]>
Commit | Line | Data |
---|---|---|
13938ace DSH |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
fa1194d3 | 5 | verify - Utility to verify certificates. |
13938ace DSH |
6 | |
7 | =head1 SYNOPSIS | |
8 | ||
9 | B<openssl> B<verify> | |
169394d4 | 10 | [B<-help>] |
13938ace | 11 | [B<-CAfile file>] |
2866441a | 12 | [B<-CApath directory>] |
40e2d76b MC |
13 | [B<-no-CAfile>] |
14 | [B<-no-CApath>] | |
2866441a | 15 | [B<-attime timestamp>] |
cd028c8e | 16 | [B<-check_ss_sig>] |
8332f91c | 17 | [B<-CRLfile file>] |
79a55b1f | 18 | [B<-crl_download>] |
e5fa864f DSH |
19 | [B<-crl_check>] |
20 | [B<-crl_check_all>] | |
feb2f53e | 21 | [B<-engine id>] |
e5fa864f | 22 | [B<-explicit_policy>] |
e5fa864f | 23 | [B<-extended_crl>] |
2866441a HK |
24 | [B<-ignore_critical>] |
25 | [B<-inhibit_any>] | |
26 | [B<-inhibit_map>] | |
5a1f853b | 27 | [B<-no_check_time>] |
cd028c8e | 28 | [B<-partial_chain>] |
2866441a HK |
29 | [B<-policy arg>] |
30 | [B<-policy_check>] | |
31 | [B<-policy_print>] | |
32 | [B<-purpose purpose>] | |
cd028c8e HK |
33 | [B<-suiteB_128>] |
34 | [B<-suiteB_128_only>] | |
35 | [B<-suiteB_192>] | |
2866441a | 36 | [B<-trusted_first>] |
fa7b0111 | 37 | [B<-no_alt_chains>] |
2866441a | 38 | [B<-untrusted file>] |
79a55b1f | 39 | [B<-trusted file>] |
2866441a | 40 | [B<-use_deltas>] |
13938ace | 41 | [B<-verbose>] |
fbb82a60 | 42 | [B<-auth_level level>] |
cd028c8e HK |
43 | [B<-verify_depth num>] |
44 | [B<-verify_email email>] | |
45 | [B<-verify_hostname hostname>] | |
46 | [B<-verify_ip ip>] | |
47 | [B<-verify_name name>] | |
2866441a | 48 | [B<-x509_strict>] |
7f3f41d8 | 49 | [B<-show_chain>] |
13938ace DSH |
50 | [B<->] |
51 | [certificates] | |
52 | ||
13938ace DSH |
53 | =head1 DESCRIPTION |
54 | ||
55 | The B<verify> command verifies certificate chains. | |
56 | ||
57 | =head1 COMMAND OPTIONS | |
58 | ||
59 | =over 4 | |
60 | ||
169394d4 MR |
61 | =item B<-help> |
62 | ||
63 | Print out a usage message. | |
64 | ||
2866441a HK |
65 | =item B<-CAfile file> |
66 | ||
feb2f53e VD |
67 | A B<file> of trusted certificates. |
68 | The file should contain one or more certificates in PEM format. | |
2866441a | 69 | |
13938ace DSH |
70 | =item B<-CApath directory> |
71 | ||
72 | A directory of trusted certificates. The certificates should have names | |
73 | of the form: hash.0 or have symbolic links to them of this | |
74 | form ("hash" is the hashed certificate subject name: see the B<-hash> option | |
75 | of the B<x509> utility). Under Unix the B<c_rehash> script will automatically | |
76 | create symbolic links to a directory of certificates. | |
77 | ||
40e2d76b MC |
78 | =item B<-no-CAfile> |
79 | ||
80 | Do not load the trusted CA certificates from the default file location | |
81 | ||
82 | =item B<-no-CApath> | |
83 | ||
84 | Do not load the trusted CA certificates from the default directory location | |
85 | ||
2866441a | 86 | =item B<-attime timestamp> |
13938ace | 87 | |
2866441a HK |
88 | Perform validation checks using time specified by B<timestamp> and not |
89 | current system time. B<timestamp> is the number of seconds since | |
90 | 01.01.1970 (UNIX time). | |
13938ace | 91 | |
2866441a | 92 | =item B<-check_ss_sig> |
13938ace | 93 | |
2866441a HK |
94 | Verify the signature on the self-signed root CA. This is disabled by default |
95 | because it doesn't add any security. | |
13938ace | 96 | |
8332f91c | 97 | =item B<-CRLfile file> |
fc1d88f0 | 98 | |
feb2f53e VD |
99 | The B<file> should contain one or more CRLs in PEM format. |
100 | This option can be specified more than once to include CRLs from multiple | |
101 | B<files>. | |
fc1d88f0 | 102 | |
79a55b1f MC |
103 | =item B<-crl_download> |
104 | ||
105 | Attempt to download CRL information for this certificate. | |
106 | ||
2866441a | 107 | =item B<-crl_check> |
6d3d5793 | 108 | |
2866441a HK |
109 | Checks end entity certificate validity by attempting to look up a valid CRL. |
110 | If a valid CRL cannot be found an error occurs. | |
