Skip to main content

Raymii.org Logo (IEC resistor symbol)logo

Quis custodiet ipsos custodes?
Home | About | All pages | RSS Feed | Gopher

OpenSSL: Manually verify a certificate against an OCSP

Published: 07-04-2014 | Author: Remy van Elst | Text only version of this article


Table of Contents


This article shows you how to manually verfify a certificate against an OCSPserver. OCSP stands for the Online Certificate Status Protocol and is one way tovalidate a certificate status. It is an alternative to the CRL, certificaterevocation list.

Compared to CRL's:

You can read more about the OCSP on wikipedia

If you like this article, consider sponsoring me by trying out a Digital OceanVPS. With this link you'll get $100 credit for 60 days). (referral link)

If you want to verify a certificate against a CRL manually you can read myarticle on that here.

We will be using OpenSSL in this article. I'm using the following version:

$ openssl versionOpenSSL 1.0.1g 7 Apr 2014

Get a certificate with an OCSP

First we will need a certificate from a website. I'll be using Wikipedia as anexample here. We can retreive this with the following openssl command:

openssl s_client -connect wikipedia.org:443 2>&1 < /dev/null | sed -n '/-----BEGIN/,/-----END/p'

Save this output to a file, for example, wikipedia.pem:

openssl s_client -connect wikipedia.org:443 2>&1 < /dev/null | sed -n '/-----BEGIN/,/-----END/p' > wikipedia.pem

Now, check if this certificate has an OCSP URI:

openssl x509 -noout -ocsp_uri -in wikipedia.pemhttp://ocsp.digicert.com

If it does not give any output, the certificate has no OCSP URI. You cannotvaldiate it against an OCSP.

Getting the certificate chain

It is required to send the certificate chain along with the certificate you wantto validate. So, we need to get the certificate chain for our domain,wikipedia.org. Using the -showcerts option with openssl s_client, we can seeall the certificates, including the chain:

openssl s_client -connect wikipedia.org:443 -showcerts 2>&1 < /dev/null

Results in a boatload of output, but what we are interested in is the following:

 1 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance CA-3   i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA-----BEGIN CERTIFICATE-----MIIGWDCCBUCgAwIBAgIQCl8RTQNbF5EX0u/UA4w/OzANBgkqhkiG9w0BAQUFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTA4MDQwMjEyMDAwMFoXDTIyMDQwMzAwMDAwMFowZjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTElMCMGA1UEAxMcRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2UgQ0EtMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9hCikQH17+NDdRCPge+yLtYb4LDXBMUGMmdRW5QYiXtvCgFbsIYOBC6AUpEIc2iihlqO8xB3RtNpcvKEZmBMcqeSZ6mdWOw21PoF6tvD2Rwll7XjZswFPPAAgyPhBkWBATaccM7pxCUQD5BUTuJM56H+2MEb0SqPMV9Bx6MWkBG6fmXcCabH4JnudSREoQOiPkm7YDr6ictFuf1EutkozOtREqqjcYjbTCuNhcBoz4/yO9NV7UfD5+gw6RlgWYw7If48hl66l7XaAszPw82W3tzPpLQ4zJ1LilYRyyQLYoEt+5+F/+07LJ7z20Hkt8HEyZNp496+ynaF4d32duXvsCAwEAAaOCAvowggL2MA4GA1UdDwEB/wQEAwIBhjCCAcYGA1UdIASCAb0wggG5MIIBtQYLYIZIAYb9bAEDAAIwggGkMDoGCCsGAQUFBwIBFi5odHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9zc2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYIKwYBBQUHAgIwggFWHoIBUgBBAG4AeQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAgAEMAZQByAHQAaQBmAGkAYwBhAHQAZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAgAGEAYwBjAGUAcAB0AGEAbgBjAGUAIABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBlAHIAdAAgAEMAUAAvAEMAUABTACAAYQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBuAGcAIABQAGEAcgB0AHkAIABBAGcAcgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAgAGwAaQBtAGkAdAAgAGwAaQBhAGIAaQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAgAGkAbgBjAG8AcgBwAG8AcgBhAHQAZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIAByAGUAZgBlAHIAZQBuAGMAZQAuMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wgY8GA1UdHwSBhzCBhDBAoD6gPIY6aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzAdBgNVHQ4EFgQUUOpzidsp+xCPnuUBINTeeZlIg/cwDQYJKoZIhvcNAQEFBQADggEBAB7ipUiebNtTOA/vphoqrOIDQ+2avD6OdRvw/S4iWawTwGHi5/rpmc2HCXVUKL9GYNy+USyS8xuRfDEIcOI3ucFbqL2jCwD7GhX9A61YasXHJJlIR0YxHpLvtF9ONMeQvzHB+LGEhtCcAarfilYGzjrpDq6XdF3XcZpCdF/ejUN83ulV7WkAywXgemFhM9EZTfkI7qA5xSU1tyvED7Ld8aW3DiTEJiiNeXf1L/BXunwH1OH8zVowV36GEEfdMR/X/KLCvzB8XSSq6PmuX2p0ws5rs0bYIb4p1I5eFdZCSucyb6Sxa1GDWL4/bcf72gMhy2oWGU4K8K2Eyl2Us1p292E=-----END CERTIFICATE-----

