Android 7.1 certificates are going to expire, anyway to renew them?

starting from September android 7.1 and below users are going to have issues with the internet
so is there anyway to renew those certificates so i can use my phone properly?

tls – How to configure openssl client to only accept specific server certificates?

The practice you’re talking about is called “Certificate Pinning” (or sometimes “Public Key Pinning”) and is a common security recommendation when you control both the client and the server.

Typically this is done by configuring the TLS client code (which might be OpenSSL or some other library) to introduce a custom certificate validation step (typically a function to call when the connection is being established), and in that step you verify that the certificate presented by the server matches the one you were expecting. You might want to look at https://stackoverflow.com/questions/16291809/programmatically-verify-certificate-chain-using-openssl-api or https://stackoverflow.com/questions/3412032/how-do-you-verify-a-public-key-was-issued-by-your-private-ca for code samples to do this (though those are old and might be outdated); OpenSSL’s API is very easy to make mistakes with.

You might also want to read https://labs.nettitude.com/tutorials/tls-certificate-pinning-101/ or similar, which talk about the considerations when doing pinning. In particular, you want to consider things like which cert you pin (a specific leaf cert, the root CA, or something in between) and how much of the cert you pin (pinning the whole cert seems easy but complicates re-issuing the cert with new dates or OIDs or similar, whereas simply pinning public key details provides all the security you really need in most cases). You should also consider a backup / fallback pin, to make cert rotation easier in case your primary cert gets compromised and needs to be revoked.


With all that said, there might be another option in this case. If your client (which is also a server) is only ever going to connect to this one other server, and you use an internal CA, you can configure the TLS client code to use a CA “bundle” containing just that internal CA’s cert, rather than using the system-wide CA bundle. That lets you keep using the default cert validation code, it just won’t trust any certificate that doesn’t chain to your internal CA. This is de facto the same as pinning at the CA level, but potentially much simpler (though with less fine control over the validation logic).

air travel – Is there any physician at SFO who issues fit-to-fly certificates?

As a result of the COVID-19 pandemic, to be authorized to board the plane, some countries require a COVID-19 RT-PCR test done than 48 or 72 hours prior to the departure of the flight, followed by a fit-to-fly certificate that must be signed by a physician. This makes it a bit tight to obtain a fit-to-fly certificate in time, especially if the COVID-19 RT-PCR test results take a while to be sent to the passenger. Is there any physician at SFO who issues fit-to-fly certificates?

certificates – ssh into a server with knowledge of ca bundle

I’m a novice when it comes to network security, but I’m learning. I have researched ca bundles, open ssl, ssh using certificates, etc. I get the gist of a lot of it, however, one question eludes me: Let’s say I had a ca bundle with many certificates in it, for ex ca-certificate.crt on my server. I accidentally gave this to a team of programmers I have hired. Could they theoretically use this to somehow ssh into my server or mysql db?

group policy – Signing Excel .XLSM-documents, expiring code signing certificates and trusted publishers

Short: Is there anyway to trust a certificate or publisher, so that the trust remains even after the certificate has expired?

Much longer: We develop (among other things) Excel documents for a number of customers. The documents contain VBA-macros. Before delivering the documents to our customers, we sign the documents with our code signing certificate.
The default macro settings in Excel (which all our customers stick to) will prompt the user with a security warning, even if the document is digitally signed. This is a good thing, security wise, but some of our customers’ end-users complained. Although they could click “Enable content” to make the code run, they thought it was a bit tiresome to do this many times a day.

About a year ago, we thus started to instruct these customers to configure their computers to trust our certificate (i.e. add the certificate to “Trusted publishers” on their PC:s). I don’t know exactly how this was done, but GPO:s were involved. This has the effect that “our” documents are now opened and VBA-code run without warning. Users are happy.

However, our code signing certificate just expired after two years, so we “renewed” it. (This is from DigiCert if it matters). To test the certificate, I just signed a new Excel document with the renewed certificate, uploaded it to one of our customers and tested it.
The security warning again appeared. Apparently, this new certificate isn’t trusted.
It turns out that the “renewed” certificate is actually a brand new certificate, with (as far as I understand) no connection to the previous certificate, the one that has been trusted. So, we now have to tell our customers to again configure their PC:s to trust this certificate. And every two years (it could have been three if we had bought the maximum length) this process has to be repeated.

