Skip to content

webpkiπŸ”—

webpki::aki::root-with-aki-missing-keyidentifierπŸ”—

Produces the following invalid chain:

root -> EE

The root cert incudes the authorityKeyIdentifier extension but without the keyIdentifier field, which is required under CABF:

7.1.2.1.3 Root CA Authority Key Identifier Field Description ... keyIdentifier MUST be present. MUST be identical to the subjectKeyIdentifier field.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki ❌ (unexpected success) N/A
pyca-cryptography-44.0.0 βœ… validation failed: candidates exhausted: authorityKeyIdentifier must contain keyIdentifier
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::aki::root-with-aki-authoritycertissuerπŸ”—

Produces the following invalid chain:

root -> EE

The root cert includes the authorityKeyIdentifier extension with the authorityCertIssuer field, which is forbidden under CABF:

7.1.2.1.3 Root CA Authority Key Identifier Field Description ... authorityCertIssuer MUST NOT be present

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki ❌ (unexpected success) N/A
pyca-cryptography-44.0.0 ❌ (unexpected success) N/A
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::aki::root-with-aki-authoritycertserialnumberπŸ”—

Produces the following invalid chain:

root -> EE

The root cert includes the authorityKeyIdentifier extension with the authorityCertSerialNumber field, which is forbidden under the [CA/B BR profile]:

7.1.2.1.3 Root CA Authority Key Identifier Field Description ... authorityCertSerialNumber MUST NOT be present

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki ❌ (unexpected success) N/A
pyca-cryptography-44.0.0 ❌ (unexpected success) N/A
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::aki::root-with-aki-all-fieldsπŸ”—

Produces the following invalid chain:

root -> EE

The root cert includes the authorityKeyIdentifier extension with the authorityCertIssuer and authorityCertSerialNumber fields, which is forbidden under CABF:

7.1.2.1.3 Root CA Authority Key Identifier Field Description ... authorityCertIssuer MUST NOT be present authorityCertSerialNumber MUST NOT be present

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki ❌ (unexpected success) N/A
pyca-cryptography-44.0.0 ❌ (unexpected success) N/A
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::aki::root-with-aki-ski-mismatchπŸ”—

Produces the following invalid chain:

root -> EE

The root cert is self-signed contains an authorityKeyIdentifier, but the keyIdentifier field doesn't match the subjectKeyIdentifier field as required under CABF.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki ❌ (unexpected success) N/A
pyca-cryptography-44.0.0 🚧 testcase skipped (explicitly unsupported case)
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::eku::ee-anyekuπŸ”—

Produces the following invalid chain:

root -> EE

This chain is correctly constructed, but the EE cert contains an Extended Key Usage extension that contains anyExtendedKeyUsage, which is explicitly forbidden under CABF 7.1.2.7.10.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A pedantic-webpki-eku undetermined N/A PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 🚧 custom EKUs not yet supported
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki ❌ (unexpected success) N/A
pyca-cryptography-44.0.0 🚧 testcase skipped (explicit unsupported feature)
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::eku::ee-critical-ekuπŸ”—

Produces the following invalid chain:

root -> EE

This chain is correctly constructed, but the EE has an extKeyUsage extension marked as critical, which is forbidden per CABF 7.1.2.7.6.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A pedantic-webpki-eku undetermined N/A PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 🚧 custom EKUs not yet supported
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki ❌ (unexpected success) N/A
pyca-cryptography-44.0.0 🚧 testcase skipped (explicit unsupported feature)
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::eku::ee-without-ekuπŸ”—

Produces the following invalid chain:

root -> EE

This chain is correctly constructed, but the EE does not have the extKeyUsage extension, which is required per CABF 7.1.2.7.6.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A pedantic-webpki-eku undetermined rfc5280::eku::ee-without-eku PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki ❌ (unexpected success) N/A
pyca-cryptography-44.0.0 🚧 testcase skipped (explicit unsupported feature)
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::eku::root-has-ekuπŸ”—

Produces the following invalid chain:

root -> EE

The root cert includes the extKeyUsage extension, which is forbidden under CABF:

7.1.2.1.2 Root CA Extensions Extension Presence Critical ... extKeyUsage MUST NOT N

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A pedantic-webpki-eku undetermined N/A PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 🚧 custom EKUs not yet supported
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki ❌ (unexpected success) N/A
pyca-cryptography-44.0.0 🚧 testcase skipped (explicit unsupported feature)
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::nc::permitted-dns-match-noncriticalπŸ”—

Produces the following valid chain:

root -> leaf

The root contains a NameConstraints extension with a permitted dNSName of "example.com", matching the leaf's SubjectAlternativeName. The NameConstraints extension is marked as non-critical, which would be a violation of RFC 5280, but CABF explicitly permits this as an exception to RFC 5280:

As an explicit exception from RFC 5280, this extension SHOULD be marked critical, but MAY be marked non-critical if compatibility with certain legacy applications that do not support Name Constraints is necessary.