As you can see, this is number 1. Number 0 is the certificate for Wikipedia, wealready have that. If your site has more certificates in its chain, you will seemore here. Save them all, in the order OpenSSL sends them (as in, first the onewhich directly issued your server certificate, then the one that issues thatcertificate and so on, with the root or most-root at the end of the file) to afile, named chain.pem.

Sending the OCSP request

We now have all the data we need to do an OCSP request. Using the followingOpenssl command we can send an OCSP request and only get the text output:

openssl ocsp -issuer chain.pem -cert wikipedia.pem -text -url http://ocsp.digicert.com

Results in:

OCSP Request Data:    Version: 1 (0x0)    Requestor List:        Certificate ID:          Hash Algorithm: sha1          Issuer Name Hash: ED48ADDDCB7B00E20E842AA9B409F1AC3034CF96          Issuer Key Hash: 50EA7389DB29FB108F9EE50120D4DE79994883F7          Serial Number: 0114195F66FAFF8FD66E12496E516F4F    Request Extensions:        OCSP Nonce:            0410DA634F2ADC31DC48AE89BE64E8252D12OCSP Response Data:    OCSP Response Status: successful (0x0)    Response Type: Basic OCSP Response    Version: 1 (0x0)    Responder Id: 50EA7389DB29FB108F9EE50120D4DE79994883F7    Produced At: Apr  9 08:45:00 2014 GMT    Responses:    Certificate ID:      Hash Algorithm: sha1      Issuer Name Hash: ED48ADDDCB7B00E20E842AA9B409F1AC3034CF96      Issuer Key Hash: 50EA7389DB29FB108F9EE50120D4DE79994883F7      Serial Number: 0114195F66FAFF8FD66E12496E516F4F    Cert Status: good    This Update: Apr  9 08:45:00 2014 GMT    Next Update: Apr 16 09:00:00 2014 GMT    Signature Algorithm: sha1WithRSAEncryption         56:21:4c:dc:84:21:f7:a8:ac:a7:b9:bc:10:19:f8:19:f1:34:         c1:63:ca:14:7f:8f:5a:85:2a:cc:02:b0:f8:b5:05:4a:0f:28:         50:2a:4a:4d:04:01:b5:05:ef:a5:88:41:d8:9d:38:00:7d:76:         1a:aa:ff:21:50:68:90:d2:0c:93:85:49:e7:8e:f1:58:08:77:         a0:4e:e2:22:98:01:b7:e3:27:75:11:f5:b7:8f:e0:75:7d:19:         9b:74:cf:05:dc:ae:1c:36:09:95:b6:08:bc:e7:3f:ea:a2:e3:         ae:d7:8f:c0:9d:8e:c2:37:67:c7:5b:d8:b0:67:23:f1:51:53:         26:c2:96:b0:1a:df:4e:fb:4e:e3:da:a3:98:26:59:a8:d7:17:         69:87:a3:68:47:08:92:d0:37:04:6b:49:9a:96:9d:9c:b1:e8:         cb:dc:68:7b:4a:4d:cb:08:f7:92:67:41:99:b6:54:56:80:0c:         18:a7:24:53:ac:c6:da:1f:4d:f4:3c:7d:68:44:1d:a4:df:1d:         48:07:85:52:86:59:46:d1:35:45:1a:c7:6b:6b:92:de:24:ae:         c0:97:66:54:29:7a:c6:86:a6:da:9f:06:24:dc:ac:80:66:95:         e0:eb:49:fd:fb:d4:81:6a:2b:81:41:57:24:78:3b:e0:66:70:         d4:2e:52:92wikipedia.pem: good    This Update: Apr  9 08:45:00 2014 GMT    Next Update: Apr 16 09:00:00 2014 GMT

If you want to have a more summarized output, leave out the -text option. Imost of the time include it to find out problems with an OCSP.

