New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OCSP responder doesn't support multiple cert status request #2331

Closed
quchao opened this Issue Nov 16, 2016 · 5 comments

Comments

Projects
None yet
3 participants
@quchao

quchao commented Nov 16, 2016

I deployed parallel ECDSA+RSA certs on nginx, whereas I cannot get ssl_stapling_file enabled successfully. When I try to get a combined OCSP response for both of them, the responder returns the status of the first one only, for the other one it just shows ERROR: No Status found. It works well when request separately though.

The certs are both issued by Let’s Encrypt Authority X3.
So I tried this first:

openssl ocsp -issuer lets-encrypt-x3-cross-signed.pem \
             -cert ecc.pem \
             -cert rsa.pem \
             -no_nonce \
             -resp_text \
             -url http://ocsp.int-x3.letsencrypt.org/ \
             -header "HOST" "ocsp.int-x3.letsencrypt.org"

It output:

OCSP Request Data:
    Version: 1 (0x0)
    Requestor List:
        Certificate ID:
          Hash Algorithm: sha1
          Issuer Name Hash: 7EE66AE7729AB3FCF8A220646C16A12D6071085D
          Issuer Key Hash: A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1
          Serial Number: 0391535E46EA3102FFFB9764E0DC730824DF
        Certificate ID:
          Hash Algorithm: sha1
          Issuer Name Hash: 7EE66AE7729AB3FCF8A220646C16A12D6071085D
          Issuer Key Hash: A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1
          Serial Number: 03347D3AF5EE2FA3D896FA977308305FE0E2
OCSP Response Data:
    OCSP Response Status: successful (0x0)
    Response Type: Basic OCSP Response
    Version: 1 (0x0)
    Responder Id: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
    Produced At: Nov 13 15:46:00 2016 GMT
    Responses:
    Certificate ID:
      Hash Algorithm: sha1
      Issuer Name Hash: 7EE66AE7729AB3FCF8A220646C16A12D6071085D
      Issuer Key Hash: A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1
      Serial Number: 0391535E46EA3102FFFB9764E0DC730824DF
    Cert Status: good
    This Update: Nov 13 15:00:00 2016 GMT
    Next Update: Nov 20 15:00:00 2016 GMT

    Signature Algorithm: sha256WithRSAEncryption
        (emitted)

ecc.pem: good
	This Update: Nov 13 15:00:00 2016 GMT
	Next Update: Nov 20 15:00:00 2016 GMT
rsa.pem: ERROR: No Status found.

You can see two Certificate IDs in the request section, while only one got its status in response.


Then I tried https://pinkunicorn.wikimedia.org/ which serves dual certs (issued by GlobalSign) in parallel as well. You can see two corresponding Certificate IDs in the response data below:

OCSP Request Data:
    Version: 1 (0x0)
    Requestor List:
        Certificate ID:
          Hash Algorithm: sha1
          Issuer Name Hash: 0C9E4D9C3DEDEF84D891E972C7CF8406BC197B07
          Issuer Key Hash: 96DE61F1BD1C1629531CC0CC7D3B830040E61A7C
          Serial Number: 1121A225BA0402D791854854C8BA60686A9B
        Certificate ID:
          Hash Algorithm: sha1
          Issuer Name Hash: 0C9E4D9C3DEDEF84D891E972C7CF8406BC197B07
          Issuer Key Hash: 96DE61F1BD1C1629531CC0CC7D3B830040E61A7C
          Serial Number: 1121F69545B2BAE5A6F9553566C7120194CE
OCSP Response Data:
    OCSP Response Status: successful (0x0)
    Response Type: Basic OCSP Response
    Version: 1 (0x0)
    Responder Id: 9C4D0099000E8BB0018175A1BAF0D025D7A01C47
    Produced At: Nov 15 04:19:56 2016 GMT
    Responses:
    Certificate ID:
      Hash Algorithm: sha1
      Issuer Name Hash: 0C9E4D9C3DEDEF84D891E972C7CF8406BC197B07
      Issuer Key Hash: 96DE61F1BD1C1629531CC0CC7D3B830040E61A7C
      Serial Number: 1121A225BA0402D791854854C8BA60686A9B
    Cert Status: good
    This Update: Nov 15 04:19:56 2016 GMT
    Next Update: Nov 19 04:19:56 2016 GMT

    Certificate ID:
      Hash Algorithm: sha1
      Issuer Name Hash: 0C9E4D9C3DEDEF84D891E972C7CF8406BC197B07
      Issuer Key Hash: 96DE61F1BD1C1629531CC0CC7D3B830040E61A7C
      Serial Number: 1121F69545B2BAE5A6F9553566C7120194CE
    Cert Status: good
    This Update: Nov 15 04:19:56 2016 GMT
    Next Update: Nov 19 04:19:56 2016 GMT

    Signature Algorithm: sha256WithRSAEncryption
        (emitted)
        
Certificate:
    (emitted)

ecc.pem: good
	This Update: Nov 15 04:19:56 2016 GMT
	Next Update: Nov 19 04:19:56 2016 GMT
rsa.pem: good
	This Update: Nov 15 04:19:56 2016 GMT
	Next Update: Nov 19 04:19:56 2016 GMT
@jsha

This comment has been minimized.

Contributor

jsha commented Nov 16, 2016

You're correct that Let's Encrypt's OCSP responder doesn't support multiple certificate status requests.

Ideally, Nginx should be configurable such that it has a separate ssl_stapling_file for each certificate, but I'm guessing that's not possible. Do you think it's reasonable to file a bug report on Nginx?

@quchao

This comment has been minimized.

quchao commented Nov 17, 2016

Actually I had found an issue on Nginx before I opened one here, the ticket was set to invalid. It seems that the guy didn't get the point exactly, 'cause we just need ssl_stapling_file to be a per-cert directive, like the ssl_certificate & ssl_certificate_key. Maybe I should reopen the issue there later.

For me, as a user, each side of you who achieve this feature would be grateful to. 😃

@rolandshoemaker

This comment has been minimized.

Member

rolandshoemaker commented Nov 21, 2016

x/crypto/ocsp doesn't support requests/responses for multiple certificates, that would have to be fixed before we could support it ourselves.

@jsha

This comment has been minimized.

Contributor

jsha commented Nov 21, 2016

Note that we probably still wouldn't implement it even if it were available in x/crypto/ocsp, because we do batch signing of OCSP. So we wouldn't know ahead of time which sets of certificates to group into a single signature.

@rolandshoemaker

This comment has been minimized.

Member

rolandshoemaker commented Feb 13, 2017

Closing this issue. There is no way we can serve multiple responses to a request with multiple certificate IDs without redesigning our OCSP signing service and doing live signing (the latter of which we explicitly do not want to do).

We agree this is something that should be fixed at the webserver level and will follow up on the relevant nginx + Apache tickets to try and get this fixed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment