Understanding DST Root expiry and the older default cert chain

MikeMcQ · November 8, 2021, 12:37pm

psykid:

Queries:

How do servers know which chain to vend (I am assuming they can vend whatever chain they want)? Or is it on the client side to ask for specific chain?
A: Server admin chooses chain to send in server config

If its on the client side to ask for the type of chain (which I don't think it is), is there a sample c/c++ client code?
A: n/a

If the servers only vend "New default chain", how would non-android devices work (since #3 above applies only for android).
A: They see ISRG Root X1 in the chain, if in their CA trust store they can trust the chain. This cert was issued over 5 years ago so is common in trust stores.

In the "New default chain", since the root CA is still DST Root (which already expired), will calling SSL_get_verify_result on such cert cause errors? (specifically cert expired errors).
A: Depends on openssl version, or in your case BoringSSL which is a fork of openssl.

How is removing the DST root cert from the device is working? How can the system validate the cert without the root with which it got signed? (fyi, I used SSL_CTX_load_verify_locations and gave the /etc/security/cacerts-sha1 as the ca certs folder, so even if there is another file in the system I dont think it should matter).
A: See A to #3

Also see:

Previously posted by petercooperjr but related to Q #4

Topic		Replies	Views
Let encrypt update for dst root ca x3 Help	6	1288	October 2, 2022
Why is LetsEncrypt issuing certificates with the old root Help	4	654	November 6, 2021
Expiring trust anchor, openssl 1.0 Issuance Tech	12	2936	February 26, 2021
Provide a valid certificate chain Help	9	1197	March 30, 2023
Why do Letsencrypt still add the expired root cert? Issuance Tech	19	2838	November 30, 2021

Understanding DST Root expiry and the older default cert chain

Related topics