1VERIFY(1) OpenSSL VERIFY(1)
2
6 verify - Utility to verify certificates.
7
9 openssl verify [-CApath directory] [-CAfile file] [-purpose purpose]
10 [-policy arg] [-ignore_critical] [-crl_check] [-crl_check_all]
11 [-policy_check] [-explicit_policy] [-inhibit_any] [-inhibit_map]
12 [-x509_strict] [-extended_crl] [-use_deltas] [-policy_print]
13 [-untrusted file] [-help] [-issuer_checks] [-verbose] [-]
14 [certificates]
15
17 The verify command verifies certificate chains.
18
20 -CApath directory
21 A directory of trusted certificates. The certificates should have
22 names of the form: hash.0 or have symbolic links to them of this
23 form ("hash" is the hashed certificate subject name: see the -hash
24 option of the x509 utility). Under Unix the c_rehash script will
25 automatically create symbolic links to a directory of certificates.
26 -CAfile file
28 A file of trusted certificates. The file should contain multiple
29 certificates in PEM format concatenated together.
30 -untrusted file
32 A file of untrusted certificates. The file should contain multiple
33 certificates
34 -purpose purpose
36 the intended use for the certificate. Without this option no chain
37 verification will be done. Currently accepted uses are sslclient,
38 sslserver, nssslserver, smimesign, smimeencrypt. See the VERIFY
39 OPERATION section for more information.
40 -help
42 prints out a usage message.
43 -verbose
45 print extra information about the operations being performed.
46 -issuer_checks
48 print out diagnostics relating to searches for the issuer
49 certificate of the current certificate. This shows why each
50 candidate issuer certificate was rejected. However the presence of
51 rejection messages does not itself imply that anything is wrong:
52 during the normal verify process several rejections may take place.
53 -policy arg
55 Enable policy processing and add arg to the user-initial-policy-set
56 (see RFC3280 et al). The policy arg can be an object name an OID in
57 numeric form. This argument can appear more than once.
58 -policy_check
60 Enables certificate policy processing.
61 -explicit_policy
63 Set policy variable require-explicit-policy (see RFC3280 et al).
64 -inhibit_any
66 Set policy variable inhibit-any-policy (see RFC3280 et al).
67 -inhibit_map
69 Set policy variable inhibit-policy-mapping (see RFC3280 et al).
70 -policy_print
72 Print out diagnostics, related to policy checking
73 -crl_check
75 Checks end entity certificate validity by attempting to lookup a
76 valid CRL. If a valid CRL cannot be found an error occurs.
77 -crl_check_all
79 Checks the validity of all certificates in the chain by attempting
80 to lookup valid CRLs.
81 -ignore_critical
83 Normally if an unhandled critical extension is present which is not
84 supported by OpenSSL the certificate is rejected (as required by
85 RFC3280 et al). If this option is set critical extensions are
86 ignored.
87 -x509_strict
89 Disable workarounds for broken certificates which have to be
90 disabled for strict X.509 compliance.
91 -extended_crl
93 Enable extended CRL features such as indirect CRLs and alternate
94 CRL signing keys.
95 -use_deltas
97 Enable support for delta CRLs.
98 -check_ss_sig
100 Verify the signature on the self-signed root CA. This is disabled
101 by default because it doesn't add any security.
102 - marks the last option. All arguments following this are assumed to
104 be certificate files. This is useful if the first certificate
105 filename begins with a -.
106 certificates
108 one or more certificates to verify. If no certificate filenames are
109 included then an attempt is made to read a certificate from
110 standard input. They should all be in PEM format.
111
113 The verify program uses the same functions as the internal SSL and
114 S/MIME verification, therefore this description applies to these verify
115 operations too.
116 There is one crucial difference between the verify operations performed
118 by the verify program: wherever possible an attempt is made to continue
119 after an error whereas normally the verify operation would halt on the
120 first error. This allows all the problems with a certificate chain to
121 be determined.
122 The verify operation consists of a number of separate steps.
124 Firstly a certificate chain is built up starting from the supplied
126 certificate and ending in the root CA. It is an error if the whole
127 chain cannot be built up. The chain is built up by looking up the
128 issuers certificate of the current certificate. If a certificate is
129 found which is its own issuer it is assumed to be the root CA.
130 The process of 'looking up the issuers certificate' itself involves a
132 number of steps. In versions of OpenSSL before 0.9.5a the first
133 certificate whose subject name matched the issuer of the current
134 certificate was assumed to be the issuers certificate. In OpenSSL 0.9.6
135 and later all certificates whose subject name matches the issuer name
136 of the current certificate are subject to further tests. The relevant
137 authority key identifier components of the current certificate (if
138 present) must match the subject key identifier (if present) and issuer
139 and serial number of the candidate issuer, in addition the keyUsage
140 extension of the candidate issuer (if present) must permit certificate
141 signing.
142 The lookup first looks in the list of untrusted certificates and if no
144 match is found the remaining lookups are from the trusted certificates.
145 The root CA is always looked up in the trusted certificate list: if the
146 certificate to verify is a root certificate then an exact match must be
147 found in the trusted list.
148 The second operation is to check every untrusted certificate's
150 extensions for consistency with the supplied purpose. If the -purpose
151 option is not included then no checks are done. The supplied or "leaf"
152 certificate must have extensions compatible with the supplied purpose
153 and all other certificates must also be valid CA certificates. The
154 precise extensions required are described in more detail in the
155 CERTIFICATE EXTENSIONS section of the x509 utility.
156 The third operation is to check the trust settings on the root CA. The
158 root CA should be trusted for the supplied purpose. For compatibility
159 with previous versions of SSLeay and OpenSSL a certificate with no
160 trust settings is considered to be valid for all purposes.
