[SERVER-39217] TLS intermediate CA certificate not working with macOS and 4.0.5 Created: 27/Jan/19  Updated: 29/Oct/23  Resolved: 01/Mar/19

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: 4.0.5
Fix Version/s: 4.0.8, 4.1.9

Type: Bug Priority: Major - P3
Reporter: Spencer Brown Assignee: Sara Golemon
Resolution: Fixed Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: File repro.tar.gz    
Issue Links:
Backports
Backwards Compatibility: Minor Change
Operating System: OS X
Backport Requested:
v4.0
Steps To Reproduce:

See attached file repro.tar.gz and read the README.markdown file for full repro details and results

note the file has some private keys but they were generated just for this repro

Sprint: Security 2019-02-11, Security 2019-02-25, Security 2019-03-11
Participants:

 Description   

Combination of the following conditions causes a failure to connect with TLS from mongo shell:

  • Server's PEMKeyFile includes the server key and cert, and also the intermediate CA cert that signed the server cert
  • mongo shell CAFile is the root CA cert that signed the intermediate cert
  • Running MongoDB 4.0.5 (does not fail on 3.6)
  • Running on macOS (does not fail on Linux)


 Comments   
Comment by Githook User [ 22/Mar/19 ]

Author:

{'email': 'sara.golemon@mongodb.com', 'name': 'Sara Golemon', 'username': 'sgolemon'}

Message: SERVER-39217 SecureTransport with Intermediate CA

(cherry picked from commit 987e5fc980b2288371ebd2c133b58466cc646d60)
Branch: v4.0
https://github.com/mongodb/mongo/commit/0eecc58363a2173d9a2bc91e9e7dc8665e12bfac

Comment by Githook User [ 01/Mar/19 ]

Author:

{'name': 'Sara Golemon', 'username': 'sgolemon', 'email': 'sara.golemon@mongodb.com'}

Message: SERVER-39217 SecureTransport with Intermediate CA
Branch: master
https://github.com/mongodb/mongo/commit/987e5fc980b2288371ebd2c133b58466cc646d60

Comment by Spencer Brown [ 08/Feb/19 ]

I see from the code review that there's a discussion about requiring intermediate CA certificates to be placed in the CAFile (or clusterCAFile I guess), and banning them from the PEMKeyFile, at least for non-OpenSSL environments.

I would be fine with that. I would point out that a fix is still needed for macOS, because I still get a failure on 4.0.5 when the intermediate CA certificate is in the CAFile. But you probably knew that.

Banning intermediate CA certs from the PEMKeyFile would not even be a regression on macOS (and I guess Windows), because it doesn't work at all since 4.0. We just need to be sure to document it.

Making

Comment by Sara Golemon [ 07/Feb/19 ]

Quick update: I've identified the cause and should be able to work out a fix. In the mean time, if you convert your server key bundle from a .pem file to PKCS#12, then the current release version should "just work". I'll update once I have a proper fix.

Comment by Spencer Brown [ 01/Feb/19 ]

Tried moving the intermediate CA certificate into the server's CAFile along with the root CA certificate. So the server's configured CAFile has the intermediate and root CA certificates and the PEMKeyFile has the server key and certificate. On macOS:

2019-02-01T08:56:54.900-0600 E NETWORK  [js] SSL peer certificate validation failed: Certificate trust failure: CSSMERR_TP_NOT_TRUSTED; connection rejected

and openssl s_client connect -showcerts shows that the server is only sending the server certificate.

but the same setup works on Linux with 4.0.5, and on macOS with 3.6.10, and openssl s_client -showcerts shows that the server is sending all three certificates in those cases.

Generated at Thu Feb 08 04:51:23 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.