6d3d5793 | 111 | |
2866441a | 112 | =item B<-crl_check_all> |
13938ace | 113 | |
2866441a HK |
114 | Checks the validity of B<all> certificates in the chain by attempting |
115 | to look up valid CRLs. | |
116 | ||
feb2f53e VD |
117 | =item B<-engine id> |
118 | ||
119 | Specifying an engine B<id> will cause L<verify(1)> to attempt to load the | |
120 | specified engine. | |
121 | The engine will then be set as the default for all its supported algorithms. | |
122 | If you want to load certificates or CRLs that require engine support via any of | |
123 | the B<-trusted>, B<-untrusted> or B<-CRLfile> options, the B<-engine> option | |
124 | must be specified before those options. | |
125 | ||
2866441a HK |
126 | =item B<-explicit_policy> |
127 | ||
128 | Set policy variable require-explicit-policy (see RFC5280). | |
129 | ||
130 | =item B<-extended_crl> | |
131 | ||
132 | Enable extended CRL features such as indirect CRLs and alternate CRL | |
133 | signing keys. | |
13938ace | 134 | |
2866441a | 135 | =item B<-ignore_critical> |
13938ace | 136 | |
2866441a HK |
137 | Normally if an unhandled critical extension is present which is not |
138 | supported by OpenSSL the certificate is rejected (as required by RFC5280). | |
139 | If this option is set critical extensions are ignored. | |
140 | ||
141 | =item B<-inhibit_any> | |
142 | ||
143 | Set policy variable inhibit-any-policy (see RFC5280). | |
144 | ||
145 | =item B<-inhibit_map> | |
146 | ||
147 | Set policy variable inhibit-policy-mapping (see RFC5280). | |
13938ace | 148 | |
5a1f853b RS |
149 | =item B<-no_check_time> |
150 | ||
1bc74519 RS |
151 | This option suppresses checking the validity period of certificates and CRLs |
152 | against the current time. If option B<-attime timestamp> is used to specify | |
5a1f853b RS |
153 | a verification time, the check is not suppressed. |
154 | ||
2866441a | 155 | =item B<-partial_chain> |
9ed03faa | 156 | |
feb2f53e VD |
157 | Allow verification to succeed even if a I<complete> chain cannot be built to a |
158 | self-signed trust-anchor, provided it is possible to construct a chain to a | |
159 | trusted certificate that might not be self-signed. | |
9ed03faa | 160 | |
e5fa864f DSH |
161 | =item B<-policy arg> |
162 | ||
3a778a29 BL |
163 | Enable policy processing and add B<arg> to the user-initial-policy-set (see |
164 | RFC5280). The policy B<arg> can be an object name an OID in numeric form. | |
165 | This argument can appear more than once. | |
e5fa864f DSH |
166 | |
167 | =item B<-policy_check> | |
168 | ||
169 | Enables certificate policy processing. | |
170 | ||
e5fa864f DSH |
171 | =item B<-policy_print> |
172 | ||
3a778a29 | 173 | Print out diagnostics related to policy processing. |
e5fa864f | 174 | |
2866441a | 175 | =item B<-purpose purpose> |
e5fa864f | 176 | |
2866441a HK |
177 | The intended use for the certificate. If this option is not specified, |
178 | B<verify> will not consider certificate purpose during chain verification. | |
179 | Currently accepted uses are B<sslclient>, B<sslserver>, B<nssslserver>, | |
180 | B<smimesign>, B<smimeencrypt>. See the B<VERIFY OPERATION> section for more | |
181 | information. | |
e5fa864f | 182 | |
2866441a | 183 | =item B<-suiteB_128_only>, B<-suiteB_128>, B<-suiteB_192> |
e5fa864f | 184 | |
2866441a HK |
185 | enable the Suite B mode operation at 128 bit Level of Security, 128 bit or |
186 | 192 bit, or only 192 bit Level of Security respectively. | |
187 | See RFC6460 for details. In particular the supported signature algorithms are | |
188 | reduced to support only ECDSA and SHA256 or SHA384 and only the elliptic curves | |
189 | P-256 and P-384. | |
e5fa864f | 190 | |
2866441a | 191 | =item B<-trusted_first> |
e5fa864f | 192 | |
feb2f53e VD |
193 | When constructing the certificate chain, use the trusted certificates specified |
194 | via B<-CAfile>, B<-CApath> or B<-trusted> before any certificates specified via | |
195 | B<-untrusted>. | |