Expected result Validation kind Validation time Features Importance Conflicts Download
SUCCESS SERVER N/A N/A undetermined rfc5280::nc::permitted-dns-match-noncritical PEM bundle
Harness Result Context
rustls-webpki βœ… N/A
openssl-1.1 βœ… N/A
openssl-3.0.15 βœ… N/A
openssl-3.4.0 βœ… N/A
openssl-3.3.2 βœ… N/A
openssl-3.1.7 βœ… N/A
gnutls-certtool-3.7.3 βœ… Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… N/A
rust-webpki ❌ (unexpected failure) UnknownIssuer
pyca-cryptography-44.0.0 βœ… N/A
certvalidator-0.11.1 βœ… N/A

webpki::nc::intermediate-permitted-excluded-subtrees-both-nullπŸ”—

Produces the following invalid chain:

root -> intermediate -> leaf

The intermediate contains a NameConstraints extension with ASN.1 NULL for both permittedSubtrees and excludedSubtrees, which is forbidden under CABF 7.1.2.5.2.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki ❌ (unexpected success) N/A
pyca-cryptography-44.0.0 βœ… validation failed: candidates exhausted: nameConstraints must have non-empty permittedSubtrees or excludedSubtrees
certvalidator-0.11.1 βœ… The path could not be validated because intermediate certificate 1 contains the following unsupported critical extension: name_constraints

webpki::nc::intermediate-permitted-excluded-subtrees-both-empty-sequencesπŸ”—

Produces the following invalid chain:

root -> intermediate -> leaf

The intermediate contains a NameConstraints extension with empty sequences for both permittedSubtrees and excludedSubtrees, which is forbidden under CABF 7.1.2.5.2.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki βœ… UnknownIssuer
pyca-cryptography-44.0.0 βœ… validation failed: candidates exhausted: nameConstraints must have non-empty permittedSubtrees or excludedSubtrees
certvalidator-0.11.1 βœ… The path could not be validated because intermediate certificate 1 contains the following unsupported critical extension: name_constraints

webpki::san::exact-dns-sanπŸ”—

Produces a chain with a valid EE cert for example.com.

This EE cert contains a Subject Alternative Name with the dNSName "example.com". This should verify successfully against the domain "example.com", per RFC 6125 6.4.1.

Expected result Validation kind Validation time Features Importance Conflicts Download
SUCCESS SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… N/A
openssl-1.1 βœ… N/A
openssl-3.0.15 βœ… N/A
openssl-3.4.0 βœ… N/A
openssl-3.3.2 βœ… N/A
openssl-3.1.7 βœ… N/A
gnutls-certtool-3.7.3 βœ… Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… N/A
rust-webpki βœ… N/A
pyca-cryptography-44.0.0 βœ… N/A
certvalidator-0.11.1 βœ… N/A

webpki::san::exact-localhost-ip-sanπŸ”—

Produces a chain with a valid EE cert, for IP 127.0.0.1, i.e. localhost.

Expected result Validation kind Validation time Features Importance Conflicts Download
SUCCESS SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… N/A
openssl-1.1 βœ… N/A
openssl-3.0.15 βœ… N/A
openssl-3.4.0 βœ… N/A
openssl-3.3.2 βœ… N/A
openssl-3.1.7 βœ… N/A
gnutls-certtool-3.7.3 βœ… Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… N/A
rust-webpki 🚧 implementation requires DNS peer names
pyca-cryptography-44.0.0 βœ… N/A
certvalidator-0.11.1 βœ… N/A

webpki::san::mismatch-domain-sanπŸ”—

Produces a chain with an EE cert.

This EE cert contains a Subject Alternative Name with the dNSName example.com. This should fail to verify against the domain example2.com, per RFC 6125 6.4.1.

Each label MUST match in order for the names to be considered to match, except as supplemented by the rule about checking of wildcard labels.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… subject name validation failed
openssl-1.1 βœ… Hostname mismatch
openssl-3.0.15 βœ… hostname mismatch
openssl-3.4.0 βœ… hostname mismatch
openssl-3.3.2 βœ… hostname mismatch
openssl-3.1.7 βœ… hostname mismatch
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… hostname mismatch
rust-webpki βœ… DNS name validation failed
pyca-cryptography-44.0.0 βœ… validation failed: leaf certificate has no matching subjectAltName (encountered processing , ...)>)
certvalidator-0.11.1 βœ… The X.509 certificate provided is not valid for example2.com. Valid hostnames include: example.com

webpki::san::mismatch-subdomain-sanπŸ”—

Produces a chain with an EE cert.

This EE cert contains a Subject Alternative Name with the dNSName abc.example.com. This should fail to verify against the domain def.example.com, per RFC 6125 6.4.1.

Each label MUST match in order for the names to be considered to match, except as supplemented by the rule about checking of wildcard labels.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… subject name validation failed
openssl-1.1 βœ… Hostname mismatch
openssl-3.0.15 βœ… hostname mismatch
openssl-3.4.0 βœ… hostname mismatch
openssl-3.3.2 βœ… hostname mismatch
openssl-3.1.7 βœ… hostname mismatch
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… hostname mismatch
rust-webpki βœ… DNS name validation failed
pyca-cryptography-44.0.0 βœ… validation failed: leaf certificate has no matching subjectAltName (encountered processing , ...)>)
certvalidator-0.11.1 βœ… The X.509 certificate provided is not valid for def.example.com. Valid hostnames include: abc.example.com

webpki::san::mismatch-subdomain-apex-sanπŸ”—

Produces a chain with an EE cert.