161 The final operation is to check the validity of the certificate chain.
163 The validity period is checked against the current system time and the
164 notBefore and notAfter dates in the certificate. The certificate
165 signatures are also checked at this point.
166 If all operations complete successfully then certificate is considered
168 valid. If any operation fails then the certificate is not valid.
169
171 When a verify operation fails the output messages can be somewhat
172 cryptic. The general form of the error message is:
173 server.pem: /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
175 error 24 at 1 depth lookup:invalid CA certificate
176 The first line contains the name of the certificate being verified
178 followed by the subject name of the certificate. The second line
179 contains the error number and the depth. The depth is number of the
180 certificate being verified when a problem was detected starting with
181 zero for the certificate being verified itself then 1 for the CA that
182 signed the certificate and so on. Finally a text version of the error
183 number is presented.
184 An exhaustive list of the error codes and messages is shown below, this
186 also includes the name of the error code as defined in the header file
187 x509_vfy.h Some of the error codes are defined but never returned:
188 these are described as "unused".
189 0 X509_V_OK: ok
191 the operation was successful.
192 2 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer
194 certificate
195 the issuer certificate of a looked up certificate could not be
196 found. This normally means the list of trusted certificates is not
197 complete.
198 3 X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL
200 the CRL of a certificate could not be found.
201 4 X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt
203 certificate's signature
204 the certificate signature could not be decrypted. This means that
205 the actual signature value could not be determined rather than it
206 not matching the expected value, this is only meaningful for RSA
207 keys.
208 5 X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL's
210 signature
211 the CRL signature could not be decrypted: this means that the
212 actual signature value could not be determined rather than it not
213 matching the expected value. Unused.
214 6 X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode
216 issuer public key
217 the public key in the certificate SubjectPublicKeyInfo could not be
218 read.
219 7 X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure
221 the signature of the certificate is invalid.
222 8 X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure
224 the signature of the certificate is invalid.
225 9 X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid
227 the certificate is not yet valid: the notBefore date is after the
228 current time.
229 10 X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired
231 the certificate has expired: that is the notAfter date is before
232 the current time.
233 11 X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid
235 the CRL is not yet valid.
236 12 X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired
238 the CRL has expired.
239 13 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in
241 certificate's notBefore field
242 the certificate notBefore field contains an invalid time.
243 14 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in
245 certificate's notAfter field
246 the certificate notAfter field contains an invalid time.
247 15 X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL's
249 lastUpdate field
250 the CRL lastUpdate field contains an invalid time.
251 16 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL's
253 nextUpdate field
254 the CRL nextUpdate field contains an invalid time.
255 17 X509_V_ERR_OUT_OF_MEM: out of memory
257 an error occurred trying to allocate memory. This should never
258 happen.
259 18 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate
261 the passed certificate is self signed and the same certificate
262 cannot be found in the list of trusted certificates.
263 19 X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in
265 certificate chain
266 the certificate chain could be built up using the untrusted
267 certificates but the root could not be found locally.
268 20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local
270 issuer certificate
271 the issuer certificate could not be found: this occurs if the
272 issuer certificate of an untrusted certificate cannot be found.
273 21 X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the
275 first certificate
276 no signatures could be verified because the chain contains only one
277 certificate and it is not self signed.
278 22 X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long
280 the certificate chain length is greater than the supplied maximum
281 depth. Unused.
282 23 X509_V_ERR_CERT_REVOKED: certificate revoked
284 the certificate has been revoked.
285 24 X509_V_ERR_INVALID_CA: invalid CA certificate
287 a CA certificate is invalid. Either it is not a CA or its
288 extensions are not consistent with the supplied purpose.
289 25 X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded
291 the basicConstraints pathlength parameter has been exceeded.
292 26 X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose
294 the supplied certificate cannot be used for the specified purpose.
295 27 X509_V_ERR_CERT_UNTRUSTED: certificate not trusted
297 the root CA is not marked as trusted for the specified purpose.
298 28 X509_V_ERR_CERT_REJECTED: certificate rejected
300 the root CA is marked to reject the specified purpose.
301 29 X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch
303 the current candidate issuer certificate was rejected because its
304 subject name did not match the issuer name of the current
305 certificate. Only displayed when the -issuer_checks option is set.
306 30 X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier
308 mismatch
309 the current candidate issuer certificate was rejected because its
310 subject key identifier was present and did not match the authority
311 key identifier current certificate. Only displayed when the
312 -issuer_checks option is set.
313 31 X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial
315 number mismatch
316 the current candidate issuer certificate was rejected because its
317 issuer name and serial number was present and did not match the
318 authority key identifier of the current certificate. Only displayed
319 when the -issuer_checks option is set.
320 32 X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include
322 certificate signing
323 the current candidate issuer certificate was rejected because its
324 keyUsage extension does not permit certificate signing.
325 50 X509_V_ERR_APPLICATION_VERIFICATION: application verification
327 failure
328 an application specific error. Unused.
329
331 Although the issuer checks are a considerably improvement over the old
332 technique they still suffer from limitations in the underlying
333 X509_LOOKUP API. One consequence of this is that trusted certificates
334 with matching subject name must either appear in a file (as specified
335 by the -CAfile option) or a directory (as specified by -CApath. If they
336 occur in both then only the certificates in the file will be
337 recognised.
338 Previous versions of OpenSSL assume certificates with matching subject
340 name are identical and mishandled them.
341 Previous versions of this documentation swapped the meaning of the
343 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT and 20
344 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY error codes.
345
347 x509(1)
3481.0.0e 2010-02-23 VERIFY(1)