Establishing the Required Certificate Chain
For a connection to be successfully established using a cipher suite that uses certificates and keys, the client must be able to verify the server’s certificate chain from the server’s own certificate to a self-signed certificate from a trusted certificate authority (CA), including intermediate certificates (if any). If the server is authenticating the client user, then the server must also be able to verify the client user’s certificate chain from the client user’s own certificate to a trusted CA’s self-signed certificate, including intermediate certificates (if any).
Since authentication can be bidirectional, the requirements for certificate chains refer to the verifying entity (the side requiring the authentication) and the verified entity (the side being authenticated), rather than the client and the server.
For authentication to be possible, the following conditions must be met:
The verifying entity must have access to all the certificates that constitute the certificate chain from the verified entity’s own certificate to a trusted CA’s self-signed root certificate. The certificates in the chain are obtained from the combination of the verified entity’s certificate file (the certificates are sent as part of the handshake protocol) and the verifying entity’s trusted CA certificate file.
The verifying entity must have the trusted CA’s self-signed root certificate in its CA certificate file.
The verified entity’s own certificate must be the first entry in its certificate file.
All intermediate CA certificates must be present.
The certificates in the certificate chain may be divided between the verified entity’s certificate file and the verifying entity’s trusted CA certificate file. However, each part must be a contiguous partial certificate chain, as described in the following example.
Suppose there are:
A verified entity (named “VE”) with a certificate signed by the certificate authority named “ICA1.”
A certificate for “ICA1” signed by the certificate authority “ICA2,” and a certificate for “ICA2” signed by “RootCA”.
A trusted CA (named “RootCA”) with a self-signed root certificate.
The following are valid distributions of certificates between the verified entity and the verifying entity:
|Certificates in the Verified Entity’s Certificate File||Certificates in the Verifying Entity’s Trusted CA Certificate File|
|VE||ICA1, ICA2, RootCA|
|VE, ICA1||ICA2, RootCA|
|VE, ICA1, ICA2||RootCA|
Note that it is not valid to have VE and ICA2 in the verified entity’s certificate file and ICA1 and RootCert in the verifying entity’s trusted CA certificate file