This EE cert contains a Subject Alternative Name with the dNSName example.com. This should fail to verify against the domain abc.example.com, per RFC 6125 6.4.1.

Each label MUST match in order for the names to be considered to match, except as supplemented by the rule about checking of wildcard labels.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… subject name validation failed
openssl-1.1 βœ… Hostname mismatch
openssl-3.0.15 βœ… hostname mismatch
openssl-3.4.0 βœ… hostname mismatch
openssl-3.3.2 βœ… hostname mismatch
openssl-3.1.7 βœ… hostname mismatch
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… hostname mismatch
rust-webpki βœ… DNS name validation failed
pyca-cryptography-44.0.0 βœ… validation failed: leaf certificate has no matching subjectAltName (encountered processing , ...)>)
certvalidator-0.11.1 βœ… The X.509 certificate provided is not valid for abc.example.com. Valid hostnames include: example.com

webpki::san::mismatch-apex-subdomain-sanπŸ”—

Produces a chain with an EE cert.

This EE cert contains a Subject Alternative Name with the dNSName abc.example.com. This should fail to verify against the domain example.com, per RFC 6125 6.4.1.

Each label MUST match in order for the names to be considered to match, except as supplemented by the rule about checking of wildcard labels.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… subject name validation failed
openssl-1.1 βœ… Hostname mismatch
openssl-3.0.15 βœ… hostname mismatch
openssl-3.4.0 βœ… hostname mismatch
openssl-3.3.2 βœ… hostname mismatch
openssl-3.1.7 βœ… hostname mismatch
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… hostname mismatch
rust-webpki βœ… DNS name validation failed
pyca-cryptography-44.0.0 βœ… validation failed: leaf certificate has no matching subjectAltName (encountered processing , ...)>)
certvalidator-0.11.1 βœ… The X.509 certificate provided is not valid for example.com. Valid hostnames include: abc.example.com

webpki::san::public-suffix-wildcard-sanπŸ”—

Produces a chain with an EE cert.

This EE cert contains a Subject Alternative name with the dNSName *.com. Conformant CAs should not issue such a certificate, according to CABF:

If the FQDN portion of any Wildcard Domain Name is β€œregistry‐controlled” or is a β€œpublic suffix”, CAs MUST refuse issuance unless the Applicant proves its rightful control of the entire Domain Namespace.

While the Baseline Requirements do not specify how clients should behave when given such a certificate, it is generally safe to assume that wildcard certificates spanning a gTLD are malicious, and clients should reject them.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A pedantic-public-suffix-wildcard undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… subject name validation failed
openssl-1.1 βœ… Hostname mismatch
openssl-3.0.15 βœ… hostname mismatch
openssl-3.4.0 βœ… hostname mismatch
openssl-3.3.2 βœ… hostname mismatch
openssl-3.1.7 βœ… hostname mismatch
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected.
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 βœ… hostname mismatch
rust-webpki βœ… DNS name validation failed
pyca-cryptography-44.0.0 🚧 testcase skipped (explicit unsupported feature)
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::san::leftmost-wildcard-sanπŸ”—

Produces a chain with an EE cert.

This EE cert contains a Subject Alternative Name with the dNSName *.example.com. This should verify successfully against the domain foo.example.com, per RFC 6125 6.4.3.

Expected result Validation kind Validation time Features Importance Conflicts Download
SUCCESS SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… N/A
openssl-1.1 βœ… N/A
openssl-3.0.15 βœ… N/A
openssl-3.4.0 βœ… N/A
openssl-3.3.2 βœ… N/A
openssl-3.1.7 βœ… N/A
gnutls-certtool-3.7.3 βœ… Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… N/A
rust-webpki βœ… N/A
pyca-cryptography-44.0.0 βœ… N/A
certvalidator-0.11.1 βœ… N/A

webpki::san::wildcard-embedded-leftmost-sanπŸ”—

Produces a chain with an EE cert.

This EE cert contains a Subject Alternative Name with the dNSName ba*.example.com. This should fail to verify against the domain baz.example.com, per CABF.

Wildcard Domain Name: A string starting with β€œ*.” (U+002A ASTERISK, U+002E FULL STOP) immediately followed by a Fully-Qualified Domain Name.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… subject name validation failed
openssl-1.1 βœ… Hostname mismatch
openssl-3.0.15 βœ… hostname mismatch
openssl-3.4.0 βœ… hostname mismatch
openssl-3.3.2 βœ… hostname mismatch
openssl-3.1.7 βœ… hostname mismatch
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… hostname mismatch
rust-webpki βœ… DNS name validation failed
pyca-cryptography-44.0.0 βœ… validation failed: leaf certificate has no matching subjectAltName (encountered processing , ...)>)
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::san::wildcard-not-in-leftmost-sanπŸ”—

Produces a chain with an EE cert.

This EE cert contains a Subject Alternative Name with the dNSName foo.*.example.com. This should fail to verify against the domain foo.bar.example.com, per RFC 6125 6.4.3.

The client SHOULD NOT attempt to match a presented identifier in which the wildcard character comprises a label other than the left-most label (e.g., do not match bar.*.example.net).

