I’ve just tried to verify the OCSP response but was unable so far. The certificate itself verifies successfully on the local certificate chain, but the OCSP part is somehow broken.
Intermediate Certificate verification:
#> openssl verify chain1.pem chain1.pem: OK
Server Certificate verification via Intermediate Cert:
#> openssl verify -CAfile chain1.pem cert1.pem cert1.pem: OK
And the local Root CA Certificate:
#> openssl x509 -noout -issuer_hash -in chain1.pem 2e5ac55d #> ls -l /etc/ssl/certs/2e5ac55d* | cut -d ' ' -f 9-11 /etc/ssl/certs/2e5ac55d.0 -> DST_Root_CA_X3.pem
So all certificates for the chain are there and working fine (locally).
Now the OCSP Verification:
First extract the OCSP URI from the server certificate:
#> openssl x509 -noout -ocsp_uri -in cert1.pem http://ocsp.int-x1.letsencrypt.org/
Now we use this URI in our OCSP request line:
#> openssl ocsp -no_nonce \ -header Host ocsp.int-x1.letsencrypt.org \ -url http://ocsp.int-x1.letsencrypt.org/ \ -issuer chain1.pem \ -CAfile chain1.pem \ -cert cert1.pem Response Verify Failure 140406376715920:error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found:ocsp_vfy.c:85: cert1.pem: good This Update: Dec 15 22:00:00 2015 GMT Next Update: Dec 22 22:00:00 2015 GMT
As you can see, the certificate was proven good, but the response could not be verified.
The extended output shows a bit more information of what’s going on.
Here’s the OCSP Request that was sent to the OCSP responder:
OCSP Request Data: Version: 1 (0x0) Requestor List: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: BC5772E2797C56E39994598D75A4A3D24C4C85C5 Issuer Key Hash: A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1 Serial Number: ****
And the OCSP Response that was received:
OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X1 Produced At: Dec 15 22:30:00 2015 GMT Responses: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: BC5772E2797C56E39994598D75A4A3D24C4C85C5 Issuer Key Hash: A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1 Serial Number: **** Cert Status: good This Update: Dec 15 22:00:00 2015 GMT Next Update: Dec 22 22:00:00 2015 GMT Signature Algorithm: sha256WithRSAEncryption
Now comes a biggie. The OCSP Responder Id is the “CN = Let’s Encrypt Authority X1” certificate. In other words the intermediate certificate we have locally. Unfortunately this certificate does not have the X509v3 Extended Key Usage support for OCSP Signing.
Usually a special OCSP responder certificate is signed by the intermediate certificate and then used for OCSP response signing. It then is attached to the OCSP response so that the whole cert chain can be verified.
I’ve tested the whole steps with the certificate from http://wikipedia.org and everything is working fine over there.