webpkiπ
webpki::aki::root-with-aki-missing-keyidentifierπ
Produces the following invalid chain:
root -> EE
The root cert incudes the authorityKeyIdentifier extension but without the keyIdentifier field, which is required under CABF:
7.1.2.1.3 Root CA Authority Key Identifier Field Description ... keyIdentifier MUST be present. MUST be identical to the subjectKeyIdentifier field.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β (unexpected success) | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β (unexpected success) | N/A |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
β | validation failed: CandidatesExhausted(Other("authorityKeyIdentifier must contain keyIdentifier")) |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β (unexpected success) | N/A |
webpki::aki::root-with-aki-authoritycertissuerπ
Produces the following invalid chain:
root -> EE
The root cert includes the authorityKeyIdentifier extension with the authorityCertIssuer field, which is forbidden under CABF:
7.1.2.1.3 Root CA Authority Key Identifier Field Description ... authorityCertIssuer MUST NOT be present
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β (unexpected success) | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β (unexpected success) | N/A |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
β | validation failed: CandidatesExhausted(Other("authorityKeyIdentifier must not contain authorityCertIssuer")) |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β (unexpected success) | N/A |
webpki::aki::root-with-aki-authoritycertserialnumberπ
Produces the following invalid chain:
root -> EE
The root cert includes the authorityKeyIdentifier extension with the authorityCertSerialNumber field, which is forbidden under the [CA/B BR profile]:
7.1.2.1.3 Root CA Authority Key Identifier Field Description ... authorityCertSerialNumber MUST NOT be present
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β (unexpected success) | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β (unexpected success) | N/A |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
β | validation failed: CandidatesExhausted(Other("authorityKeyIdentifier must not contain authorityCertSerialNumber")) |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β (unexpected success) | N/A |
webpki::aki::root-with-aki-all-fieldsπ
Produces the following invalid chain:
root -> EE
The root cert includes the authorityKeyIdentifier extension with the authorityCertIssuer and authorityCertSerialNumber fields, which is forbidden under CABF:
7.1.2.1.3 Root CA Authority Key Identifier Field Description ... authorityCertIssuer MUST NOT be present authorityCertSerialNumber MUST NOT be present
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β (unexpected success) | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β (unexpected success) | N/A |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
β | validation failed: CandidatesExhausted(Other("authorityKeyIdentifier must not contain authorityCertIssuer")) |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β (unexpected success) | N/A |
webpki::aki::root-with-aki-ski-mismatchπ
Produces the following invalid chain:
root -> EE
The root cert is self-signed contains an authorityKeyIdentifier, but the keyIdentifier field doesn't match the subjectKeyIdentifier field as required under CABF.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β (unexpected success) | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β (unexpected success) | N/A |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
π§ | testcase skipped (explicitly unsupported case) |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β (unexpected success) | N/A |
webpki::eku::ee-anyekuπ
Produces the following invalid chain:
root -> EE
This chain is correctly constructed, but the EE cert contains an
Extended Key Usage extension that contains anyExtendedKeyUsage,
which is explicitly forbidden under CABF 7.1.2.7.10.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | pedantic-webpki-eku | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
π§ | custom EKUs not yet supported |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β (unexpected success) | N/A |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
π§ | testcase skipped (explicit unsupported feature) |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β (unexpected success) | N/A |
webpki::eku::ee-critical-ekuπ
Produces the following invalid chain:
root -> EE
This chain is correctly constructed, but the EE has an extKeyUsage extension marked as critical, which is forbidden per CABF 7.1.2.7.6.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | pedantic-webpki-eku | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
π§ | custom EKUs not yet supported |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β (unexpected success) | N/A |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
π§ | testcase skipped (explicit unsupported feature) |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β (unexpected success) | N/A |
webpki::eku::ee-without-ekuπ
Produces the following invalid chain:
root -> EE