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… subject name validation failed
openssl-1.1 βœ… Hostname mismatch
openssl-3.0.15 βœ… hostname mismatch
openssl-3.4.0 βœ… hostname mismatch
openssl-3.3.2 βœ… hostname mismatch
openssl-3.1.7 βœ… hostname mismatch
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… hostname mismatch
rust-webpki βœ… DNS name validation failed
pyca-cryptography-44.0.0 βœ… validation failed: leaf certificate has no matching subjectAltName (encountered processing , ...)>)
certvalidator-0.11.1 βœ… The X.509 certificate provided is not valid for foo.bar.example.com. Valid hostnames include: foo.*.example.com

webpki::san::wildcard-match-across-labels-sanπŸ”—

Produces a chain with an EE cert.

This EE cert contains a Subject Alternative Name with the dNSName *.example.com. This should fail to verify against the domain foo.bar.example.com, per RFC 6125 6.4.3.

If the wildcard character is the only character of the left-most label in the presented identifier, the client SHOULD NOT compare against anything but the left-most label of the reference identifier (e.g., *.example.com would match foo.example.com but not bar.foo.example.com or example.com).

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… subject name validation failed
openssl-1.1 βœ… Hostname mismatch
openssl-3.0.15 βœ… hostname mismatch
openssl-3.4.0 βœ… hostname mismatch
openssl-3.3.2 βœ… hostname mismatch
openssl-3.1.7 βœ… hostname mismatch
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… hostname mismatch
rust-webpki βœ… DNS name validation failed
pyca-cryptography-44.0.0 βœ… validation failed: leaf certificate has no matching subjectAltName (encountered processing , ...)>)
certvalidator-0.11.1 βœ… The X.509 certificate provided is not valid for foo.bar.example.com. Valid hostnames include: *.example.com

webpki::san::wildcard-embedded-ulabel-sanπŸ”—

Produces a chain with an EE cert.

This EE cert contains a Subject Alternative Name with the dNSName xn--*-1b3c148a.example.com. This should fail to verify against the domain xn--bliss-1b3c148a.example.com, per RFC 6125 6.4.3:

... the client SHOULD NOT attempt to match a presented identifier where the wildcard character is embedded within an A-label or U-label [IDNA-DEFS] of an internationalized domain name [IDNA-PROTO].

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… subject name validation failed
openssl-1.1 βœ… Hostname mismatch
openssl-3.0.15 βœ… hostname mismatch
openssl-3.4.0 βœ… hostname mismatch
openssl-3.3.2 βœ… hostname mismatch
openssl-3.1.7 βœ… hostname mismatch
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… hostname mismatch
rust-webpki βœ… DNS name validation failed
pyca-cryptography-44.0.0 βœ… validation failed: leaf certificate has no matching subjectAltName (encountered processing , ...)>)
certvalidator-0.11.1 βœ… The X.509 certificate provided is not valid for xn--bliss-1b3c148a.example.com. Valid hostnames include: *痛苦.example.com

webpki::san::unicode-emoji-sanπŸ”—

Produces a chain with an EE cert.

This EE cert contains a Subject Alternative Name with the dNSName 😜.example.com, This should fail to verify against the domain xn--628h.example.com, per RFC 5280 7.2:

IA5String is limited to the set of ASCII characters. To accommodate internationalized domain names in the current structure, conforming implementations MUST convert internationalized domain names to the ASCII Compatible Encoding (ACE) format as specified in Section 4 of RFC 3490 before storage in the dNSName field.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… subject name validation failed
openssl-1.1 βœ… Hostname mismatch
openssl-3.0.15 βœ… hostname mismatch
openssl-3.4.0 βœ… hostname mismatch
openssl-3.3.2 βœ… hostname mismatch
openssl-3.1.7 βœ… hostname mismatch
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… hostname mismatch
rust-webpki βœ… DNS name validation failed
pyca-cryptography-44.0.0 βœ… validation failed: leaf certificate has no matching subjectAltName (encountered processing , ...)>)
certvalidator-0.11.1 βœ… 'ascii' codec can't decode byte 0xf0 in position 0: ordinal not in range(128)

webpki::san::no-sanπŸ”—

Produces the following invalid chain:

root -> EE

The chain is correctly constructed, but the EE cert does not have a Subject Alternative Name, which is required. This is invalid even when the Subject contains a valid domain name in its Common Name component.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… subject name validation failed
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki βœ… DNS name validation failed
pyca-cryptography-44.0.0 βœ… validation failed: Certificate is missing required extension (encountered processing , ...)>)
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::san::san-critical-with-nonempty-subjectπŸ”—

Produces the following invalid chain:

root -> EE

The EE cert includes a critical subjectAlternativeName extension, which is forbidden under CABF when the subject is non-empty:

If the subject field of the certificate is an empty SEQUENCE, this extension MUST be marked critical, as specified in RFC 5280, Section 4.2.1.6. Otherwise, this extension MUST NOT be marked critical.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki ❌ (unexpected success) N/A
pyca-cryptography-44.0.0 βœ… validation failed: EE subjectAltName MUST NOT be critical when subject is nonempty (encountered processing , ...)>)
certvalidator-0.11.1 βœ… The path could not be validated because the end-entity certificate contains the following unsupported critical extension: subject_alt_name

webpki::san::san-wildcard-onlyπŸ”—

Produces the following invalid chain:

root -> EE

The EE cert contains a SAN of just DNS:*, which should be rejected.