196 | This can be useful in environments with Bridge or Cross-Certified CAs. | |
0daccd4d | 197 | As of OpenSSL 1.1.0 this option is on by default and cannot be disabled. |
e5fa864f | 198 | |
fa7b0111 MC |
199 | =item B<-no_alt_chains> |
200 | ||
0daccd4d VD |
201 | By default, unless B<-trusted_first> is specified, when building a certificate |
202 | chain, if the first certificate chain found is not trusted, then OpenSSL will | |
203 | attempt to replace untrusted issuer certificates with certificates from the | |
204 | trust store to see if an alternative chain can be found that is trusted. | |
205 | As of OpenSSL 1.1.0, with B<-trusted_first> always on, this option has no | |
206 | effect. | |
fa7b0111 | 207 | |
2866441a | 208 | =item B<-untrusted file> |
e5fa864f | 209 | |
feb2f53e | 210 | A B<file> of additional untrusted certificates (intermediate issuer CAs) used |
35ed393e | 211 | to construct a certificate chain from the subject certificate to a trust-anchor. |
feb2f53e VD |
212 | The B<file> should contain one or more certificates in PEM format. |
213 | This option can be specified more than once to include untrusted certiificates | |
214 | from multiple B<files>. | |
e5fa864f | 215 | |
79a55b1f MC |
216 | =item B<-trusted file> |
217 | ||
feb2f53e VD |
218 | A B<file> of trusted certificates, which must be self-signed, unless the |
219 | B<-partial_chain> option is specified. | |
220 | The B<file> contain one or more certificates in PEM format. | |
221 | With this option, no additional (e.g., default) certificate lists are | |
222 | consulted. | |
223 | That is, the only trust-anchors are those listed in B<file>. | |
224 | This option can be specified more than once to include trusted certificates | |
225 | from multiple B<files>. | |
226 | This option implies the B<-no-CAfile> and B<-no-CApath> options. | |
227 | This option cannot be used in combination with either of the B<-CAfile> or | |
228 | B<-CApath> options. | |
79a55b1f | 229 | |
e5fa864f DSH |
230 | =item B<-use_deltas> |
231 | ||
232 | Enable support for delta CRLs. | |
233 | ||
2866441a | 234 | =item B<-verbose> |
cd028c8e | 235 | |
2866441a | 236 | Print extra information about the operations being performed. |
cd028c8e | 237 | |
fbb82a60 VD |
238 | =item B<-auth_level level> |
239 | ||
240 | Set the certificate chain authentication security level to B<level>. | |
241 | The authentication security level determines the acceptable signature and | |
242 | public key strength when verifying certificate chains. | |
243 | For a certificate chain to validate, the public keys of all the certificates | |
244 | must meet the specified security B<level>. | |
245 | The signature algorithm security level is enforced for all the certificates in | |
246 | the chain except for the chain's I<trust anchor>, which is either directly | |
247 | trusted or validated by means other than its signature. | |
248 | See L<SSL_CTX_set_security_level(3)> for the definitions of the available | |
249 | levels. | |
250 | The default security level is -1, or "not set". | |
251 | At security level 0 or lower all algorithms are acceptable. | |
252 | Security level 1 requires at least 80-bit-equivalent security and is broadly | |
253 | interoperable, though it will, for example, reject MD5 signatures or RSA keys | |
254 | shorter than 1024 bits. | |
255 | ||
cd028c8e HK |
256 | =item B<-verify_depth num> |
257 | ||
fbb82a60 VD |
258 | Limit the certificate chain to B<num> intermediate CA certificates. |
259 | A maximal depth chain can have up to B<num+2> certificates, since neither the | |
260 | end-entity certificate nor the trust-anchor certificate count against the | |
261 | B<-verify_depth> limit. | |
cd028c8e HK |
262 | |
263 | =item B<-verify_email email> | |
264 | ||
265 | Verify if the B<email> matches the email address in Subject Alternative Name or | |
115e4809 | 266 | the email in the subject Distinguished Name. |
cd028c8e HK |
267 | |
268 | =item B<-verify_hostname hostname> | |
269 | ||