This chain is correctly constructed, but the EE does not have the extKeyUsage extension, which is required per CABF 7.1.2.7.6.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | pedantic-webpki-eku | undetermined | rfc5280::eku::ee-without-eku |
PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β (unexpected success) | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β (unexpected success) | N/A |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
π§ | testcase skipped (explicit unsupported feature) |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β (unexpected success) | N/A |
webpki::eku::root-has-ekuπ
Produces the following invalid chain:
root -> EE
The root cert includes the extKeyUsage extension, which is forbidden under CABF:
7.1.2.1.2 Root CA Extensions Extension Presence Critical ... extKeyUsage MUST NOT N
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | pedantic-webpki-eku | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
π§ | custom EKUs not yet supported |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β (unexpected success) | N/A |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
π§ | testcase skipped (explicit unsupported feature) |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β (unexpected success) | N/A |
webpki::nc::permitted-dns-match-noncriticalπ
Produces the following valid chain:
root -> leaf
The root contains a NameConstraints extension with a permitted dNSName of "example.com", matching the leaf's SubjectAlternativeName. The NameConstraints extension is marked as non-critical, which would be a violation of RFC 5280, but CABF explicitly permits this as an exception to RFC 5280:
As an explicit exception from RFC 5280, this extension SHOULD be marked critical, but MAY be marked non-critical if compatibility with certain legacy applications that do not support Name Constraints is necessary.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| SUCCESS | SERVER | N/A | N/A | undetermined | rfc5280::nc::permitted-dns-match-noncritical |
PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β | N/A |
rust-webpki |
β (unexpected failure) | UnknownIssuer |
openssl-3.0.13 |
β | N/A |
pyca-cryptography-42.0.5 |
β | N/A |
openssl-1.1 |
β | N/A |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | N/A |
certvalidator-0.11.1 |
β | N/A |
rustls-webpki |
β | N/A |
webpki::nc::intermediate-permitted-excluded-subtrees-both-nullπ
Produces the following invalid chain:
root -> intermediate -> leaf
The intermediate contains a NameConstraints extension with ASN.1 NULL for
both permittedSubtrees and excludedSubtrees, which is forbidden under
CABF 7.1.2.5.2.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β (unexpected success) | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β (unexpected success) | N/A |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
β | validation failed: CandidatesExhausted(Other("nameConstraints must have non-empty permittedSubtrees or excludedSubtrees")) |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β | The path could not be validated because intermediate certificate 1 contains the following unsupported critical extension: name_constraints |
rustls-webpki |
β (unexpected success) | N/A |
webpki::nc::intermediate-permitted-excluded-subtrees-both-empty-sequencesπ
Produces the following invalid chain:
root -> intermediate -> leaf
The intermediate contains a NameConstraints extension with empty sequences for both permittedSubtrees and excludedSubtrees, which is forbidden under CABF 7.1.2.5.2.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β (unexpected success) | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β | UnknownIssuer |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
β | validation failed: CandidatesExhausted(Other("nameConstraints must have non-empty permittedSubtrees or excludedSubtrees")) |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β | The path could not be validated because intermediate certificate 1 contains the following unsupported critical extension: name_constraints |
rustls-webpki |
β (unexpected success) | N/A |
webpki::san::exact-dns-sanπ
Produces a chain with a valid EE cert for example.com.
This EE cert contains a Subject Alternative Name with the dNSName "example.com". This should verify successfully against the domain "example.com", per RFC 6125 6.4.1.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| SUCCESS | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β | N/A |
rust-webpki |
β | N/A |
openssl-3.0.13 |
β | N/A |
pyca-cryptography-42.0.5 |
β | N/A |
openssl-1.1 |
β | N/A |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | N/A |
certvalidator-0.11.1 |
β | N/A |
rustls-webpki |
β | N/A |
webpki::san::exact-localhost-ip-sanπ
Produces a chain with a valid EE cert, for IP 127.0.0.1, i.e. localhost.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| SUCCESS | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β | N/A |
rust-webpki |
π§ | implementation requires DNS peer names |
openssl-3.0.13 |
β | N/A |
pyca-cryptography-42.0.5 |
β | N/A |
openssl-1.1 |
β | N/A |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | N/A |
certvalidator-0.11.1 |
β | N/A |
rustls-webpki |
β | N/A |
webpki::san::mismatch-domain-sanπ
Produces a chain with an EE cert.
