iTranslated by AI

The content below is an AI-generated translation. This is an experimental feature, and may contain errors. View original article
📑

Why SSL Certificates Work on Some PCs but Not Others: Understanding Intermediate Certificates

に公開
SSL
証明書
tech

Introduction

One day, a complaint was received stating that while the server could be used without any issues within our company, some customers were frequently unable to connect. At first, I didn't think too deeply about it, assuming it was due to the strict network security of those companies. However, upon closer inspection, I discovered that connection errors were occurring related to SSL certificates. Investigating based on these errors, I found that an SSL error was occurring because the server was not returning the intermediate certificate.

In this article, I will summarize the mechanism of SSL/TLS certificates and the role of intermediate certificates that I learned triggered by this mystery.

Basic Structure of SSL Certificates

SSL certificates are built on a mechanism called "Public Key Infrastructure (PKI)."
Certificates have a hierarchical structure like a pyramid, primarily consisting of three types:

  • Root Certificate
    The trust anchor. Pre-installed in each OS and browser from the beginning.
  • Intermediate Certificate
    The bridge connecting the root and the server. This normally performs the signing. There may be multiple intermediate certificates.
  • Server Certificate
    The certificate actually issued to a domain such as example.com.

The root certificate verifies the intermediate certificate, and the intermediate certificate verifies the server certificate, and so on.
If the root certificate were ever tampered with by someone, we would end up trusting malicious servers, so we must be very careful.

Why is an Intermediate Certificate Necessary?

You might think, "Why not just sign everything with the root certificate?"
Actually, there are reasons why that cannot be done.

  1. Root certificates are the most critical, so they are strictly managed offline
    → They are not used for daily operations and are kept safe in a vault to prevent leakage.
  2. Risk Distribution
    → Each Intermediate CA can be revoked individually. There is no need to revoke the entire root.
  3. Ease of Updates
    → Roots have an expiration date of 20 years or more. Intermediates can be updated every few years to transition to newer generations of encryption methods.
  4. Separation of Use Cases
    → Intermediate CAs can be divided according to their roles, such as for the web, for code signing, etc.

In other words, intermediate certificates are both a "shield to protect the root" and a "mechanism to make operations flexible."

Why does it work on some PCs but not others?

When a server does not return the intermediate certificate, the behavior varies depending on the PC and the environment.

  • When cached
    → It works because the PC remembers the intermediate certificate used on a previously accessed site.
  • When pre-installed in the OS or browser
    → Some intermediate certificates are included from the start.
  • When AIA Fetch is enabled
    → It automatically retrieves the intermediate certificate from the URL written in the certificate.

Conversely, if none of these are present, an error occurs stating "not trusted."
That is why the server side must always return the fullchain.pem (server + intermediate certificate set).

CA Certificates and Root Certificates

  • Root Certificate
    The "trust anchor" held by each OS and browser. Hundreds of them are pre-installed.
  • CA Certificate
    A general term for certificates issued by a Certificate Authority (CA), which includes root and intermediate certificates.
  • Risks
    If a malicious root certificate gets into a PC, that device will trust even fake certificates.
    → This leads to "Man-In-The-Middle (MITM) attacks."

Actual Verification Method (openssl)

The openssl command is useful for checking certificate operations.

  • Check the certificate chain from the server

    openssl s_client -connect example.com:443 -showcerts

  • Check certificate details

    openssl x509 -in cert.pem -text -noout

  • Check the expiration date

    openssl x509 -enddate -noout -in cert.pem

Summary

  • SSL certificates consist of a three-layer structure: "Root → Intermediate → Server."

  • Intermediate certificates are essential for security and operations.

  • If the server does not return the intermediate certificate, it may or may not work depending on the environment.

  • To reliably prevent errors, set up fullchain.pem.

This learning experience cleared up why the unstable behavior was occurring.
It feels good to solve the "why" by understanding how certificates work.

Discussion