270 | Verify if the B<hostname> matches DNS name in Subject Alternative Name or | |
271 | Common Name in the subject certificate. | |
272 | ||
273 | =item B<-verify_ip ip> | |
274 | ||
275 | Verify if the B<ip> matches the IP address in Subject Alternative Name of | |
276 | the subject certificate. | |
277 | ||
278 | =item B<-verify_name name> | |
279 | ||
feb2f53e | 280 | Use default verification policies like trust model and required certificate |
cd028c8e | 281 | policies identified by B<name>. |
0daccd4d VD |
282 | The trust model determines which auxiliary trust or reject OIDs are applicable |
283 | to verifying the given certificate chain. | |
284 | See the B<-addtrust> and B<-addreject> options of the L<x509(1)> command-line | |
285 | utility. | |
feb2f53e VD |
286 | Supported policy names include: B<default>, B<pkcs7>, B<smime_sign>, |
287 | B<ssl_client>, B<ssl_server>. | |
0daccd4d VD |
288 | These mimics the combinations of purpose and trust settings used in SSL, CMS |
289 | and S/MIME. | |
290 | As of OpenSSL 1.1.0, the trust model is inferred from the purpose when not | |
291 | specified, so the B<-verify_name> options are functionally equivalent to the | |
292 | corresponding B<-purpose> settings. | |
cd028c8e | 293 | |
2866441a HK |
294 | =item B<-x509_strict> |
295 | ||
296 | For strict X.509 compliance, disable non-compliant workarounds for broken | |
297 | certificates. | |
298 | ||
7f3f41d8 MC |
299 | =item B<-show_chain> |
300 | ||
301 | Display information about the certificate chain that has been built (if | |
302 | successful). Certificates in the chain that came from the untrusted list will be | |
303 | flagged as "untrusted". | |
304 | ||
13938ace DSH |
305 | =item B<-> |
306 | ||
3a778a29 | 307 | Indicates the last option. All arguments following this are assumed to be |
7b418a47 DSH |
308 | certificate files. This is useful if the first certificate filename begins |
309 | with a B<->. | |
13938ace DSH |
310 | |
311 | =item B<certificates> | |
312 | ||
3a778a29 BL |
313 | One or more certificates to verify. If no certificates are given, B<verify> |
314 | will attempt to read a certificate from standard input. Certificates must be | |
315 | in PEM format. | |
13938ace DSH |
316 | |
317 | =back | |
318 | ||
319 | =head1 VERIFY OPERATION | |
320 | ||
321 | The B<verify> program uses the same functions as the internal SSL and S/MIME | |
322 | verification, therefore this description applies to these verify operations | |
323 | too. | |
324 | ||
325 | There is one crucial difference between the verify operations performed | |
326 | by the B<verify> program: wherever possible an attempt is made to continue | |
327 | after an error whereas normally the verify operation would halt on the | |
328 | first error. This allows all the problems with a certificate chain to be | |
329 | determined. | |
330 | ||
331 | The verify operation consists of a number of separate steps. | |
332 | ||
333 | Firstly a certificate chain is built up starting from the supplied certificate | |
feb2f53e VD |
334 | and ending in the root CA. |
335 | It is an error if the whole chain cannot be built up. | |
336 | The chain is built up by looking up the issuers certificate of the current | |
337 | certificate. | |
338 | If a certificate is found which is its own issuer it is assumed to be the root | |
339 | CA. | |
340 | ||
341 | The process of 'looking up the issuers certificate' itself involves a number of | |
342 | steps. | |
343 | Ater all certificates whose subject name matches the issuer name of the current | |
344 | certificate are subject to further tests. | |
345 | The relevant authority key identifier components of the current certificate (if | |
346 | present) must match the subject key identifier (if present) and issuer and | |
347 | serial number of the candidate issuer, in addition the keyUsage extension of | |
348 | the candidate issuer (if present) must permit certificate signing. | |
709e8595 | 349 | |
