How is an X509 certificate signer verified?

  • Lets say I create a self-signed X509 certificate A and use it to issue certificate B. I put certificate A in my trusted root authorities so that all certificates signed by it are accepted. My question is:

    When I then use a service protected by cert B, how does my computer know it was actually signed by cert A? Is the parent certificate somehow embedded into its child?

    It's hard to comment without a sample of the output of .NET's X509Certificate class..

    This question is language-agnostic. When people say 'ssl certificate' or just 'certificate' they are usually referring to an x509 certificate,

  • In a X.509 certificate, the name of the issuer (in your example, A's name) is also included (as issuerDN). Also, a certificate can contain an extension which points to a place where the issuer's certificate can be downloaded (the "Authority Information Access", section of RFC 5280); note that since all certificates are signed entities which are accepted and use only after having verified these signatures, they can be downloaded and transported with little care. Finally, it is customary, in protocols where a party can show a certificate, to actually show a list of certificates containing needed intermediate CA certificates. This is what happens, for instance, in an SSL Certificate message.

    All this gives a lot of ways for a computer to do certification path building, i.e. reconstructing chains of certificate on which validation (including verifying cryptographic signatures) seems relevant.

License under CC-BY-SA with attribution

Content dated before 7/24/2021 11:53 AM