[ssh_x509] Intermediate CA certificates required on client

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Fri Sep 16 09:45:24 EEST 2016

ssh_x509 at roumenpetrov.info wrote:
> Hi,
> After some testing, it seems that when one has intermediate CAs between the
> root CA and the certificate on the server, the client needs all
> intermediate certificates in it's store, rather than just the root CA. Is
> this intended behaviour?
One of requirement from rfc6187 is "All other intermediate certificates 
in the chain leading
to a root authority MUST be included.".

Actually what to put into store depend from version and where is stored key.

Documentation is still not updated to match recent (9.0) functionality - 
for instance quote from ssh man page "Also for x509v3-ecdsa-sha2-* 
public key algorithms defined in “RFC6187” , file with ECDSA key must 
contain chain of certificates leading to a trusted certificate authority."

The new functionality is described in 9.0. announce - see 

So "store" could contain only root certificate and private key 
intermediate .

> It would be much easier to maintain if only the root was required, and one
> could set a max depth from the root that would be allowed.
> I have not tested whether the server side requires an intermediate CA for
> connecting clients.
Use is bidirectional. Rule is for public key algorithm, not for client 
or for server.

So for EC certificate keys end point that send the key must provide 
intermediate. The other point need only root CA to perform verification.

For RSA/DSA certificate keys "historic" algorithms as is send only one 
certificate (that match private key) opposite side must have all 
intermediate to perform verification.


More information about the ssh_x509 mailing list