Successfully generated OCSP staples reporting unauthorized (6)

Hello,

I am running a job to generate OCSP staples for many our certificates through openssl and two of them are consistently returning an "unauthorized", but are still generating an staple. I had hoped that this might be intermittent and stop happening, but has been persisting for a couple of weeks. The job generates staples for many other certificates which work as expected.

The problem reads the same as this one (not that I'm trying to say they are related).

My domain is: login.dev.nutmeg.co.uk

I ran this command: openssl ocsp -noverify -no_nonce -issuer /ocsp-issuers/r3.i.lencr.org.pem -cert login.dev.nutmeg.co.uk.pem -url http://r3.o.lencr.org -header Host=r3.o.lencr.org -respout login.dev.nutmeg.co.uk.pem.ocsp

It produced this output: Responder Error: unauthorized (6)

My web server is (include version): N/A

Any help which could be offered would be greatly appreciated.

Hi @rcjames

what's the content of that file?

Hi @JuergenAuer,

Thank you for replying.

It is a certificate with the key appended to it. Similar to what is being mentioned in this blog post.

The certificate is required, not something like "similar".

If it is a combination of public and private key, extract the public part.

If the certificate is expired, the "unauthorized" result is expected. But to check that, the public part is required.

I will look into this, but as I mentioned we are going through this same process for many other certificate files (50+), all of which are constructed in the same way, so the fact that this only happens for a couple of certificates is a little od.

As far as I am aware the certificate is valid.

cat login.dev.nutmeg.co.uk.pem | openssl x509 -text -noout                                                                                
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:ce:c6:fc:23:3a:6b:0c:6e:94:07:e6:a7:a2:24:2e:ba:ad
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = US, O = Let's Encrypt, CN = R3
        Validity
            Not Before: Dec 15 14:57:03 2020 GMT
            Not After : Mar 15 14:57:03 2021 GMT
        Subject: CN = login.dev.nutmeg.co.uk
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:a5:85:16:0a:a3:75:13:4e:92:f5:09:39:ea:
                    0f:6f:3d:8a:03:e1:c8:5d:fd:7e:aa:63:0c:6d:ac:
                    02:d1:41:3e:79:6a:e3:f4:63:32:a3:49:39:c4:43:
                    dd:5c:2e:17:f8:4a:48:c8:ef:dd:50:7f:37:9a:b9:
                    bc:b0:a3:35:fe:ba:8d:32:1f:45:d0:39:38:3f:87:
                    e5:e5:51:88:af:a2:0e:84:0e:a9:4e:99:78:28:4a:
                    61:09:c6:ce:cb:36:41:17:9b:87:56:96:77:b1:78:
                    8c:71:88:95:d0:40:e3:88:b5:8d:ac:c7:84:53:97:
                    13:7c:9f:1c:19:79:15:d0:7f:5b:7e:5c:c8:33:28:
                    44:8e:9c:04:9c:dc:aa:ee:9b:35:18:09:69:8a:81:
                    04:21:ea:eb:5a:64:6c:9c:26:e1:42:ea:e1:1e:62:
                    9a:6e:8f:d8:90:37:63:b6:12:93:35:0e:23:93:de:
                    95:e2:32:11:29:67:b9:54:e7:9d:34:db:35:51:a6:
                    33:b6:ab:a8:97:a0:9f:cb:a7:8d:86:83:4e:3a:05:
                    4f:78:45:a9:2d:3a:2a:4c:91:4c:0c:70:cd:0b:8d:
                    81:bd:f3:f6:c3:ff:3f:26:b8:b7:66:6e:9f:27:8b:
                    c8:d9:ab:39:88:aa:74:f5:a7:bf:95:a0:42:38:9c:
                    33:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                07:AE:73:D2:F5:48:9D:4A:DE:24:A2:B1:2B:C3:B2:92:86:22:C6:8C
            X509v3 Authority Key Identifier: 
                keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6

            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/

            X509v3 Subject Alternative Name: 
                DNS:login.dev.nutmeg.co.uk
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.44947.1.1.1
                  CPS: http://cps.letsencrypt.org

