实际上具有 MaxPathLen 为 1?

英文:

I have the following self signed certificate chain:

RootCA -> IntermediateCA (signed by root) -> Server Cert (leaf for TLS, signed by intermediate)

RootCA has MaxPathLen = 0

My certificates are generated using certstrap using CreateCertificateAuthority and CreateIntermediateCertificateAuthority so I assumed the default settings were correct. But when trying to get my self signed certificates working with Python or Node client side I hit a path length constraint exceeded error.

> NOTE: The setup was working fine when using a Go TLS client by just supplying the intermediate CA certificate. Python and Node seem to require the full cert chain hence why the problem arose.

From rfc5280 I see the statement:
> In this case, it gives the
maximum number of non-self-issued intermediate certificates that may
follow this certificate in a valid certification path.

I'm confused by non-self-issued intermediate certificates. Is this implying that my chain is valid because the RootCA signed the intermediate (hence it is not non-self-issued). Or it is not valid, because the intermediate counts as as a non-self-issued certificate. What exactly is self referring to here? It could be self signing or the rootca being self.

Should my rootCA in this case actually have a MaxPathLen of 1?

答案1

得分: 2

如果根证书的MaxPathLen=0,那么它只能颁发终端实体证书,不能再颁发中间CA证书。根CA是自签名的。

在你的情况下,根证书颁发了一个中间CA,这是不允许的。你会得到你描述的错误。

> 非自签名的中间证书

这指的是可以跟随根证书的中间CA,由该根证书颁发。

> 或者它是无效的,因为中间证书被视为非自签名证书。

是的,中间证书超过了MaxPathlen = 0。

> 自签名

指的是根证书。

> 根CA和maxPathLen

具有maxPathLen>= 1的根CA将适用于所提供的场景。它可以有一个中间CA,该中间CA可以签署终端实体证书。

Root -> ICA -> EE

然而,对于maxPathLen=1,以下情况将不起作用:

Root -> ICA-1 -> ICA-2 -> EE
英文:

If the root has a MaxPathLen=0, then it can only issue end-entity certificates and no intermediate CA certificates can follow. The Root CA is self-signed.

In your case, the Root has issued an intermediate CA and that is not allowed. And will get the error you described.

> non-self-issued intermediate certificates

This refers to intermediate CAs that can follow the Root that are issued by that Root.

> Or it is not valid, because the intermediate counts as as a
> non-self-issued certificate.

That is correct the intermediate exceeds the MaxPathlen = 0.

> Self

Refers to the Root.

> Root CA and maxPathLen

The root CA with a maxPathLen >= 1 will work for the scenario presented. It can have an intermediate CA and that intermediate can sign end-entity certs.

Root -> ICA -> EE

However with that maxPathLen=1, the following will not work:

Root -> ICA-1 -> ICA-2 -> EE

答案2

得分: 2

self-issued 指的是证书链中发给自身的证书 - 即主体和颁发者相同。这通常用于密钥更换目的,否则可以忽略。

你的问题出现在你在根证书上放置了 basicConstraint 的 pathLenConstraint 为 0。值为 0 时,它应该在证书链中的最后一个 CA 上 - 你称之为 Intermediate CA。

根据 RFC 5280:

> pathLenConstraint 的值为零表示在有效的证书路径中不能有 [非自签发的] 中间 CA 证书

明智的做法是不在根证书上设置 pathLenConstraint,因为在签名时你可能不知道下级 CA 会如何随时间推移而扩展。

英文:

The self-issued refers to a certificate in the chain that is issued to itself - that is Subject and Issuer are the same. This is usually used for key changeover purposes and can be ignored otherwise.

Your problem arises because you've placed the basicConstraint pathLenConstraint of 0 on the Root. With a value of 0, it should be on the last CA in the chain - the one you call Intermediate CA.

From RFC 5280:

> A pathLenConstraint of zero indicates that no [non-
self-issued] intermediate CA certificates may follow in a valid
certification path

It's wise not to a pathLenConstraint on your Root as you may not know at the time of signing how your subordinate CAs will pad out over time.

huangapple
  • 本文由 发表于 2022年1月14日 04:10:32
  • 转载请务必保留本文链接:https://go.coder-hub.com/70702548.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定