13938ace | 350 | The lookup first looks in the list of untrusted certificates and if no match |
19d2bb57 | 351 | is found the remaining lookups are from the trusted certificates. The root CA |
13938ace DSH |
352 | is always looked up in the trusted certificate list: if the certificate to |
353 | verify is a root certificate then an exact match must be found in the trusted | |
354 | list. | |
355 | ||
356 | The second operation is to check every untrusted certificate's extensions for | |
357 | consistency with the supplied purpose. If the B<-purpose> option is not included | |
358 | then no checks are done. The supplied or "leaf" certificate must have extensions | |
359 | compatible with the supplied purpose and all other certificates must also be valid | |
360 | CA certificates. The precise extensions required are described in more detail in | |
7b418a47 | 361 | the B<CERTIFICATE EXTENSIONS> section of the B<x509> utility. |
13938ace | 362 | |
feb2f53e VD |
363 | The third operation is to check the trust settings on the root CA. The root CA |
364 | should be trusted for the supplied purpose. | |
365 | For compatibility with previous versions of OpenSSL, a certificate with no | |
366 | trust settings is considered to be valid for all purposes. | |
13938ace DSH |
367 | |
368 | The final operation is to check the validity of the certificate chain. The validity | |
369 | period is checked against the current system time and the notBefore and notAfter | |
370 | dates in the certificate. The certificate signatures are also checked at this | |
371 | point. | |
372 | ||
373 | If all operations complete successfully then certificate is considered valid. If | |
374 | any operation fails then the certificate is not valid. | |
375 | ||
7b418a47 DSH |
376 | =head1 DIAGNOSTICS |
377 | ||
378 | When a verify operation fails the output messages can be somewhat cryptic. The | |
379 | general form of the error message is: | |
380 | ||
381 | server.pem: /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit) | |
382 | error 24 at 1 depth lookup:invalid CA certificate | |
383 | ||
384 | The first line contains the name of the certificate being verified followed by | |
385 | the subject name of the certificate. The second line contains the error number | |
386 | and the depth. The depth is number of the certificate being verified when a | |
387 | problem was detected starting with zero for the certificate being verified itself | |
388 | then 1 for the CA that signed the certificate and so on. Finally a text version | |
389 | of the error number is presented. | |
390 | ||
feb2f53e | 391 | An partial list of the error codes and messages is shown below, this also |
7b418a47 DSH |
392 | includes the name of the error code as defined in the header file x509_vfy.h |
393 | Some of the error codes are defined but never returned: these are described | |
394 | as "unused". | |
395 | ||
396 | =over 4 | |
397 | ||
398 | =item B<0 X509_V_OK: ok> | |
399 | ||
400 | the operation was successful. | |
401 | ||
d33def66 VD |
402 | =item B<1 X509_V_ERR_UNSPECIFIED: unspecified certificate verification error> |
403 | ||
404 | unspecified error, should not happen. | |
405 | ||
7b418a47 DSH |
406 | =item B<2 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate> |
407 | ||
7d3d1788 DSH |
408 | the issuer certificate of a looked up certificate could not be found. This |
409 | normally means the list of trusted certificates is not complete. | |
7b418a47 | 410 | |
7c1722c6 | 411 | =item B<3 X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL> |
7b418a47 | 412 | |
db50661f | 413 | the CRL of a certificate could not be found. |
7b418a47 DSH |
414 | |
415 | =item B<4 X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate's signature> | |
416 | ||
417 | the certificate signature could not be decrypted. This means that the actual signature value | |
418 | could not be determined rather than it not matching the expected value, this is only | |
419 | meaningful for RSA keys. | |
420 | ||