DigiCert claims this is by nature – there is really no way to get around this. “Renewing” a certificate is actually just another word for “Getting a brand new certificate”. It has the same textual name of our company as publisher, but that’s it.
Is this true? Is there no other way around it, like extending the validity period of an expiring certificate? Or can you trust the certificate somehow differently, so that new certificates from the same “publisher” are all trusted?

Hope I made myself understood…

tls – Approach to authorizing users and X.509 certificates

I have a system where I’m using X.509 certificates to authenticate the client to the server. The certificate is sent to an HSM to be signed. When it is returned it is used as part of a TLS connection. Once the connection is established, I need to authorize the user i.e. what actions they are permitted to perform against the server.

Can I use X.509 certificates and logic on the server? If so, what field / content would I populate on the certificate and what logic would be necessary on the server?

Thank you.

timestamp – RFC3161: should tokens for which intermediate certificates were revoked without ReasonCode be deemed invalid?

RFC3161 specification (https://www.ietf.org/rfc/rfc3161.txt) section 4. “Security Considerations” states:

   1. When a TSA shall not be used anymore, but the TSA private key has
      not been compromised, the authority's certificate SHALL be
      revoked.  When the reasonCode extension relative to the revoked
      certificate from the TSA is present in the CRL entry extensions,
      it SHALL be set either to unspecified (0), affiliationChanged (3),
      superseded (4) or cessationOfOperation (5).  In that case, at any
      future time, the tokens signed with the corresponding key will be
      considered as invalid, but tokens generated before the revocation
      time will remain valid.  When the reasonCode extension relative to
      the revoked certificate from the TSA is not present in the CRL
      entry extensions, then all the tokens that have been signed with
      the corresponding key SHALL be considered as invalid.  For that
      reason, it is recommended to use the reasonCode extension.

Does the same also apply for intermediate certificates in the issuer chain of the TSA certificate? From one side it would make sense (if the key of the TSA’s issuer would leak, neither the TSA’s certificate nor its RCLs could be trusted). On the other hand the specification only talks about the CRL of the TSA.

So, if an intermediate certificate above the TSA is revoked with a CRL and the reasonCode extension relative to that revoked intermediate certificate is NOT present in the CRL entry extension, will that invalidate all timestamp tokens issued by this TSA?

On a similar note – What happens after the expiration date of the root certificate? Since self-signed root certificates don’t have CRL lists, should timestamps issued by TSAs that use this root still be deemed valid?

certificates – OpenSSL: how to get matching subject_hash from a CMS SignerInfo?

So OpenSSL can calculate a hash value for X509 certificates that uniquely identifies this certificate:

https://www.openssl.org/docs/man1.0.2/man1/x509.html (argument -hash or -subject_hash)

now, if I have a CMS file (https://tools.ietf.org/html/rfc3852) in DER encoding, which has a SignedData field with exactly one SignerInfo but which does not contain the actual certificate of the signature, how can I calculate the hash of the signing certificate identical to what openssl x509 -hash -noout -in actual_cert.pem would create for this certificate in question?

Looking at the CMS using openssl cms -inform DER -in infile.cms -cmsout -print yields

