From a52247548b3f439f1508d90c1a6e402409d470c2 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 5 Feb 2021 10:50:51 +0100 Subject: docs/SSL-PROBLEMS: enhanced Elaborate on the intermediate cert issue, and mention that anything below TLS 1.2 is generally considered insecure these days. --- docs/SSL-PROBLEMS.md | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/docs/SSL-PROBLEMS.md b/docs/SSL-PROBLEMS.md index cd17cd615..bc3c1d52c 100644 --- a/docs/SSL-PROBLEMS.md +++ b/docs/SSL-PROBLEMS.md @@ -23,8 +23,18 @@ ## CA bundle missing intermediate certificates When using said CA bundle to verify a server cert, you will experience - problems if your CA cert does not have the certificates for the - intermediates in the whole trust chain. + problems if your CA store does not contain the certificates for the + intermediates if the server doesn't provide them. + + The TLS protocol mandates that the intermediate certificates are sent in the + handshake, but as browsers have ways to survive or work around such + omissions, missing intermediates in TLS handshakes still happen that + browser-users won't notice. + + Browsers work around this problem in two ways: they cache intermediate + certificates from previous transfers and some implement the TLS "AIA" + extension that lets the client explictly download such cerfificates on + demand. ## Protocol version @@ -36,7 +46,8 @@ An additional complication can be that modern SSL libraries sometimes are built with support for older SSL and TLS versions disabled! - All versions of SSL are considered insecure and should be avoided. Use TLS. + All versions of SSL and the TLS versions before 1.2 are considered insecure + and should be avoided. Use TLS 1.2 or later. ## Ciphers -- cgit v1.2.1