437267 - Issue with nonstandard root certificate loaded and in server certificate chain

Status: RESOLVED DUPLICATE of bug 435013

(Core :: Security: PSM, defect)

Description

[Theodore Q. Tickell]

User-Agent:       Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9) Gecko/2008051202 Firefox/3.0
Build Identifier: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9) Gecko/2008051202 Firefox/3.0

Using our own CA hierarchy for test sites, when:

1) The Root CA Certificate is loaded to the browser and trusted

and

2) The Apache Site is configured to serve back the whole chain - including the root CA Certificate (it is in the CAPath ...)

Then Firefox throws an error "Error code: sec_error_reused_issuer_and_serial"

If the Root CA Certificate is removed from Apache, so that only a partial chain is served, the site cert is validated, properly.

Tested in Firefox 2.0.0.7, 2.0.0.14, and 3.0 RC1 on Windows (XP) and Mac (10.5.3).

                 

Reproducible: Always

Steps to Reproduce:
1. Generate a CA, intermediate CA signed by the CA, and a site cert signed by the intermediate CA
2. Load the CA to Firefox
3. Load the whole chain to an SSL enabled Apache Site
4. Try to access the site
Actual Results:  
From Firefox 3:

Secure Connection Failed
 

An error occurred during a connection to mybenefits.unit.csplans.com.

You have received an invalid certificate.  Please contact the server administrator or email correspondent and give them the following information:

Your certificate contains the same serial number as another certificate issued by the certificate authority.  Please get a new certificate containing a unique serial number.

(Error code: sec_error_reused_issuer_and_serial)

        


        
        

The page you are trying to view can not be shown because the authenticity of the received data could not be verified.

    * Please contact the web site owners to inform them of this problem.

Expected Results:  
The site cert should have validated.

This is not the same as other bugs whereby erroneously generated and saved self-signed-certs cause the same error.

To my knowledge, the root ca cert may be at the head of the cert chain returned by the ssl server - it just will not be trusted unless it is also loaded to the local browser.

Comment 1

[Daniel Veditz [:dveditz]]

The root is supposed to be in the browser already, you send the intermediates to "fill the gaps" between the root the browser knows and the server cert at the end of the chain.

Did you get documentation telling you to include the root cert as well? If so could you paste in a link?

Although I suppose it's not unreasonable to expect that if we encounter a cert with a duplicate issuer and serial number and they're exactly the _same_ we ought to recognize that and just drop the new one as a no-op.

Comment 2

[Theodore Q. Tickell]

Good Question ...

I'll have to dig around for something more "official" than the Apache documents, but they way they use the chain is:

"This directive sets the optional all-in-one file where you can assemble the certificates of Certification Authorities (CA) which form the certificate chain of the server certificate. This starts with the issuing CA certificate of of the server certificate and can range up to the root CA certificate."

http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslcertificatechainfile

The chain they serve, if not specified, is built on the fly from the available certs given in a directory - which is great for a setup like ours where one trust store works for a variety of client and server purposes (with a variety of certificates).

Comment 3

[Kai Engert (:KaiE:)]

Mass change owner of unconfirmed "Core:Security UI/PSM/SMime" bugs to nobody.
Search for kaie-20100607-unconfirmed-nobody

Comment 4

[Dana Keeler (she/her) (use needinfo) [:keeler] (on leave)]

This is a result of a fundamental design issue in NSS. If two certificates have the same issuer and serial number but are not byte-for-byte identical, all uses of the second certificate will fail.