This EE cert contains a Subject Alternative Name with the dNSName example.com.
This should fail to verify against the domain example2.com, per RFC 6125 6.4.1.
Each label MUST match in order for the names to be considered to match, except as supplemented by the rule about checking of wildcard labels.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected. |
openssl-3.2.1 |
β | hostname mismatch |
rust-webpki |
β | DNS name validation failed |
openssl-3.0.13 |
β | hostname mismatch |
pyca-cryptography-42.0.5 |
β | validation failed: Other("leaf certificate has no matching subjectAltName") |
openssl-1.1 |
β | Hostname mismatch |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | hostname mismatch |
certvalidator-0.11.1 |
β | The X.509 certificate provided is not valid for example2.com. Valid hostnames include: example.com |
rustls-webpki |
β | subject name validation failed |
webpki::san::mismatch-subdomain-sanπ
Produces a chain with an EE cert.
This EE cert contains a Subject Alternative Name with the dNSName abc.example.com.
This should fail to verify against the domain def.example.com, per RFC 6125 6.4.1.
Each label MUST match in order for the names to be considered to match, except as supplemented by the rule about checking of wildcard labels.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected. |
openssl-3.2.1 |
β | hostname mismatch |
rust-webpki |
β | DNS name validation failed |
openssl-3.0.13 |
β | hostname mismatch |
pyca-cryptography-42.0.5 |
β | validation failed: Other("leaf certificate has no matching subjectAltName") |
openssl-1.1 |
β | Hostname mismatch |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | hostname mismatch |
certvalidator-0.11.1 |
β | The X.509 certificate provided is not valid for def.example.com. Valid hostnames include: abc.example.com |
rustls-webpki |
β | subject name validation failed |
webpki::san::mismatch-subdomain-apex-sanπ
Produces a chain with an EE cert.
This EE cert contains a Subject Alternative Name with the dNSName example.com.
This should fail to verify against the domain abc.example.com, per RFC 6125 6.4.1.
Each label MUST match in order for the names to be considered to match, except as supplemented by the rule about checking of wildcard labels.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected. |
openssl-3.2.1 |
β | hostname mismatch |
rust-webpki |
β | DNS name validation failed |
openssl-3.0.13 |
β | hostname mismatch |
pyca-cryptography-42.0.5 |
β | validation failed: Other("leaf certificate has no matching subjectAltName") |
openssl-1.1 |
β | Hostname mismatch |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | hostname mismatch |
certvalidator-0.11.1 |
β | The X.509 certificate provided is not valid for abc.example.com. Valid hostnames include: example.com |
rustls-webpki |
β | subject name validation failed |
webpki::san::mismatch-apex-subdomain-sanπ
Produces a chain with an EE cert.
This EE cert contains a Subject Alternative Name with the dNSName abc.example.com.
This should fail to verify against the domain example.com, per RFC 6125 6.4.1.
Each label MUST match in order for the names to be considered to match, except as supplemented by the rule about checking of wildcard labels.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected. |
openssl-3.2.1 |
β | hostname mismatch |
rust-webpki |
β | DNS name validation failed |
openssl-3.0.13 |
β | hostname mismatch |
pyca-cryptography-42.0.5 |
β | validation failed: Other("leaf certificate has no matching subjectAltName") |
openssl-1.1 |
β | Hostname mismatch |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | hostname mismatch |
certvalidator-0.11.1 |
β | The X.509 certificate provided is not valid for example.com. Valid hostnames include: abc.example.com |
rustls-webpki |
β | subject name validation failed |
webpki::san::public-suffix-wildcard-sanπ
Produces a chain with an EE cert.