CMS_ContentInfo:
  contentType: pkcs7-signedData (1.2.840.113549.1.7.2)
  d.signedData:
    version: 3
    digestAlgorithms:
        algorithm: sha512 (2.16.840.1.101.3.4.2.3)
        parameter: NULL
    encapContentInfo:
      eContentType: id-smime-ct-TSTInfo (1.2.840.113549.1.9.16.1.4)
      eContent:
        0000 - 30 82 01 75 02 01 01 06-04 2a 03 04 01 30 31   0..u.....*...01
        000f - 30 0d 06 09 60 86 48 01-65 03 04 02 01 05 00   0...`.H.e......
        001e - 04 20 89 9b a3 d9 f7 77-e2 a7 4b dd 34 30 2b   . .....w..K.40+
        002d - c0 6c b3 f7 a4 6a c1 f5-65 ee 12 8f 79 fd 5d   .l...j..e...y.)
        003c - ab 99 d6 8b 02 03 2d 19-84 18 0f 32 30 32 31   ......-....2021
        004b - 30 32 30 34 31 34 33 30-35 36 5a 01 01 ff 02   0204143056Z....
        005a - 09 00 83 16 8e 99 d6 23-2e fc a0 82 01 11 a4   .......#.......
        0069 - 82 01 0d 30 82 01 09 31-11 30 0f 06 03 55 04   ...0...1.0...U.
        0078 - 0a 13 08 46 72 65 65 20-54 53 41 31 0c 30 0a   ...Free TSA1.0.
        0087 - 06 03 55 04 0b 13 03 54-53 41 31 76 30 74 06   ..U....TSA1v0t.
        0096 - 03 55 04 0d 13 6d 54 68-69 73 20 63 65 72 74   .U...mThis cert
        00a5 - 69 66 69 63 61 74 65 20-64 69 67 69 74 61 6c   ificate digital
        00b4 - 6c 79 20 73 69 67 6e 73-20 64 6f 63 75 6d 65   ly signs docume
        00c3 - 6e 74 73 20 61 6e 64 20-74 69 6d 65 20 73 74   nts and time st
        00d2 - 61 6d 70 20 72 65 71 75-65 73 74 73 20 6d 61   amp requests ma
        00e1 - 64 65 20 75 73 69 6e 67-20 74 68 65 20 66 72   de using the fr
        00f0 - 65 65 74 73 61 2e 6f 72-67 20 6f 6e 6c 69 6e   eetsa.org onlin
        00ff - 65 20 73 65 72 76 69 63-65 73 31 18 30 16 06   e services1.0..
        010e - 03 55 04 03 13 0f 77 77-77 2e 66 72 65 65 74   .U....www.freet
        011d - 73 61 2e 6f 72 67 31 22-30 20 06 09 2a 86 48   sa.org1"0 ..*.H
        012c - 86 f7 0d 01 09 01 16 13-62 75 73 69 6c 65 7a   ........busilez
        013b - 61 73 40 67 6d 61 69 6c-2e 63 6f 6d 31 12 30   as@gmail.com1.0
        014a - 10 06 03 55 04 07 13 09-57 75 65 72 7a 62 75   ...U....Wuerzbu
        0159 - 72 67 31 0b 30 09 06 03-55 04 06 13 02 44 45   rg1.0...U....DE
        0168 - 31 0f 30 0d 06 03 55 04-08 13 06 42 61 79 65   1.0...U....Baye
        0177 - 72 6e                                          rn
    certificates:
      <ABSENT>
    crls:
      <ABSENT>
    signerInfos:
        version: 1
        d.issuerAndSerialNumber:
          issuer: O=Free TSA, OU=Root CA, CN=www.freetsa.org/emailAddress=busilezas@gmail.com, L=Wuerzburg, ST=Bayern, C=DE
          serialNumber: 13972846748170250626
        digestAlgorithm:
          algorithm: sha512 (2.16.840.1.101.3.4.2.3)
          parameter: NULL
        signedAttrs:
            object: contentType (1.2.840.113549.1.9.3)
            set:
              OBJECT:id-smime-ct-TSTInfo (1.2.840.113549.1.9.16.1.4)

            object: signingTime (1.2.840.113549.1.9.5)
            set:
              UTCTIME:Feb  4 14:30:56 2021 GMT

            object: id-smime-aa-signingCertificate (1.2.840.113549.1.9.16.2.12)
            set:
              SEQUENCE:
    0:d=0  hl=2 l=  26 cons: SEQUENCE
    2:d=1  hl=2 l=  24 cons:  SEQUENCE
    4:d=2  hl=2 l=  22 cons:   SEQUENCE
    6:d=3  hl=2 l=  20 prim:    OCTET STRING      (HEX DUMP):916DA3D860ECCA82E34BC59D1793E7E968875F14