19d2bb57 | 421 | =item B<5 X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL's signature> |
7b418a47 DSH |
422 | |
423 | the CRL signature could not be decrypted: this means that the actual signature value | |
424 | could not be determined rather than it not matching the expected value. Unused. | |
425 | ||
426 | =item B<6 X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key> | |
427 | ||
428 | the public key in the certificate SubjectPublicKeyInfo could not be read. | |
429 | ||
430 | =item B<7 X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure> | |
431 | ||
432 | the signature of the certificate is invalid. | |
433 | ||
434 | =item B<8 X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure> | |
435 | ||
db50661f | 436 | the signature of the certificate is invalid. |
7b418a47 DSH |
437 | |
438 | =item B<9 X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid> | |
439 | ||
440 | the certificate is not yet valid: the notBefore date is after the current time. | |
441 | ||
e1c279b6 | 442 | =item B<10 X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired> |
7b418a47 | 443 | |
e1c279b6 | 444 | the certificate has expired: that is the notAfter date is before the current time. |
7b418a47 | 445 | |
e1c279b6 | 446 | =item B<11 X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid> |
7b418a47 | 447 | |
db50661f | 448 | the CRL is not yet valid. |
7b418a47 DSH |
449 | |
450 | =item B<12 X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired> | |
451 | ||
db50661f | 452 | the CRL has expired. |
7b418a47 DSH |
453 | |
454 | =item B<13 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate's notBefore field> | |
455 | ||
456 | the certificate notBefore field contains an invalid time. | |
13938ace | 457 | |
7b418a47 DSH |
458 | =item B<14 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate's notAfter field> |
459 | ||
460 | the certificate notAfter field contains an invalid time. | |
461 | ||
462 | =item B<15 X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL's lastUpdate field> | |
463 | ||
db50661f | 464 | the CRL lastUpdate field contains an invalid time. |
7b418a47 DSH |
465 | |
466 | =item B<16 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL's nextUpdate field> | |
467 | ||
db50661f | 468 | the CRL nextUpdate field contains an invalid time. |
7b418a47 DSH |
469 | |
470 | =item B<17 X509_V_ERR_OUT_OF_MEM: out of memory> | |
471 | ||
19d2bb57 | 472 | an error occurred trying to allocate memory. This should never happen. |
7b418a47 DSH |
473 | |
474 | =item B<18 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate> | |
475 | ||
476 | the passed certificate is self signed and the same certificate cannot be found in the list of | |
477 | trusted certificates. | |
478 | ||
479 | =item B<19 X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain> | |
480 | ||
481 | the certificate chain could be built up using the untrusted certificates but the root could not | |
482 | be found locally. | |
483 | ||
484 | =item B<20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate> | |
485 | ||
7d3d1788 DSH |
486 | the issuer certificate could not be found: this occurs if the issuer |
487 | certificate of an untrusted certificate cannot be found. | |
7b418a47 DSH |
488 | |
489 | =item B<21 X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate> | |
490 | ||
491 | no signatures could be verified because the chain contains only one certificate and it is not | |
492 | self signed. | |
493 | ||
494 | =item B<22 X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long> | |
495 | ||
496 | the certificate chain length is greater than the supplied maximum depth. Unused. | |
497 | ||
498 | =item B<23 X509_V_ERR_CERT_REVOKED: certificate revoked> | |
499 | ||
db50661f | 500 | the certificate has been revoked. |
7b418a47 DSH |
501 | |
502 | =item B<24 X509_V_ERR_INVALID_CA: invalid CA certificate> | |
503 | ||
504 | a CA certificate is invalid. Either it is not a CA or its extensions are not consistent | |