The reason for this is subtle: CABF 3.2.2.6 notes that certs with wildcards on public suffixes should not be issued, and . (i.e. the DNS root) is effectively a public suffix. This is true even though the DNS root is not itself on the PSL.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… subject name validation failed
openssl-1.1 βœ… Hostname mismatch
openssl-3.0.15 βœ… hostname mismatch
openssl-3.4.0 βœ… hostname mismatch
openssl-3.3.2 βœ… hostname mismatch
openssl-3.1.7 βœ… hostname mismatch
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… hostname mismatch
rust-webpki βœ… DNS name validation failed
pyca-cryptography-44.0.0 βœ… validation failed: leaf certificate has no matching subjectAltName (encountered processing , ...)>)
certvalidator-0.11.1 βœ… The X.509 certificate provided is not valid for example.com. Valid hostnames include: *

webpki::san::san-wildcard-only-tldπŸ”—

Produces the following invalid chain:

root -> EE

The EE cert contains a SAN of just DNS:*, which should be rejected.

The reason for this is subtle: CABF 3.2.2.6 notes that certs with wildcards on public suffixes should not be issued, and . (i.e. the DNS root) is effectively a public suffix. This is true even though the DNS root is not itself on the PSL.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… subject name validation failed
openssl-1.1 βœ… Hostname mismatch
openssl-3.0.15 βœ… hostname mismatch
openssl-3.4.0 βœ… hostname mismatch
openssl-3.3.2 βœ… hostname mismatch
openssl-3.1.7 βœ… hostname mismatch
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… hostname mismatch
rust-webpki βœ… DNS name validation failed
pyca-cryptography-44.0.0 βœ… validation failed: leaf certificate has no matching subjectAltName (encountered processing , ...)>)
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::explicit-curveπŸ”—

Produces the following invalid chain:

root -> EE

Both root and EE convey EC keys using the "explicit" curve encoding, which is forbidden under CABF 7.1.3.1.2:

The CA SHALL indicate an ECDSA key using the id‐ecPublicKey (OID: 1.2.840.10045.2.1) algorithm identifier. The parameters MUST use the namedCurve encoding.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER 2024-03-13T00:00:00+00:00 N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… UnsupportedSignatureAlgorithmForPublicKey
openssl-1.1 βœ… Certificate public key has explicit ECC parameters
openssl-3.0.15 βœ… Certificate public key has explicit ECC parameters
openssl-3.4.0 βœ… Certificate public key has explicit ECC parameters
openssl-3.3.2 βœ… Certificate public key has explicit ECC parameters
openssl-3.1.7 βœ… Certificate public key has explicit ECC parameters
gnutls-certtool-3.7.3 βœ… N/A
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… Certificate public key has explicit ECC parameters
rust-webpki βœ… UnknownIssuer
pyca-cryptography-44.0.0 βœ… validation failed: candidates exhausted: Forbidden public key algorithm: AlgorithmIdentifier { oid: DefinedByMarker(PhantomData), params: Ec(SpecifiedCurve(Sequence { data: [2, 1, 1, 48, 44, 6, 7, 42, 134, 72, 206, 61, 1, 1, 2, 33, 0, 255, 255, 255, 255, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 48, 91, 4, 32, 255, 255, 255, 255, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 252, 4, 32, 90, 198, 53, 216, 170, 58, 147, 231, 179, 235, 189, 85, 118, 152, 134, 188, 101, 29, 6, 176, 204, 83, 176, 246, 59, 206, 60, 62, 39, 210, 96, 75, 3, 21, 0, 196, 157, 54, 8, 134, 231, 4, 147, 106, 102, 120, 225, 19, 157, 38, 183, 129, 159, 126, 144, 4, 65, 4, 107, 23, 209, 242, 225, 44, 66, 71, 248, 188, 230, 229, 99, 164, 64, 242, 119, 3, 125, 129, 45, 235, 51, 160, 244, 161, 57, 69, 216, 152, 194, 150, 79, 227, 66, 226, 254, 26, 127, 155, 142, 231, 235, 74, 124, 15, 158, 22, 43, 206, 51, 87, 107, 49, 94, 206, 203, 182, 64, 104, 55, 191, 81, 245, 2, 33, 0, 255, 255, 255, 255, 0, 0, 0, 0, 255, 255, 255, 255, 255, 255, 255, 255, 188, 230, 250, 173, 167, 23, 158, 132, 243, 185, 202, 194, 252, 99, 37, 81, 2, 1, 1] })) }
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::cryptographydotio-chainπŸ”—

Verifies against a saved copy of cryptography.io's chain. This should trivially succeed.