            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
                                37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
                    Timestamp : Dec 15 15:57:04.264 2020 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:16:B0:53:7A:32:98:12:6B:F8:AC:3A:D4:
                                8B:97:12:46:07:92:2D:22:64:96:65:E2:8D:58:57:AA:
                                9B:1B:D7:A3:02:21:00:D0:A1:FF:69:37:DC:C2:4C:07:
                                5B:A1:0A:EB:DB:58:34:1F:C9:4E:65:60:10:DB:8A:D7:
                                8A:A4:5B:44:F3:B7:7A
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:3E:F2:F8:8F:FF:88:55:68:24:C2:C0:CA:9E:52:89:
                                79:2B:C5:0E:78:09:7F:2E:6A:97:68:99:7E:22:F0:D7
                    Timestamp : Dec 15 15:57:04.294 2020 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:2F:DA:B8:24:3E:7F:31:73:5D:0E:E7:58:
                                29:73:6D:49:0F:41:9F:91:3B:05:EF:9F:A9:0D:74:81:
                                80:C9:F7:A4:02:21:00:DC:8D:17:13:1B:4F:63:57:9A:
                                59:98:DD:EA:87:1B:6E:5A:9D:40:AD:ED:6A:AD:7F:C3:
                                11:4D:C0:C5:5B:43:24
    Signature Algorithm: sha256WithRSAEncryption
         19:75:c4:b4:53:74:9a:8f:36:91:0e:77:41:4e:9f:d4:c0:0a:
         60:7b:bc:80:bf:90:b4:a5:fa:51:9f:fb:00:f6:01:be:36:0e:
         33:da:59:ef:39:4f:46:8f:2a:2d:bf:e6:72:b8:48:13:6d:3c:
         fe:21:c3:94:52:27:f8:85:63:bc:51:4c:18:14:93:6c:5d:82:
         f0:1e:59:17:5c:f5:10:36:65:1e:90:14:18:d5:3e:67:1d:9e:
         c1:56:e6:1c:a0:2a:12:52:8b:9f:4c:fe:e1:8f:a4:1b:84:eb:
         aa:4f:3d:ff:25:17:b7:43:e8:34:1a:d0:27:8e:4c:9b:d5:4b:
         99:f5:d9:ca:33:b9:cf:6e:9c:44:01:f2:2a:8d:aa:57:07:2e:
         79:7e:56:a8:d0:f4:7c:a0:2a:cf:1d:3b:9e:b5:e2:db:d9:29:
         f5:43:95:1d:33:3a:0b:de:e6:b8:22:22:80:7c:b4:1a:a7:09:
         ab:00:6e:5e:81:b1:42:10:12:ad:c1:9f:84:85:e3:78:7c:94:
         c6:76:b0:89:26:ea:84:e9:45:06:9b:88:01:52:68:18:39:ba:
         66:65:a2:d5:68:92:58:0b:55:ee:86:6f:4e:71:b3:f8:eb:cb:
         71:1f:f3:e0:2b:02:ad:0e:df:0c:64:3e:10:6c:c2:9e:1e:c7:
         9d:f4:73:52

That's curious.

Checking the revocation status via crt.sh | 3784717817 there is a timeout.

OCSP The CA Post http://r3.o.lencr.org: net/http: request canceled (Client.Timeout exceeded while awaiting headers) n/a n/a 2021-02-09 16:10:04 UTC

But checking my current active certificate crt.sh | 3754094313

OCSP The CA Good n/a n/a 2021-02-09 16:11:10 UTC

all works without a timeout.

If a certificate is revoked, the "unauthorized" error may happen too.

But why is there a timeout?

Thanks for those links, they are very useful.

I don't see a timeout however, it has has worked for me.

OCSP The CA Good n/a n/a 2021-02-09 16:40:24 UTC

Oh, good. Or not good - looks like Letsencrypt has sometimes timeouts.

Now I see the "good" result too.

I have run the job again but extracted just the certificate element and I continue to see an issue with the same two certificates.

Yes, this is good, but I continue to see issues.

@jsha. Apologies for pinging you directly, but you have liked the issue and are a LE engineer, so I wondered if you had any additional insight on this?

Ah, sorry for stealth liking and not replying. I went off to check our metrics and see if we were serving larger than normal numbers of unauthorized responses, found that we were not, and forgot to come back with an updated.

Actually, "unauthorized" is one of the OCSPResponseStatus enums: RFC 6960 - X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. Those tell you whether the server was able and willing to give you an answer at all. There's another enum, CertStatus, that indicates revocation. If a certificate is revoked, you should get a response with responseStatus successful and certStatus revoked.

We can return unauthorized for a variety of reasons: the request was malformed; the issuer name or issuer key hash in the request didn't match any of ours; the serial does not exist.