505 | with the supplied purpose. | |
506 | ||
507 | =item B<25 X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded> | |
508 | ||
509 | the basicConstraints pathlength parameter has been exceeded. | |
510 | ||
511 | =item B<26 X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose> | |
512 | ||
513 | the supplied certificate cannot be used for the specified purpose. | |
514 | ||
515 | =item B<27 X509_V_ERR_CERT_UNTRUSTED: certificate not trusted> | |
516 | ||
517 | the root CA is not marked as trusted for the specified purpose. | |
518 | ||
519 | =item B<28 X509_V_ERR_CERT_REJECTED: certificate rejected> | |
520 | ||
521 | the root CA is marked to reject the specified purpose. | |
522 | ||
709e8595 DSH |
523 | =item B<29 X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch> |
524 | ||
d33def66 VD |
525 | Not used as of OpenSSL 1.1.0 as a result of the deprecation of the |
526 | B<-issuer_checks> option. | |
709e8595 DSH |
527 | |
528 | =item B<30 X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch> | |
529 | ||
d33def66 VD |
530 | Not used as of OpenSSL 1.1.0 as a result of the deprecation of the |
531 | B<-issuer_checks> option. | |
709e8595 DSH |
532 | |
533 | =item B<31 X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch> | |
534 | ||
d33def66 VD |
535 | Not used as of OpenSSL 1.1.0 as a result of the deprecation of the |
536 | B<-issuer_checks> option. | |
537 | ||
538 | =item B<32 X509_V_ERR_KEYUSAGE_NO_CERTSIGN: key usage does not include certificate signing> | |
539 | ||
540 | Not used as of OpenSSL 1.1.0 as a result of the deprecation of the | |
541 | B<-issuer_checks> option. | |
542 | ||
543 | =item B<33 X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: unable to get CRL issuer certificate> | |
544 | ||
545 | TBA | |
546 | ||
547 | =item B<34 X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION: unhandled critical extension> | |
548 | ||
549 | TBA | |
550 | ||
551 | =item B<35 X509_V_ERR_KEYUSAGE_NO_CRL_SIGN: key usage does not include CRL signing> | |
552 | ||
553 | TBA | |
554 | ||
555 | =item B<36 X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: unhandled critical CRL extension> | |
556 | ||
557 | TBA | |
558 | ||
559 | =item B<37 X509_V_ERR_INVALID_NON_CA: invalid non-CA certificate has CA markings> | |
560 | ||
561 | TBA | |
562 | ||
563 | =item B<38 X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: proxy path length constraint exceeded> | |
564 | ||
565 | TBA | |
566 | ||
567 | =item B<39 X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE: key usage does not include digital signature> | |
568 | ||
569 | TBA | |
570 | ||
571 | =item B<40 X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: proxy certificates not allowed, please set the appropriate flag> | |
572 | ||
573 | TBA | |
574 | ||
575 | =item B<41 X509_V_ERR_INVALID_EXTENSION: invalid or inconsistent certificate extension> | |
576 | ||
577 | TBA | |
578 | ||
579 | =item B<42 X509_V_ERR_INVALID_POLICY_EXTENSION: invalid or inconsistent certificate policy extension> | |
580 | ||
581 | TBA | |
582 | ||
583 | =item B<43 X509_V_ERR_NO_EXPLICIT_POLICY: no explicit policy> | |
584 | ||
585 | TBA | |
586 | ||
587 | =item B<44 X509_V_ERR_DIFFERENT_CRL_SCOPE: Different CRL scope> | |
588 | ||
589 | TBA | |
590 | ||
591 | =item B<45 X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Unsupported extension feature> | |
592 | ||
593 | TBA | |
594 | ||
595 | =item B<46 X509_V_ERR_UNNESTED_RESOURCE: RFC 3779 resource not subset of parent's resources> | |
596 | ||
597 | TBA | |
598 | ||
599 | =item B<47 X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation> | |
709e8595 | 600 | |
d33def66 | 601 | TBA |
709e8595 | 602 | |
d33def66 VD |
603 | =item B<48 X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation> |
604 | ||
605 | TBA | |
606 | ||
607 | =item B<49 X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not supported> | |
608 | ||
609 | TBA | |
709e8595 | 610 | |
7b418a47 DSH |