This EE cert contains a Subject Alternative name with the dNSName *.com.
Conformant CAs should not issue such a certificate, according to CABF:
If the FQDN portion of any Wildcard Domain Name is βregistryβcontrolledβ or is a βpublic suffixβ, CAs MUST refuse issuance unless the Applicant proves its rightful control of the entire Domain Namespace.
While the Baseline Requirements do not specify how clients should behave when given such a certificate, it is generally safe to assume that wildcard certificates spanning a gTLD are malicious, and clients should reject them.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | pedantic-public-suffix-wildcard | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected. |
openssl-3.2.1 |
β | hostname mismatch |
rust-webpki |
β | DNS name validation failed |
openssl-3.0.13 |
β | hostname mismatch |
pyca-cryptography-42.0.5 |
π§ | testcase skipped (explicit unsupported feature) |
openssl-1.1 |
β | Hostname mismatch |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β | hostname mismatch |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β | subject name validation failed |
webpki::san::leftmost-wildcard-sanπ
Produces a chain with an EE cert.
This EE cert contains a Subject Alternative Name with the dNSName *.example.com.
This should verify successfully against the domain foo.example.com, per RFC 6125 6.4.3.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| SUCCESS | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β | N/A |
rust-webpki |
β | N/A |
openssl-3.0.13 |
β | N/A |
pyca-cryptography-42.0.5 |
β | N/A |
openssl-1.1 |
β | N/A |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | N/A |
certvalidator-0.11.1 |
β | N/A |
rustls-webpki |
β | N/A |
webpki::san::wildcard-embedded-leftmost-sanπ
Produces a chain with an EE cert.
This EE cert contains a Subject Alternative Name with the dNSName ba*.example.com.
This should fail to verify against the domain baz.example.com, per CABF.
Wildcard Domain Name: A string starting with β*.β (U+002A ASTERISK, U+002E FULL STOP) immediately followed by a Fully-Qualified Domain Name.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected. |
openssl-3.2.1 |
β | hostname mismatch |
rust-webpki |
β | DNS name validation failed |
openssl-3.0.13 |
β | hostname mismatch |
pyca-cryptography-42.0.5 |
β | validation failed: Other("leaf certificate has no matching subjectAltName") |
openssl-1.1 |
β | Hostname mismatch |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | hostname mismatch |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β | subject name validation failed |
webpki::san::wildcard-not-in-leftmost-sanπ
Produces a chain with an EE cert.
This EE cert contains a Subject Alternative Name with the dNSName foo.*.example.com.
This should fail to verify against the domain foo.bar.example.com, per RFC 6125 6.4.3.
The client SHOULD NOT attempt to match a presented identifier in which the wildcard character comprises a label other than the left-most label (e.g., do not match bar.*.example.net).
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected. |
openssl-3.2.1 |
β | hostname mismatch |
rust-webpki |
β | DNS name validation failed |
openssl-3.0.13 |
β | hostname mismatch |
pyca-cryptography-42.0.5 |
β | validation failed: Other("leaf certificate has no matching subjectAltName") |
openssl-1.1 |
β | Hostname mismatch |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | hostname mismatch |
certvalidator-0.11.1 |
β | The X.509 certificate provided is not valid for foo.bar.example.com. Valid hostnames include: foo.*.example.com |
rustls-webpki |
β | subject name validation failed |
webpki::san::wildcard-match-across-labels-sanπ
Produces a chain with an EE cert.
This EE cert contains a Subject Alternative Name with the dNSName *.example.com.
This should fail to verify against the domain foo.bar.example.com, per RFC 6125 6.4.3.
If the wildcard character is the only character of the left-most label in the presented identifier, the client SHOULD NOT compare against anything but the left-most label of the reference identifier (e.g., *.example.com would match foo.example.com but not bar.foo.example.com or example.com).
