RHEL/CentOS 7 OpenSSL client compatibility after new chain

Nummer378 · May 19, 2021, 12:03pm

This is default OpenSSL behaviour. -trusted_first is equivalent to setting X509_V_FLAG_TRUSTED_FIRST in code.

X509_V_FLAG_TRUSTED_FIRST was first introduced to OpenSSL in version 1.0.2, but not enabled by default. Applications need to manually set this flag. This may not be possible for everyone.

Since OpenSSL 1.1.0, the flag is set by default and no longer requires action by the application.

Questions re: OpenSSL Client Compatibility Changes for Let’s Encrypt Certificates

From my point of view (also see my post above), the fix was the introduction of X509_V_FLAG_TRUSTED_FIRST in OpenSSL. Per the official documentation, this flag is set by default since OpenSSL 1.1.0. The docs don't say if they mean 1.1.0 in general, or a specific patch release of 1.1.0.

/docs/manmaster/man3/X509_VERIFY_PARAM_set_flags.html

When X509_V_FLAG_TRUSTED_FIRST is set, which is always the case since OpenSSL 1.1.0, construction of the certificate chain in X509_verify_cert(3) searches the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see "TRUST SETTINGS" in openssl-x509(1)).

Edit: I just checked the source code. X509_V_FLAG_TRUSTED_FIRST is set by default since Check chain extensions also for trusted certificates · openssl/openssl@0daccd4 · GitHub , which is part of the very first OpenSSL 1.1.0 release.