            object: messageDigest (1.2.840.113549.1.9.4)
            set:
              OCTET STRING:
                0000 - 4d b9 02 47 cb 66 6e 37-48 c7 56 04 1a   M..G.fn7H.V..
                000d - 77 45 23 95 72 1d 1d e8-62 3e 7b 68 9d   wE#.r...b>{h.
                001a - 58 43 88 64 a7 b3 1b be-bd 56 8e 58 8d   XC.d.....V.X.
                0027 - 8d 12 fe 11 dc 68 89 a5-56 aa bd 00 df   .....h..V....
                0034 - e4 8d f6 3b d8 8e 7d 78-c7 d2 42 a4      ...;..}x..B.
        signatureAlgorithm:
          algorithm: rsaEncryption (1.2.840.113549.1.1.1)
          parameter: NULL
        signature:
          0000 - 62 39 1e b9 0e e3 ab 74-fa 90 46 bd d6 78 bc   b9.....t..F..x.
          000f - 2e d6 a4 3a 7b f4 0e 45-11 ba 16 c0 48 46 5a   ...:{..E....HFZ
          001e - 52 87 c5 3c 9d ae c7 1d-83 dc c8 03 8f 2e 70   R..<..........p
          002d - 2c 4e 1f 6a 4e 5e 64 b7-5d 56 5e cb c9 6f af   ,N.jN^d.)V^..o.
          003c - 17 3d f4 2f c9 a5 b9 5c-d4 a1 03 1f 43 8f a3   .=./.......C..
          004b - 46 13 62 df 4d f6 cc 48-ad 2c c3 43 85 5e 8c   F.b.M..H.,.C.^.
          005a - 5b da a8 97 8d 3a 06 28-72 56 f3 38 e3 06 ad   (....:.(rV.8...
          0069 - ca 80 28 28 73 3f 9a 6f-ed ba b9 ac ed f4 6f   ..((s?.o......o
          0078 - 69 9e 91 d4 d2 4d 6b 1f-98 53 16 66 d7 50 62   i....Mk..S.f.Pb
          0087 - 96 61 9f 0f f6 bd 94 19-d6 04 c5 7e f9 3c 89   .a.........~.<.
          0096 - 5a 8a d1 a1 05 72 4e 6f-9c 8a a5 ef 6b 36 8d   Z....rNo....k6.
          00a5 - e5 ee 8a e9 11 8b 1c 70-42 c7 32 6d 27 42 fb   .......pB.2m'B.
          00b4 - 99 71 25 ae 66 67 48 58-10 df 4a db 08 08 ea   .q%.fgHX..J....
          00c3 - b1 a0 d5 ca 22 4b 46 ad-12 fd a1 72 91 c4 8b   ...."KF....r...
          00d2 - 21 d2 ff d8 b3 13 7f f8-31 9c 42 f6 b4 ea b1   !.......1.B....
          00e1 - 15 21 8a ed e0 b9 6a 3c-0d 88 03 aa 4a ca f2   .!....j<....J..
          00f0 - 13 59 54 99 0b 19 70 4f-91 0a 7e f7 17 92 70   .YT...pO..~...p
          00ff - dd 0f 54 cc 1e e7 7b 42-d2 fa c2 53 3a 45 5a   ..T...{B...S:EZ
          010e - 45 09 c3 7b b5 34 6d 0b-40 82 72 45 4d eb 60   E..{.4m.@.rEM.`
          011d - 00 57 c8 46 77 23 5b 1c-c0 ff 6b 01 5c 0e 2f   .W.Fw#(...k../
          012c - fb 87 b3 e6 42 e5 1b 1d-25 6c c5 43 c4 af b8   ....B...%l.C...
          013b - 9b 51 74 f2 c9 85 d2 54-52 ca b6 4e ac a1 83   .Qt....TR..N...
          014a - 28 80 99 11 d5 ed a0 82-ad cc df 7d 18 a4 2c   (..........}..,
          0159 - 05 79 c0 f9 be 7c 52 1e-33 84 0c a5 ae b4 4e   .y...|R.3.....N
          0168 - 6d 08 ee 68 13 44 35 15-5f e1 3d e5 72 36 72   m..h.D5._.=.r6r
          0177 - 05 8e 4c 4d 7f 0d ce 32-23 5c 16 bc 73 99 e6   ..LM...2#..s..
          0186 - 68 ea c5 19 e7 4d d7 0f-22 d5 1c 61 ac a8 cf   h....M.."..a...
          0195 - b6 70 49 79 3c 22 1a 90-96 cd 3b fb 11 bb 56   .pIy<"....;...V
          01a4 - 4f 2a 41 a7 5d 61 f4 81-6a 1c ce 2d f9 0c bb   O*A.)a..j..-...
          01b3 - 91 80 7a 9d 9c 61 37 81-e1 77 20 d3 06 56 be   ..z..a7..w ..V.
          01c2 - f3 df 1c 74 47 ee ab 81-7a 03 80 96 95 a0 93   ...tG...z......
          01d1 - 4b f4 e6 b9 a2 f4 8b 2f-25 80 2f c9 b5 a3 99   K....../%./....
          01e0 - 34 e0 ab 8e 2b fb e3 ce-26 91 0a b3 6d af 18   4...+...&...m..
          01ef - 5a d7 a8 7c 3e c6 1c 17-0d e8 30 da df f2 5d   Z..|>.....0...)
          01fe - 51 3b                                          Q;
        unsignedAttrs:
          <ABSENT>