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected. |
openssl-3.2.1 |
β | hostname mismatch |
rust-webpki |
β | DNS name validation failed |
openssl-3.0.13 |
β | hostname mismatch |
pyca-cryptography-42.0.5 |
β | validation failed: Other("leaf certificate has no matching subjectAltName") |
openssl-1.1 |
β | Hostname mismatch |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | hostname mismatch |
certvalidator-0.11.1 |
β | The X.509 certificate provided is not valid for foo.bar.example.com. Valid hostnames include: *.example.com |
rustls-webpki |
β | subject name validation failed |
webpki::san::wildcard-embedded-ulabel-sanπ
Produces a chain with an EE cert.
This EE cert contains a Subject Alternative Name with the dNSName
xn--*-1b3c148a.example.com. This should fail to verify against the domain
xn--bliss-1b3c148a.example.com, per RFC 6125 6.4.3:
... the client SHOULD NOT attempt to match a presented identifier where the wildcard character is embedded within an A-label or U-label [IDNA-DEFS] of an internationalized domain name [IDNA-PROTO].
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected. |
openssl-3.2.1 |
β | hostname mismatch |
rust-webpki |
β | DNS name validation failed |
openssl-3.0.13 |
β | hostname mismatch |
pyca-cryptography-42.0.5 |
β | validation failed: Other("leaf certificate has no matching subjectAltName") |
openssl-1.1 |
β | Hostname mismatch |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | hostname mismatch |
certvalidator-0.11.1 |
β | The X.509 certificate provided is not valid for xn--bliss-1b3c148a.example.com. Valid hostnames include: *ηθ¦.example.com |
rustls-webpki |
β | subject name validation failed |
webpki::san::unicode-emoji-sanπ
Produces a chain with an EE cert.
This EE cert contains a Subject Alternative Name with the dNSName π.example.com,
This should fail to verify against the domain xn--628h.example.com,
per RFC 5280 7.2:
IA5String is limited to the set of ASCII characters. To accommodate internationalized domain names in the current structure, conforming implementations MUST convert internationalized domain names to the ASCII Compatible Encoding (ACE) format as specified in Section 4 of RFC 3490 before storage in the dNSName field.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected. |
openssl-3.2.1 |
β | hostname mismatch |
rust-webpki |
β | DNS name validation failed |
openssl-3.0.13 |
β | hostname mismatch |
pyca-cryptography-42.0.5 |
β | validation failed: Other("leaf certificate has no matching subjectAltName") |
openssl-1.1 |
β | Hostname mismatch |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | hostname mismatch |
certvalidator-0.11.1 |
β | 'ascii' codec can't decode byte 0xf0 in position 0: ordinal not in range(128) |
rustls-webpki |
β | subject name validation failed |
webpki::san::no-sanπ
Produces the following invalid chain:
root -> EE
The chain is correctly constructed, but the EE cert does not have a Subject Alternative Name, which is required. This is invalid even when the Subject contains a valid domain name in its Common Name component.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β (unexpected success) | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β | DNS name validation failed |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
β | validation failed: Other("Certificate is missing required extension") |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β | subject name validation failed |
webpki::san::san-critical-with-nonempty-subjectπ
Produces the following invalid chain:
root -> EE
The EE cert includes a critical subjectAlternativeName extension, which is forbidden under CABF when the subject is non-empty:
If the subject field of the certificate is an empty SEQUENCE, this extension MUST be marked critical, as specified in RFC 5280, Section 4.2.1.6. Otherwise, this extension MUST NOT be marked critical.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β (unexpected success) | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β (unexpected success) | N/A |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
β | validation failed: Other("EE subjectAltName MUST NOT be critical when subject is nonempty") |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β | The path could not be validated because the end-entity certificate contains the following unsupported critical extension: subject_alt_name |
rustls-webpki |
β (unexpected success) | N/A |
webpki::san::san-wildcard-onlyπ
Produces the following invalid chain:
root -> EE
The EE cert contains a SAN of just DNS:*, which should be rejected.