Can you run your openssl command with -reqout nutmeg-request.req, and then share the .req file? It will have an OCSP request body, which doesn't contain any secret information, just the issuer info and the serial. Discourse is picky about what types you can upload, but if you base64 encode it and save as a .txt it should work.

Thanks for getting back to me @jsha

Below is the base64 encoded version or the outputfile

MFMwUTBPME0wSzAJBgUrDgMCGgUABBR+5mrncpqz/PiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3
pkVl7/Oo7KECEgM5e9E+brd00yGdSuU41vpeBw==

Thanks again for any insight that you are able to offer

Thanks! The OCSP requests you are sending are for an expired certificate. Here's how I checked:

$ base64 -d <<<MFMwUTBPME0wSzAJBgUrDgMCGgUABBR+5mrncpqz/PiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7/Oo7KECEgM5e9E+brd00yGdSuU41vpeBw== > rcjames.req
$ openssl ocsp -text -reqin rcjames.req
OCSP Request Data:
    Version: 1 (0x0)
    Requestor List:
        Certificate ID:
          Hash Algorithm: sha1
          Issuer Name Hash: 7EE66AE7729AB3FCF8A220646C16A12D6071085D
          Issuer Key Hash: A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1
          Serial Number: 03397BD13E6EB774D3219D4AE538D6FA5E07
$ wget https://acme-v02.api.letsencrypt.org/acme/cert/03397BD13E6EB774D3219D4AE538D6FA5E07
--2021-02-15 10:09:04--  https://acme-v02.api.letsencrypt.org/acme/cert/03397BD13E6EB774D3219D4AE538D6FA5E07
Resolving acme-v02.api.letsencrypt.org (acme-v02.api.letsencrypt.org)... 2606:4700:60:0:f53d:5624:85c7:3a2c, 172.65.32.248
Connecting to acme-v02.api.letsencrypt.org (acme-v02.api.letsencrypt.org)|2606:4700:60:0:f53d:5624:85c7:3a2c|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 3575 (3.5K) [application/pem-certificate-chain]
Saving to: ‘03397BD13E6EB774D3219D4AE538D6FA5E07’

03397BD13E6EB774D3219D4AE538D6FA5E07                 100%[=====================================================================================================================>]   3.49K  --.-KB/s    in 0s

2021-02-15 10:09:05 (278 MB/s) - ‘03397BD13E6EB774D3219D4AE538D6FA5E07’ saved [3575/3575]

$ openssl x509 -text -noout -in 03397BD13E6EB774D3219D4AE538D6FA5E07
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:39:7b:d1:3e:6e:b7:74:d3:21:9d:4a:e5:38:d6:fa:5e:07
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
        Validity
            Not Before: Nov  6 12:48:31 2020 GMT
            Not After : Feb  4 12:48:31 2021 GMT
        Subject: CN = login.dev.nutmeg.co.uk
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:d3:65:c3:f3:ac:5f:0e:df:96:5e:25:d0:5c:
                    a8:22:31:9f:19:f0:f7:da:89:55:4d:eb:05:1c:3d:
                    b8:f0:6c:14:bf:64:92:24:fd:38:86:e9:09:66:18:
                    b0:09:01:e7:fe:da:fa:a5:f2:5c:04:5f:e2:c4:ee:
                    03:c0:08:7b:94:2d:14:7b:13:e7:0f:63:10:f9:56:
                    f9:cb:3a:21:6b:24:05:92:ed:64:ae:d5:8f:bb:f6:
                    d8:b1:27:f0:d8:f4:c4:4a:9d:09:cd:fb:59:a4:34:
                    e5:e8:5a:40:0f:98:ba:3f:a3:c1:1d:10:16:2e:68:
                    8a:91:14:4b:d4:ca:38:c8:c1:c2:ef:1a:d9:91:90:
                    2a:47:8a:dd:36:24:f9:e8:c5:ea:e5:ac:b9:a5:fe:
                    fd:6e:1d:df:f3:e0:b3:b8:64:20:4a:bf:4d:c5:8d:
                    3f:53:51:2b:e3:03:46:17:37:02:9e:d4:70:fa:d8:
                    60:62:34:02:2c:b3:5f:eb:8e:e9:9e:de:45:1f:e9:
                    86:86:4e:4e:98:05:0a:9e:1a:0c:31:6e:c7:1c:47:
                    08:1d:78:77:04:6d:9e:23:c0:e6:54:3b:83:6e:d9:
                    f7:80:f8:f2:43:7b:b7:48:7d:08:5d:76:57:11:d1:
                    e2:52:17:43:8f:bb:42:34:29:d6:98:5f:2a:17:49:
                    09:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage:
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier:
                C0:6B:C4:87:73:E6:44:95:BF:A9:EF:E5:A9:67:76:01:21:7D:DC:D3
            X509v3 Authority Key Identifier:
                keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1