Expected result Validation kind Validation time Features Importance Conflicts Download
SUCCESS SERVER 2023-07-10T00:00:00+00:00 N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki 🚧 key_usage not supported yet
openssl-1.1 βœ… N/A
openssl-3.0.15 βœ… N/A
openssl-3.4.0 βœ… N/A
openssl-3.3.2 βœ… N/A
openssl-3.1.7 βœ… N/A
gnutls-certtool-3.7.3 🚧 custom key usages not supported
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… N/A
rust-webpki 🚧 key_usage not supported yet
pyca-cryptography-44.0.0 βœ… N/A
certvalidator-0.11.1 βœ… N/A

webpki::cryptographydotio-chain-missing-intermediateπŸ”—

Verifies against a saved copy of cryptography.io's chain, but without its intermediates. This should trivially fail.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER 2023-07-10T00:00:00+00:00 N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki 🚧 key_usage not supported yet
openssl-1.1 βœ… unable to get local issuer certificate
openssl-3.0.15 βœ… unable to get local issuer certificate
openssl-3.4.0 βœ… unable to get local issuer certificate
openssl-3.3.2 βœ… unable to get local issuer certificate
openssl-3.1.7 βœ… unable to get local issuer certificate
gnutls-certtool-3.7.3 🚧 custom key usages not supported
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… unable to get local issuer certificate
rust-webpki 🚧 key_usage not supported yet
pyca-cryptography-44.0.0 βœ… validation failed: candidates exhausted: all candidates exhausted with no interior errors
certvalidator-0.11.1 βœ… Unable to build a validation path for the certificate "Common Name: cryptography.io" - no issuer matching "Common Name: R3, Organization: Let's Encrypt, Country: US" was found

webpki::malformed-aiaπŸ”—

Produces a chain with an EE cert.

This EE cert contains an Authority Information Access extension with malformed contents. This is invalid per CABF.

The AuthorityInfoAccessSyntax MUST contain one or more AccessDescriptions.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki ❌ (unexpected success) N/A
pyca-cryptography-44.0.0 βœ… validation failed: ASN.1 parsing error: short data (needed at least 90 additional bytes) (encountered processing , ...)>)
certvalidator-0.11.1 βœ… Insufficient data - 97 bytes requested but only 7 available
while parsing asn1crypto.core.ParsableOctetString
while parsing asn1crypto.x509.Extension

webpki::forbidden-p192-rootπŸ”—

Produces the following invalid chain:

root -> EE

The root cert conveys a P-192 key and signs for the EE with it, which is not permitted under the CABF's key or signature types.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… UnsupportedSignatureAlgorithmForPublicKey
openssl-1.1 βœ… CA certificate key too weak
openssl-3.0.15 βœ… CA certificate key too weak
openssl-3.4.0 βœ… CA certificate key too weak
openssl-3.3.2 βœ… CA certificate key too weak
openssl-3.1.7 βœ… CA certificate key too weak
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The certificate chain uses insecure algorithm.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… CA certificate key too weak
rust-webpki βœ… UnknownIssuer
pyca-cryptography-44.0.0 βœ… validation failed: candidates exhausted: Forbidden public key algorithm: AlgorithmIdentifier { oid: DefinedByMarker(PhantomData), params: Ec(NamedCurve(ObjectIdentifier { oid: 1.2.840.10045.3.1.1 })) }
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::forbidden-p192-leafπŸ”—

Produces the following invalid chain:

root -> EE

The EE cert conveys a P-192 key, which is not one of the permitted public keys under CABF.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A pedantic-webpki-subscriber-key undetermined N/A PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 βœ… EE certificate key too weak
openssl-3.0.15 βœ… EE certificate key too weak
openssl-3.4.0 βœ… EE certificate key too weak
openssl-3.3.2 βœ… EE certificate key too weak
openssl-3.1.7 βœ… EE certificate key too weak
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The certificate chain uses insecure algorithm.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 βœ… EE certificate key too weak
rust-webpki ❌ (unexpected success) N/A
pyca-cryptography-44.0.0 🚧 testcase skipped (explicit unsupported feature)
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::forbidden-dsa-rootπŸ”—

Produces the following invalid chain:

root -> EE

The root cert conveys a DSA-30272 key and signs for the EE with it, which is not permitted under the CABF's key or signature types.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… UnsupportedSignatureAlgorithm
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki βœ… UnknownIssuer
pyca-cryptography-44.0.0 βœ… validation failed: candidates exhausted: Forbidden public key algorithm: AlgorithmIdentifier { oid: DefinedByMarker(PhantomData), params: Dsa(DssParams { p: BigUint { data: [0, 161, 112, 25, 170, 155, 37, 154, 196, 133, 90, 90, 215, 77, 23, 218, 181, 83, 210, 166, 133, 110, 59, 54, 97, 202, 19, 63, 58, 182, 198, 47, 154, 172, 3, 215, 132, 106, 227, 74, 121, 19, 251, 54, 210, 119, 196, 228, 162, 217, 253, 15, 174, 24, 193, 170, 145, 228, 43, 239, 63, 23, 231, 55, 131, 70, 240, 16, 58, 39, 68, 201, 254, 69, 150, 120, 8, 172, 140, 39, 66, 173, 227, 173, 73, 192, 215, 114, 44, 53, 189, 6, 225, 192, 254, 200, 113, 251, 137, 229, 10, 77, 107, 184, 99, 249, 172, 59, 38, 7, 36, 65, 200, 195, 6, 50, 15, 99, 120, 115, 114, 220, 77, 51, 128, 175, 31, 92, 251, 2, 228, 72, 218, 137, 12, 67, 188, 6, 49, 94, 134, 229, 127, 173, 181, 186, 118, 209, 161, 157, 110, 186, 192, 83, 92, 173, 82, 15, 195, 214, 7, 129, 208, 33, 166, 19, 176, 174, 164, 85, 239, 79, 59, 173, 164, 8, 131, 178, 68, 129, 81, 76, 187, 217, 32, 37, 61, 85, 62, 87, 25, 18, 147, 168, 154, 145, 229, 247, 119, 131, 244, 164, 177, 49, 176, 10, 44, 92, 131, 22, 45, 142, 173, 239, 200, 87, 177, 113, 11, 113, 22, 80, 171, 77, 59, 44, 223, 183, 33, 60, 151, 10, 172, 145, 160, 56, 46, 91, 82, 252, 13, 27, 148, 218, 62, 210, 2, 11, 114, 151, 159, 253, 162, 110, 123, 20, 214, 14, 145, 188, 148, 245, 201, 61, 44, 47, 193, 167, 47, 149, 255, 188, 218, 185, 32, 140, 74, 198, 85, 25, 87, 55, 87, 147, 233, 173, 8, 6, 43, 214, 255, 213, 66, 85, 86, 136, 224, 19, 58, 42, 89, 37, 119, 159, 41, 12, 249, 182, 59, 38, 137, 251, 199, 47, 158, 147, 236, 208, 72, 176, 101, 184, 60, 199, 249, 238, 58, 14, 147, 56, 24, 129, 9, 117, 92, 78, 35, 55, 78, 246, 210, 192, 15, 201, 90, 107, 240, 186, 208, 237, 165, 99, 156, 92, 161, 160, 242, 212, 176, 137, 92, 219, 253, 228, 74, 43, 250, 118, 137, 13, 103, 222, 149, 178, 133, 222, 153, 114, 144, 55, 225, 103, 199, 87, 201] }, q: BigUint { data: [0, 131, 204, 243, 255, 221, 176, 186, 8, 6, 244, 38, 237, 17, 73, 248, 169, 215, 233, 206, 13, 61, 107, 84, 31, 123, 156, 42, 213, 139, 158, 132, 157] }, g: BigUint { data: [122, 61, 229, 249, 5, 219, 29, 57, 27, 225, 6, 122, 219, 25, 75, 41, 211, 72, 225, 169, 78, 19, 142, 12, 171, 219, 33, 29, 160, 217, 74, 58, 92, 1, 91, 69, 151, 175, 165, 145, 5, 65, 156, 64, 99, 181, 152, 159, 64, 201, 99, 34, 45, 53, 221, 174, 205, 104, 152, 202, 219, 100, 162, 48, 117, 2, 13, 0, 239, 202, 20, 173, 64, 87, 111, 179, 148, 42, 168, 224, 174, 224, 63, 224, 175, 145, 157, 107, 35, 88, 116, 210, 180, 33, 66, 21, 145, 9, 126, 82, 8, 92, 131, 54, 80, 35, 216, 90, 111, 67, 92, 180, 37, 27, 94, 158, 192, 38, 227, 125, 13, 10, 217, 79, 251, 195, 237, 147, 129, 77, 112, 132, 87, 161, 103, 129, 106, 169, 212, 239, 147, 228, 255, 127, 209, 116, 210, 200, 31, 91, 52, 27, 159, 207, 35, 87, 113, 118, 120, 37, 113, 159, 102, 114, 187, 114, 137, 227, 90, 228, 197, 90, 116, 141, 188, 46, 130, 29, 237, 245, 110, 133, 2, 189, 191, 82, 178, 164, 51, 33, 82, 118, 132, 23, 184, 225, 8, 92, 5, 168, 80, 21, 21, 124, 171, 140, 138, 63, 164, 176, 28, 110, 75, 214, 13, 243, 23, 214, 140, 115, 230, 177, 52, 151, 108, 211, 66, 227, 122, 238, 23, 135, 146, 107, 28, 31, 13, 125, 18, 96, 142, 152, 228, 193, 209, 156, 237, 133, 67, 20, 33, 159, 167, 48, 246, 46, 249, 69, 97, 43, 95, 184, 29, 237, 156, 16, 155, 212, 159, 206, 159, 208, 154, 142, 74, 139, 210, 253, 60, 21, 0, 228, 250, 228, 65, 94, 186, 238, 179, 221, 189, 137, 63, 47, 214, 25, 222, 37, 212, 165, 164, 40, 177, 215, 32, 35, 71, 121, 164, 80, 152, 254, 4, 237, 181, 108, 8, 162, 119, 165, 202, 127, 153, 207, 46, 138, 113, 87, 208, 245, 194, 209, 10, 54, 113, 56, 157, 95, 74, 141, 170, 126, 64, 68, 84, 3, 223, 29, 2, 32, 16, 192, 58, 173, 103, 177, 37, 228, 150, 143, 168, 196, 11, 81, 78, 72, 167, 140, 86, 247, 72, 166, 29, 191, 62, 108, 18, 35, 209, 230, 144, 36, 147, 86] } }) }
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::forbidden-dsa-leafπŸ”—