The reason for this is subtle: CABF 3.2.2.6 notes that certs with
wildcards on public suffixes should not be issued, and . (i.e. the DNS
root) is effectively a public suffix. This is true even though the DNS
root is not itself on the PSL.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected. |
openssl-3.2.1 |
β | hostname mismatch |
rust-webpki |
β | DNS name validation failed |
openssl-3.0.13 |
β | hostname mismatch |
pyca-cryptography-42.0.5 |
β | validation failed: Other("leaf certificate has no matching subjectAltName") |
openssl-1.1 |
β | Hostname mismatch |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | hostname mismatch |
certvalidator-0.11.1 |
β | The X.509 certificate provided is not valid for example.com. Valid hostnames include: * |
rustls-webpki |
β | subject name validation failed |
webpki::san::san-wildcard-only-tldπ
Produces the following invalid chain:
root -> EE
The EE cert contains a SAN of just DNS:*, which should be rejected.
The reason for this is subtle: CABF 3.2.2.6 notes that certs with
wildcards on public suffixes should not be issued, and . (i.e. the DNS
root) is effectively a public suffix. This is true even though the DNS
root is not itself on the PSL.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected. |
openssl-3.2.1 |
β | hostname mismatch |
rust-webpki |
β | DNS name validation failed |
openssl-3.0.13 |
β | hostname mismatch |
pyca-cryptography-42.0.5 |
β | validation failed: Other("leaf certificate has no matching subjectAltName") |
openssl-1.1 |
β | Hostname mismatch |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β | hostname mismatch |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β | subject name validation failed |
webpki::explicit-curveπ
Produces the following invalid chain:
root -> EE
Both root and EE convey EC keys using the "explicit" curve encoding, which is forbidden under CABF 7.1.3.1.2:
The CA SHALL indicate an ECDSA key using the idβecPublicKey (OID: 1.2.840.10045.2.1) algorithm identifier. The parameters MUST use the namedCurve encoding.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | 2024-03-13T00:00:00+00:00 | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | N/A |
openssl-3.2.1 |
β | Certificate public key has explicit ECC parameters |
rust-webpki |
β | UnknownIssuer |
openssl-3.0.13 |
β | Certificate public key has explicit ECC parameters |
pyca-cryptography-42.0.5 |
β | validation failed: CandidatesExhausted(Other("Forbidden public key algorithm: AlgorithmIdentifier { oid: DefinedByMarker(PhantomData |
openssl-1.1 |
β | Certificate public key has explicit ECC parameters |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | Certificate public key has explicit ECC parameters |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β | UnsupportedSignatureAlgorithmForPublicKey |
webpki::cryptographydotio-chainπ
Verifies against a saved copy of cryptography.io's chain. This should
trivially succeed.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| SUCCESS | SERVER | 2023-07-10T00:00:00+00:00 | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
π§ | custom key usages not supported |
openssl-3.2.1 |
β | N/A |
rust-webpki |
π§ | key_usage not supported yet |
openssl-3.0.13 |
β | N/A |
pyca-cryptography-42.0.5 |
β | N/A |
openssl-1.1 |
β | N/A |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | N/A |
certvalidator-0.11.1 |
β | N/A |
rustls-webpki |
π§ | key_usage not supported yet |
webpki::cryptographydotio-chain-missing-intermediateπ
Verifies against a saved copy of cryptography.io's chain, but without its
intermediates. This should trivially fail.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | 2023-07-10T00:00:00+00:00 | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
π§ | custom key usages not supported |
openssl-3.2.1 |
β | unable to get local issuer certificate |
rust-webpki |
π§ | key_usage not supported yet |
openssl-3.0.13 |
β | unable to get local issuer certificate |
pyca-cryptography-42.0.5 |
β | validation failed: CandidatesExhausted(Other("all candidates exhausted with no interior errors")) |
openssl-1.1 |
β | unable to get local issuer certificate |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | unable to get local issuer certificate |
certvalidator-0.11.1 |
β | Unable to build a validation path for the certificate "Common Name: cryptography.io" - no issuer matching "Common Name: R3, Organization: Let's Encrypt, Country: US" was found |
rustls-webpki |
π§ | key_usage not supported yet |
webpki::malformed-aiaπ
Produces a chain with an EE cert.