            Authority Information Access:
                OCSP - URI:http://ocsp.int-x3.letsencrypt.org
                CA Issuers - URI:http://cert.int-x3.letsencrypt.org/

            X509v3 Subject Alternative Name:
                DNS:login.dev.nutmeg.co.uk
            X509v3 Certificate Policies:
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.44947.1.1.1
                  CPS: http://cps.letsencrypt.org

            CT Precertificate SCTs:
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
                                37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
                    Timestamp : Nov  6 13:48:31.545 2020 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:1C:D1:CA:8D:73:2B:E2:4F:3E:3A:D2:56:
                                0C:ED:7D:1F:F4:FA:30:6B:11:92:AE:A8:DF:B1:A0:A1:
                                9A:3F:D9:F5:02:20:67:70:51:36:4F:07:B0:37:7A:A1:
                                6A:76:AE:31:3C:70:55:7C:D1:06:B7:6A:6B:A8:17:E3:
                                2D:F6:BE:89:0D:28
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:3E:F2:F8:8F:FF:88:55:68:24:C2:C0:CA:9E:52:89:
                                79:2B:C5:0E:78:09:7F:2E:6A:97:68:99:7E:22:F0:D7
                    Timestamp : Nov  6 13:48:31.615 2020 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:A3:6F:2B:6B:7B:D5:10:E4:FE:C2:66:
                                95:71:E3:BA:A4:8B:34:00:77:4F:5B:AE:DE:9E:F7:45:
                                52:5C:B8:22:E7:02:20:53:C5:89:0F:2F:1D:65:20:E4:
                                5D:F1:E0:10:E7:3A:CC:C8:D8:44:C2:1A:74:E8:0D:25:
                                77:7F:D7:C6:D6:DF:E3
    Signature Algorithm: sha256WithRSAEncryption
         4d:64:00:85:b4:fe:0b:f2:3c:c5:6e:9c:86:cb:ed:1a:5d:10:
         3c:2a:8e:ee:34:b6:3f:c7:af:8e:77:c5:be:cc:2f:eb:a1:29:
         4d:10:06:2d:d4:7c:13:44:f3:6f:4c:e7:4c:f1:26:25:0e:74:
         8c:ff:63:c1:9d:2a:e8:11:78:6b:ae:16:bd:33:2a:25:66:5f:
         8b:8d:86:03:24:0c:eb:97:91:92:5d:f0:bc:64:21:3a:86:74:
         8e:78:7c:c8:f2:81:87:65:79:31:96:fb:e5:e6:a0:8c:2a:8d:
         fd:e5:d3:0f:fe:f9:b8:72:18:08:33:19:e9:6b:f1:e7:ca:58:
         be:cd:4b:4e:5d:98:dd:3b:ed:df:e0:1b:e3:80:7d:d2:cf:18:
         d0:e5:76:f9:a5:01:99:02:3c:b1:58:ca:35:02:b3:99:20:49:
         31:9c:f9:b8:92:b9:98:84:96:61:44:61:ba:a0:29:de:4c:b6:
         97:04:e6:43:06:3f:9f:bf:b0:9e:73:85:2f:18:2c:11:be:a6:
         86:23:29:e3:ae:7c:9e:58:f6:d4:bc:4b:02:55:f7:47:a7:d1:
         9e:d8:f0:3f:4b:08:30:44:62:7a:43:59:53:2d:67:12:70:da:
         3a:38:16:1d:04:4c:9f:2d:a5:0f:0c:2b:b0:f0:e8:4d:1e:55:
         c9:cd:21:db

(summary: Use OpenSSL to parse the OCSP request and find the serial number; fetch the certificate corresponding to that serial number; use OpenSSL to parse that certificate)

Thanks @jsha, that is a really useful insight! It looks like I had two copies of the certificate, an old and a new and the old one was failing. Thank you very much for helping with this.