611 | =item B<50 X509_V_ERR_APPLICATION_VERIFICATION: application verification failure> |
612 | ||
613 | an application specific error. Unused. | |
614 | ||
d33def66 VD |
615 | =item B<51 X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: unsupported name constraint type> |
616 | ||
617 | TBA | |
618 | ||
619 | =item B<52 X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: unsupported or invalid name constraint syntax> | |
620 | ||
621 | TBA | |
622 | ||
623 | =item B<53 X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: unsupported or invalid name syntax> | |
624 | ||
625 | TBA | |
626 | ||
627 | =item B<54 X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error> | |
628 | ||
629 | TBA | |
630 | ||
631 | =item B<55 X509_V_ERR_PATH_LOOP: Path Loop> | |
632 | ||
633 | TBA | |
634 | ||
635 | =item B<56 X509_V_ERR_SUITE_B_INVALID_VERSION: Suite B: certificate version invalid> | |
636 | ||
637 | TBA | |
638 | ||
639 | =item B<57 X509_V_ERR_SUITE_B_INVALID_ALGORITHM: Suite B: invalid public key algorithm> | |
640 | ||
641 | TBA | |
642 | ||
643 | =item B<58 X509_V_ERR_SUITE_B_INVALID_CURVE: Suite B: invalid ECC curve> | |
644 | ||
645 | TBA | |
646 | ||
647 | =item B<59 X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM: Suite B: invalid signature algorithm> | |
648 | ||
649 | TBA | |
650 | ||
651 | =item B<60 X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED: Suite B: curve not allowed for this LOS> | |
652 | ||
653 | TBA | |
654 | ||
655 | =item B<61 X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256: Suite B: cannot sign P-384 with P-256> | |
656 | ||
657 | TBA | |
658 | ||
659 | =item B<62 X509_V_ERR_HOSTNAME_MISMATCH: Hostname mismatch> | |
660 | ||
661 | TBA | |
662 | ||
663 | =item B<63 X509_V_ERR_EMAIL_MISMATCH: Email address mismatch> | |
664 | ||
665 | TBA | |
666 | ||
667 | =item B<64 X509_V_ERR_IP_ADDRESS_MISMATCH: IP address mismatch> | |
668 | ||
669 | TBA | |
670 | ||
671 | =item B<65 X509_V_ERR_DANE_NO_MATCH: No matching DANE TLSA records> | |
672 | ||
673 | DANE TLSA authentication is enabled, but no TLSA records matched the | |
674 | certificate chain. | |
675 | This error is only possible in L<s_client(1)>. | |
676 | ||
7b418a47 | 677 | =back |
13938ace | 678 | |
709e8595 DSH |
679 | =head1 BUGS |
680 | ||
2af071c0 | 681 | Although the issuer checks are a considerable improvement over the old technique they still |
709e8595 DSH |
682 | suffer from limitations in the underlying X509_LOOKUP API. One consequence of this is that |
683 | trusted certificates with matching subject name must either appear in a file (as specified by the | |
115e4809 | 684 | B<-CAfile> option) or a directory (as specified by B<-CApath>). If they occur in both then only |
709e8595 DSH |
685 | the certificates in the file will be recognised. |
686 | ||
687 | Previous versions of OpenSSL assume certificates with matching subject name are identical and | |
688 | mishandled them. | |
689 | ||
7d3d1788 DSH |
690 | Previous versions of this documentation swapped the meaning of the |
691 | B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT> and | |
692 | B<20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY> error codes. | |
693 | ||
13938ace DSH |
694 | =head1 SEE ALSO |
695 | ||
9b86974e | 696 | L<x509(1)> |
13938ace | 697 | |
fa7b0111 MC |
698 | =head1 HISTORY |
699 | ||
d33def66 VD |
700 | The B<-show_chain> option was first added to OpenSSL 1.1.0. |
701 | ||
702 | The B<-issuer_checks> option is deprecated as of OpenSSL 1.1.0 and | |
703 | is silently ignored. | |
fa7b0111 | 704 | |
13938ace | 705 | =cut |
e2f92610 RS |
706 | |
707 | =head1 COPYRIGHT | |
708 | ||
709 | Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. | |
710 | ||
711 | Licensed under the OpenSSL license (the "License"). You may not use | |
712 | this file except in compliance with the License. You can obtain a copy | |
713 | in the file LICENSE in the source distribution or at | |
714 | L<https://www.openssl.org/source/license.html>. | |
715 | ||
716 | =cut |