This EE cert contains an Authority Information Access extension with malformed contents. This is invalid per CABF.
The AuthorityInfoAccessSyntax MUST contain one or more AccessDescriptions.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β (unexpected success) | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β (unexpected success) | N/A |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
β | validation failed: Malformed(ParseError { kind: ShortData }) |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β | Insufficient data - 97 bytes requested but only 7 available while parsing asn1crypto.core.ParsableOctetString while parsing asn1crypto.x509.Extension |
rustls-webpki |
β (unexpected success) | N/A |
webpki::forbidden-p192-rootπ
Produces the following invalid chain:
root -> EE
The root cert conveys a P-192 key and signs for the EE with it, which is not permitted under the CABF's key or signature types.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The certificate chain uses insecure algorithm. |
openssl-3.2.1 |
β | CA certificate key too weak |
rust-webpki |
β | UnknownIssuer |
openssl-3.0.13 |
β | CA certificate key too weak |
pyca-cryptography-42.0.5 |
β | validation failed: CandidatesExhausted(Other("Forbidden public key algorithm: AlgorithmIdentifier { oid: DefinedByMarker(PhantomData |
openssl-1.1 |
β | CA certificate key too weak |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | CA certificate key too weak |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β | UnsupportedSignatureAlgorithmForPublicKey |
webpki::forbidden-p192-leafπ
Produces the following invalid chain:
root -> EE
The EE cert conveys a P-192 key, which is not one of the permitted public keys under CABF.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | pedantic-webpki-subscriber-key | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The certificate chain uses insecure algorithm. |
openssl-3.2.1 |
β | EE certificate key too weak |
rust-webpki |
β (unexpected success) | N/A |
openssl-3.0.13 |
β | EE certificate key too weak |
pyca-cryptography-42.0.5 |
π§ | testcase skipped (explicit unsupported feature) |
openssl-1.1 |
β | EE certificate key too weak |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β | EE certificate key too weak |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β (unexpected success) | N/A |
webpki::forbidden-dsa-rootπ
Produces the following invalid chain:
root -> EE
The root cert conveys a DSA-30272 key and signs for the EE with it, which is not permitted under the CABF's key or signature types.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β (unexpected success) | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β | UnknownIssuer |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
β | validation failed: CandidatesExhausted(Other("Forbidden public key algorithm: AlgorithmIdentifier { oid: DefinedByMarker(PhantomData |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β | UnsupportedSignatureAlgorithm |
webpki::forbidden-dsa-leafπ
Produces the following invalid chain:
root -> EE
The EE cert conveys a DSA key, which is not one of the permitted public keys under CABF.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | pedantic-webpki-subscriber-key | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β (unexpected success) | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β (unexpected success) | N/A |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
π§ | testcase skipped (explicit unsupported feature) |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β (unexpected success) | N/A |
webpki::forbidden-weak-rsa-key-in-rootπ
Produces the following invalid chain:
root -> EE
The root cert is signed with and conveys an RSA-1024 key, which is below the security margin (2048) required under CABF 6.1.5.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The certificate chain uses insecure algorithm. |
openssl-3.2.1 |
β | CA certificate key too weak |
rust-webpki |
β | UnknownIssuer |
openssl-3.0.13 |
β | CA certificate key too weak |
pyca-cryptography-42.0.5 |
β (unexpected success) | N/A |
openssl-1.1 |
β | CA certificate key too weak |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β | CA certificate key too weak |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β | InvalidSignatureForPublicKey |
webpki::forbidden-weak-rsa-in-leafπ
Produces the following invalid chain:
root -> EE
The EE cert conveys an RSA 1024 key, which is below the security margin (2048) required under CABF 6.1.5.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | pedantic-webpki-subscriber-key | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The certificate chain uses insecure algorithm. |
