It produced this output:
/etc/letsencrypt/live/agences-cegee.fr/cert.pem: good
This Update: Oct 11 15:00:00 2019 GMT
Next Update: Oct 18 15:00:00 2019 GMT
I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
So When checking OCSP via a shel command, I have a good OCSP verification. Nonetheless when I run Nessus on my server to detect vulnerabilities it produces this :
The following certificate was part of the certificate chain
sent by the remote host, but it has an invalid OCSPResponse
signature :
|-Subject : C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
|-OCSP Signature :
As this is part of securing the server and I expect my client will run security audits on it in the future, I’m trying to plug any vulnerability or perceived vulnerability, and I’m pretty sure I’m gonna get heat for this on account of the title of this one ’ SSL Certificate Cannot Be Trusted’
Any idea of what’s happening for the OCSP not being properly verified nny Nessus ?
I could be that there's an error with it, and you're right, i'd better check in their forums, but i wanted first to check here to see if the problem could be related to my cert install/signature
The OCSP response that Nessus is complaining about is the one for the Let's Encrypt intermediate (Let's Encrypt Authority X3) - not your server's certificate.
$ openssl ocsp -no_nonce -url "http://isrg.trustid.ocsp.identrust.com" -header Host="isrg.trustid.ocsp.identrust.com" -issuer 8395.crt -cert 15706126.crt -text
OCSP Request Data:
Version: 1 (0x0)
Requestor List:
Certificate ID:
Hash Algorithm: sha1
Issuer Name Hash: 6FF4684D4312D24862819CC02B3D472C1D8A2FA6
Issuer Key Hash: C4A7B1A47B2C71FADBE14B9075FFC41560858910
Serial Number: 0A0141420000015385736A0B85ECA708
OCSP Response Data:
OCSP Response Status: successful (0x0)
Response Type: Basic OCSP Response
Version: 1 (0x0)
Responder Id: EFCA20D6D47A4AF521F34994181B752891ABE6C9
Produced At: Oct 14 10:34:01 2019 GMT
Responses:
Certificate ID:
Hash Algorithm: sha1
Issuer Name Hash: 6FF4684D4312D24862819CC02B3D472C1D8A2FA6
Issuer Key Hash: C4A7B1A47B2C71FADBE14B9075FFC41560858910
Serial Number: 0A0141420000015385736A0B85ECA708
Cert Status: good
This Update: Oct 14 10:34:01 2019 GMT
Next Update: Oct 21 10:34:01 2019 GMT
Signature Algorithm: sha1WithRSAEncryption
ac:41:7b:8a:ac:fc:72:c8:b0:8d:96:f6:e0:47:85:cf:fd:35:
ce:8d:5b:c9:eb:05:25:2c:33:f3:19:5c:89:f6:8b:2c:5a:15:
ed:79:a8:9a:9e:63:bf:8c:a0:e4:b0:47:96:db:41:b2:9e:23:
78:9b:62:9f:dc:a4:cc:cd:f4:89:a5:1a:0b:63:ef:15:07:68:
81:08:a2:12:28:40:fe:9f:30:8f:57:a5:28:25:be:48:34:8a:
65:3e:ea:2c:1b:fc:b5:e7:3a:5a:0f:fd:79:23:f7:fb:7f:17:
fa:6a:69:63:6f:35:f0:70:62:db:6b:f4:e3:0f:99:2c:a5:7b:
cb:b7:f4:a4:89:8c:d1:13:e1:8c:85:c0:1c:c1:e7:aa:73:65:
da:c3:e6:7e:83:bd:c1:ea:2c:ea:2d:7a:33:ee:0b:a6:53:20:
d2:9e:4e:1e:49:93:2a:79:70:64:f1:25:e1:05:74:f4:bb:03:
29:0a:ed:a9:65:38:d8:98:76:ab:b3:9f:76:4b:e8:be:ac:ad:
47:7d:3b:08:8e:fc:8a:a2:da:9a:a7:1f:e7:e7:0b:52:91:54:
28:84:76:37:ba:74:3e:e8:ea:67:b6:4f:cd:c7:12:98:56:54:
f4:2b:73:3d:16:d2:ad:55:64:43:87:8c:2a:28:67:1f:9b:3d:
19:ff:e4:57
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:01:6a:50:e4:37:48:e9:cc:4c:98:0f:43:11:08:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: O=Digital Signature Trust Co., CN=DST Root CA X3
Validity
Not Before: Sep 18 19:00:00 2019 GMT
Not After : Oct 18 19:00:00 2019 GMT
Subject: C=US, O=Digital Signature Trust, OU=DST, CN=DST CA X3 OCSP Signer/emailAddress=pki-ops@IdenTrust.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:43:23:ad:90:aa:1b:e1:85:7d:fc:3e:8a:d0:
f8:ed:ed:72:c3:86:1d:de:50:af:82:25:62:95:62:
cf:b9:f7:99:6d:68:be:d0:a9:4f:af:14:a1:83:63:
9b:3f:d3:e6:31:5f:f2:f2:19:4f:ff:da:d8:d1:39:
ea:4b:c0:36:49:f1:23:4f:bd:d2:36:5c:00:e2:60:
cb:c3:60:7e:f3:35:cf:9b:26:d9:21:79:90:da:c2:
a1:3b:de:e7:59:fe:46:63:6f:62:bc:7d:98:8d:ca:
9f:6e:7a:b4:b9:56:bd:ce:ea:88:c6:db:00:46:e4:
96:e4:7b:e3:32:85:34:a0:a1:cd:94:41:49:74:84:
e6:fb:16:ed:12:15:8d:73:8e:01:6c:67:51:13:a4:
76:e9:ef:92:50:37:af:dc:ed:0a:29:64:6b:99:1d:
60:91:c2:c8:89:8d:2f:7b:df:09:5e:4e:ec:13:0c:
25:2d:98:ca:2f:2d:10:7a:b9:7c:77:16:39:c5:b2:
54:46:77:af:28:b6:2e:be:67:e1:ab:fc:16:4b:3d:
36:fb:a1:78:72:c5:42:39:cf:0c:64:7b:98:88:4c:
66:d8:b5:92:c9:f3:9c:54:8e:b3:b8:06:74:b4:f5:
ed:e2:80:a3:ae:b7:b8:31:6e:65:ac:37:b6:74:c8:
10:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Key Usage: critical
Digital Signature
OCSP No Check:
X509v3 Extended Key Usage:
OCSP Signing
Signature Algorithm: sha256WithRSAEncryption
bf:6e:77:22:d2:6d:2f:8e:4a:de:6d:1a:45:81:0c:a8:9a:ba:
ac:8d:16:10:30:65:43:44:e7:31:c9:90:35:d3:c9:51:34:a1:
47:ec:75:c9:42:e4:c9:c5:94:66:1a:2a:6b:c8:b6:e8:ba:15:
c6:66:89:31:14:9a:6f:01:6e:40:47:75:d1:03:1e:62:cd:ce:
6e:3f:ac:47:64:6a:ad:f0:1b:65:62:bb:3e:a7:42:84:55:19:
4c:fe:1a:e2:f4:66:b7:74:f8:83:78:fe:c6:94:29:fe:8e:4f:
88:7c:01:c2:89:da:f1:b3:dd:08:b2:30:f9:a9:1a:d1:4b:97:
32:d8:d5:b4:e5:1d:45:bc:5c:fb:a2:99:8c:e9:92:c4:7d:9d:
0b:c1:aa:4d:85:a8:d0:86:17:8f:0b:e6:2b:87:2d:9c:8a:2f:
0b:8c:0e:26:f6:bc:f2:08:d5:16:09:80:89:11:82:8a:8d:c4:
f2:00:fd:c3:ba:8a:70:a7:85:b5:be:a5:33:1e:19:cb:97:df:
48:99:77:6d:fa:84:31:a5:46:45:45:7c:60:f6:c7:48:f7:68:
6b:85:0f:68:43:2f:41:37:66:4e:b1:87:68:d9:11:da:6e:2b:
a2:aa:8f:dd:1e:00:c0:dc:dc:6d:35:29:55:a5:7f:a4:ba:d0:
13:8b:b7:45
-----BEGIN CERTIFICATE-----
MIIDkzCCAnugAwIBAgIQQAFqUOQ3SOnMTJgPQxEIUjANBgkqhkiG9w0BAQsFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTE5MDkxODE5MDAwMFoXDTE5MTAxODE5MDAwMFow
gYMxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdEaWdpdGFsIFNpZ25hdHVyZSBUcnVz
dDEMMAoGA1UECxMDRFNUMR4wHAYDVQQDExVEU1QgQ0EgWDMgT0NTUCBTaWduZXIx
JDAiBgkqhkiG9w0BCQEWFXBraS1vcHNASWRlblRydXN0LmNvbTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBALJDI62QqhvhhX38PorQ+O3tcsOGHd5Qr4Il
YpViz7n3mW1ovtCpT68UoYNjmz/T5jFf8vIZT//a2NE56kvANknxI0+90jZcAOJg
y8NgfvM1z5sm2SF5kNrCoTve51n+RmNvYrx9mI3Kn256tLlWvc7qiMbbAEbkluR7
4zKFNKChzZRBSXSE5vsW7RIVjXOOAWxnUROkdunvklA3r9ztCilka5kdYJHCyImN
L3vfCV5O7BMMJS2Yyi8tEHq5fHcWOcWyVEZ3ryi2Lr5n4av8Fks9NvuheHLFQjnP
DGR7mIhMZti1ksnznFSOs7gGdLT17eKAo663uDFuZaw3tnTIENECAwEAAaNGMEQw
DAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDwYJKwYBBQUHMAEFBAIFADAT
BgNVHSUEDDAKBggrBgEFBQcDCTANBgkqhkiG9w0BAQsFAAOCAQEAv253ItJtL45K
3m0aRYEMqJq6rI0WEDBlQ0TnMcmQNdPJUTShR+x1yULkycWUZhoqa8i26LoVxmaJ
MRSabwFuQEd10QMeYs3Obj+sR2RqrfAbZWK7PqdChFUZTP4a4vRmt3T4g3j+xpQp
/o5PiHwBwona8bPdCLIw+aka0UuXMtjVtOUdRbxc+6KZjOmSxH2dC8GqTYWo0IYX
jwvmK4ctnIovC4wOJva88gjVFgmAiRGCio3E8gD9w7qKcKeFtb6lMx4Zy5ffSJl3
bfqEMaVGRUV8YPbHSPdoa4UPaEMvQTdmTrGHaNkR2m4roqqP3R4AwNzcbTUpVaV/
pLrQE4u3RQ==
-----END CERTIFICATE-----
Response verify OK
15706126.crt: good
This Update: Oct 14 10:34:01 2019 GMT
Next Update: Oct 21 10:34:01 2019 GMT
Tracing the error message back, it seems like Nessus is expecting the signature to come from a different key.
What's special about the OCSP response from the DST CA is that it uses a dedicated OCSP signing certificate, rather than signing the response from the issuer, like Let's Encrypt does. It includes this additional certificate in the OCSP response itself.
The version of Nessus I have (8.7.2) handles that properly in its SSL Chain Analysis plugin (57571) and is happy with the OCSP response.
Perhaps an older version might not handle it so gracefully?
As @JuergenAuer suggested, if this issue also affects other sites that also use the DST-signed Let's Encrypt X3 indermediate, the problem is probably with the Nessus plugin.