Produces the following invalid chain:

root -> EE

The EE cert conveys a DSA key, which is not one of the permitted public keys under CABF.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A pedantic-webpki-subscriber-key undetermined N/A PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki ❌ (unexpected success) N/A
pyca-cryptography-44.0.0 🚧 testcase skipped (explicit unsupported feature)
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::forbidden-weak-rsa-key-in-rootπŸ”—

Produces the following invalid chain:

root -> EE

The root cert is signed with and conveys an RSA-1024 key, which is below the security margin (2048) required under CABF 6.1.5.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… InvalidSignatureForPublicKey
openssl-1.1 βœ… CA certificate key too weak
openssl-3.0.15 βœ… CA certificate key too weak
openssl-3.4.0 βœ… CA certificate key too weak
openssl-3.3.2 βœ… CA certificate key too weak
openssl-3.1.7 βœ… CA certificate key too weak
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The certificate chain uses insecure algorithm.
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 βœ… CA certificate key too weak
rust-webpki βœ… UnknownIssuer
pyca-cryptography-44.0.0 βœ… validation failed: candidates exhausted: RSA key is too weak
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::forbidden-weak-rsa-in-leafπŸ”—

Produces the following invalid chain:

root -> EE

The EE cert conveys an RSA 1024 key, which is below the security margin (2048) required under CABF 6.1.5.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A pedantic-webpki-subscriber-key undetermined N/A PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 βœ… EE certificate key too weak
openssl-3.0.15 βœ… EE certificate key too weak
openssl-3.4.0 βœ… EE certificate key too weak
openssl-3.3.2 βœ… EE certificate key too weak
openssl-3.1.7 βœ… EE certificate key too weak
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The certificate chain uses insecure algorithm.
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 βœ… EE certificate key too weak
rust-webpki ❌ (unexpected success) N/A
pyca-cryptography-44.0.0 🚧 testcase skipped (explicit unsupported feature)
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::forbidden-rsa-not-divisable-by-8-in-rootπŸ”—

Produces the following invalid chain:

root -> EE

The root cert is signed with and conveys an RSA-2052 key, which is above the security margin (2048) but not divisible by 8, as is required under CABF 6.1.5.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The certificate chain uses insecure algorithm.
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki ❌ (unexpected success) N/A
pyca-cryptography-44.0.0 🚧 testcase skipped (explicitly unsupported case)
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::forbidden-rsa-key-not-divisable-by-8-in-leafπŸ”—

Produces the following invalid chain:

root -> EE

The EE cert conveys an RSA-2052 key, which is above the security margin (2048) but not divisible by 8, as is required under CABF 6.1.5.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A pedantic-webpki-subscriber-key undetermined N/A PEM bundle
Harness Result Context
rustls-webpki ❌ (unexpected success) N/A
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 βœ… Chain verification output: Not verified. The certificate is NOT trusted. The certificate chain uses insecure algorithm.
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki ❌ (unexpected success) N/A
pyca-cryptography-44.0.0 🚧 testcase skipped (explicit unsupported feature)
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::v1-certπŸ”—

Produces the following invalid chain:

root -> EE

This chain is correctly constructed, but the EE cert is marked with version 2 (ordinal 1) rather than version 3 (ordinal 2). This is invalid, per CABF 7.1.1:

Certificates MUST be of type X.509 v3.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… leaf cert: X.509 parse failed
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 βœ… N/A
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki βœ… leaf cert: X.509 parse failed
pyca-cryptography-44.0.0 βœ… validation failed: certificate must be an X509v3 certificate (encountered processing , ...)>)
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::ee-basicconstraints-caπŸ”—

Produces the following invalid chain:

root -> EE

The EE certificate has keyUsage.keyCertSign=FALSE but basicConstraints.cA=TRUE, which is explicitly forbidden under CABF 7.1.2.7.8:

cA MUST be FALSE

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
rustls-webpki βœ… CaUsedAsEndEntity
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki βœ… CaUsedAsEndEntity
pyca-cryptography-44.0.0 βœ… validation failed: basicConstraints.cA must not be asserted in an EE certificate (encountered processing , ...)>)
certvalidator-0.11.1 ❌ (unexpected success) N/A

webpki::ca-as-leafπŸ”—

Produces the following invalid chain:

root -> ICA

The ICA is in leaf position, despite being a CA certificate, which is explicitly forbidden under CABF 7.1.2.7.11 (keyUsage.keyCertSign must NOT be permitted) and 7.1.2.7.8 (basicConstraints.cA MUST be false`).

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined rfc5280::ca-as-leaf PEM bundle
Harness Result Context
rustls-webpki βœ… CaUsedAsEndEntity
openssl-1.1 ❌ (unexpected success) N/A
openssl-3.0.15 ❌ (unexpected success) N/A
openssl-3.4.0 ❌ (unexpected success) N/A
openssl-3.3.2 ❌ (unexpected success) N/A
openssl-3.1.7 ❌ (unexpected success) N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
gocryptox509-go1.23.3 ❌ (unexpected success) validation: chain built
openssl-3.2.3 ❌ (unexpected success) N/A
rust-webpki βœ… CaUsedAsEndEntity
pyca-cryptography-44.0.0 βœ… validation failed: basicConstraints.cA must not be asserted in an EE certificate (encountered processing , ...)>)
certvalidator-0.11.1 βœ… The X.509 certificate provided is not valid for securing TLS connections