openssl-3.2.1 |
β | EE certificate key too weak |
rust-webpki |
β (unexpected success) | N/A |
openssl-3.0.13 |
β | EE certificate key too weak |
pyca-cryptography-42.0.5 |
π§ | testcase skipped (explicit unsupported feature) |
openssl-1.1 |
β | EE certificate key too weak |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β | EE certificate key too weak |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β (unexpected success) | N/A |
webpki::forbidden-rsa-not-divisable-by-8-in-rootπ
Produces the following invalid chain:
root -> EE
The root cert is signed with and conveys an RSA-2052 key, which is above the security margin (2048) but not divisible by 8, as is required under CABF 6.1.5.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The certificate chain uses insecure algorithm. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β (unexpected success) | N/A |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
π§ | testcase skipped (explicitly unsupported case) |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β (unexpected success) | N/A |
webpki::forbidden-rsa-key-not-divisable-by-8-in-leafπ
Produces the following invalid chain:
root -> EE
The EE cert conveys an RSA-2052 key, which is above the security margin (2048) but not divisible by 8, as is required under CABF 6.1.5.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | pedantic-webpki-subscriber-key | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β | Chain verification output: Not verified. The certificate is NOT trusted. The certificate chain uses insecure algorithm. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β (unexpected success) | N/A |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
π§ | testcase skipped (explicit unsupported feature) |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β (unexpected success) | N/A |
webpki::v1-certπ
Produces the following invalid chain:
root -> EE
This chain is correctly constructed, but the EE cert is marked with version 2 (ordinal 1) rather than version 3 (ordinal 2). This is invalid, per CABF 7.1.1:
Certificates MUST be of type X.509 v3.
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β (unexpected success) | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β | leaf cert: X.509 parse failed |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
β | validation failed: Other("certificate must be an X509v3 certificate") |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β | N/A |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β | leaf cert: X.509 parse failed |
webpki::ee-basicconstraints-caπ
Produces the following invalid chain:
root -> EE
The EE certificate has keyUsage.keyCertSign=FALSE but
basicConstraints.cA=TRUE, which is explicitly forbidden under
CABF 7.1.2.7.8:
cA MUST be FALSE
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | N/A | PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β (unexpected success) | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β | CaUsedAsEndEntity |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
β | validation failed: Other("basicConstraints.cA must not be asserted in an EE certificate") |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β (unexpected success) | N/A |
rustls-webpki |
β | CaUsedAsEndEntity |
webpki::ca-as-leafπ
Produces the following invalid chain:
root -> ICA
The ICA is in leaf position, despite being a CA certificate,
which is explicitly forbidden under CABF 7.1.2.7.11 (keyUsage.keyCertSign must NOT be
permitted) and 7.1.2.7.8 (basicConstraints.cA MUST be false`).
| Expected result | Validation kind | Validation time | Features | Importance | Conflicts | Download |
|---|---|---|---|---|---|---|
| FAILURE | SERVER | N/A | N/A | undetermined | rfc5280::ca-as-leaf |
PEM bundle |
| Harness | Result | Context |
|---|---|---|
gnutls-certtool-3.7.3 |
β (unexpected success) | Chain verification output: Verified. The certificate is trusted. |
openssl-3.2.1 |
β (unexpected success) | N/A |
rust-webpki |
β | CaUsedAsEndEntity |
openssl-3.0.13 |
β (unexpected success) | N/A |
pyca-cryptography-42.0.5 |
β | validation failed: Other("basicConstraints.cA must not be asserted in an EE certificate") |
openssl-1.1 |
β (unexpected success) | N/A |
gocryptox509-go1.22.2 |
β (unexpected success) | validation: chain built |
openssl-3.1.5 |
β (unexpected success) | N/A |
certvalidator-0.11.1 |
β | The X.509 certificate provided is not valid for securing TLS connections |
rustls-webpki |
β | CaUsedAsEndEntity |