This is how a good certificate status looks:

openssl ocsp -issuer chain.pem -cert wikipedia.pem -url http://ocsp.digicert.comwikipedia.pem: good    This Update: Apr  9 08:45:00 2014 GMT    Next Update: Apr 16 09:00:00 2014 GMT

Revoked certificate

If you have a revoked certificate, you can also test it the same way as statedabove. The response looks like this:

Response verify OKtest-revoked.pem: revoked    This Update: Apr  9 03:02:45 2014 GMT    Next Update: Apr 10 03:02:45 2014 GMT    Revocation Time: Mar 25 15:45:55 2014 GMT

You can test this using the certificate and chain on the Verisign revokedcertificate test page:

Other errors

If we send this request to another OCSP, one who did not issued thiscertificate, we should receive an unauthorized error:

openssl ocsp -issuer chain.pem -cert wikipedia.pem -url http://rapidssl-ocsp.geotrust.comResponder Error: unauthorized (6)

The -text option here shows more information:

OCSP Request Data:    Version: 1 (0x0)    Requestor List:        Certificate ID:          Hash Algorithm: sha1          Issuer Name Hash: ED48ADDDCB7B00E20E842AA9B409F1AC3034CF96          Issuer Key Hash: 50EA7389DB29FB108F9EE50120D4DE79994883F7          Serial Number: 0114195F66FAFF8FD66E12496E516F4F    Request Extensions:        OCSP Nonce:            041015BB718C43C46C41122E841DB2282ECEResponder Error: unauthorized (6)

Some OCSP's are configured differently and give out this error:

openssl ocsp -issuer chain.pem -cert wikipedia.pem -url http://ocsp.digidentity.eu/L4/services/ocspResponse Verify Failure140735308649312:error:2706B06F:OCSP routines:OCSP_CHECK_IDS:response contains no revocation data:ocsp_vfy.c:269:140735308649312:error:2706B06F:OCSP routines:OCSP_CHECK_IDS:response contains no revocation data:ocsp_vfy.c:269:wikipedia.pem: ERROR: No Status found.

If we do include the -text option here we can see that a response is sent,however, that it has no data in it:

OCSP Response Data:    OCSP Response Status: successful (0x0)    Response Type: Basic OCSP Response    Version: 1 (0x0)    Responder Id: C = NL, O = Digidentity B.V., CN = Digidentity OCSP    Produced At: Apr  9 12:02:00 2014 GMT    Responses:    Response Extensions:OCSP Nonce:    0410EB540472EA2D8246E88F3317B014BEEFSignature Algorithm: sha256WithRSAEncryption

Other OCSP's give out the "unknown" status:

openssl ocsp -issuer chain.pem -cert wikipedia.pem  -url http://ocsp.quovadisglobal.com/Response Verify Failure140735308649312:error:27069070:OCSP routines:OCSP_basic_verify:root ca not trusted:ocsp_vfy.c:152:wikipedia.pem: unknown    This Update: Apr  9 12:09:18 2014 GMT

The -text options shows us more:

OCSP Response Data:    OCSP Response Status: successful (0x0)    Response Type: Basic OCSP Response    Version: 1 (0x0)    Responder Id: C = CH, O = QuoVadis Limited, OU = OCSP Responder, CN = QuoVadis OCSP Authority Signature    Produced At: Apr  9 12:09:10 2014 GMT    Responses:    Certificate ID:      Hash Algorithm: sha1      Issuer Name Hash: ED48ADDDCB7B00E20E842AA9B409F1AC3034CF96      Issuer Key Hash: 50EA7389DB29FB108F9EE50120D4DE79994883F7      Serial Number: 0114195F66FAFF8FD66E12496E516F4F    Cert Status: unknown    This Update: Apr  9 12:09:10 2014 GMT    Response Extensions:

Sources

Tags: articles, certificate, crl, ocsp, shell, ssl, tls