So I see there is one SignerInfo object.

According to 5.3. SignerInfo Type in https://tools.ietf.org/html/rfc3852 :

The fields of type SignerInfo have the following meanings:

      version is the syntax version number.  If the SignerIdentifier is
      the CHOICE issuerAndSerialNumber, then the version MUST be 1.  If
      the SignerIdentifier is subjectKeyIdentifier, then the version
      MUST be 3.

      sid specifies the signer's certificate (and thereby the signer's
      public key).  The signer's public key is needed by the recipient
      to verify the signature.  SignerIdentifier provides two
      alternatives for specifying the signer's public key.  The
      issuerAndSerialNumber alternative identifies the signer's
      certificate by the issuer's distinguished name and the certificate
      serial number; the subjectKeyIdentifier identifies the signer's
      certificate by a key identifier.

So in the provided example SignerInfo.version is 1, so the certificate is idenified by issuerAndSerialNumber so how would I compute the corresponding X509 hash? Just extract issuerAndSerialNumber.issuer and calculate the SHA-1 of it? If so, how can I extract this using Openssl?

If now the SignerInfo.version would be 3 instead of 1, if I understand the specification correctly there wouldn’t be an issuerAndSerialNumber field but instead a SubjectKeyIdentifier field. Would this be already the hash that openssl x509 -hash -noout -in actual_cert.pem would output? If not, how would I calculate the corresponding hash in this case?

certificates – Why is this PEM file invalid?

I have a file chain.pem that contains two PEM encoded certificates, the first one being the TSA certificate and the second one being the self-signed CA.

the file content is exactly:

-----BEGIN CERTIFICATE-----
MIIIATCCBemgAwIBAgIJAMHphhYNqOmCMA0GCSqGSIb3DQEBDQUAMIGVMREwDwYD
VQQKEwhGcmVlIFRTQTEQMA4GA1UECxMHUm9vdCBDQTEYMBYGA1UEAxMPd3d3LmZy
ZWV0c2Eub3JnMSIwIAYJKoZIhvcNAQkBFhNidXNpbGV6YXNAZ21haWwuY29tMRIw
EAYDVQQHEwlXdWVyemJ1cmcxDzANBgNVBAgTBkJheWVybjELMAkGA1UEBhMCREUw
HhcNMTYwMzEzMDE1NzM5WhcNMjYwMzExMDE1NzM5WjCCAQkxETAPBgNVBAoTCEZy
ZWUgVFNBMQwwCgYDVQQLEwNUU0ExdjB0BgNVBA0TbVRoaXMgY2VydGlmaWNhdGUg
ZGlnaXRhbGx5IHNpZ25zIGRvY3VtZW50cyBhbmQgdGltZSBzdGFtcCByZXF1ZXN0
cyBtYWRlIHVzaW5nIHRoZSBmcmVldHNhLm9yZyBvbmxpbmUgc2VydmljZXMxGDAW
BgNVBAMTD3d3dy5mcmVldHNhLm9yZzEiMCAGCSqGSIb3DQEJARYTYnVzaWxlemFz
QGdtYWlsLmNvbTESMBAGA1UEBxMJV3VlcnpidXJnMQswCQYDVQQGEwJERTEPMA0G
A1UECBMGQmF5ZXJuMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtZEE
jE5IbzTp3Ahif8I3UWIjaYS4LLEwvv9RfPw4+EvOXGWodNqyYhrgvOfjNWPg7ek0
/V+IIxWfB4SICCJ0YMHtiCYXBvQoEzQ1nfu4G9E1P8F5YQrxqMjIZdwA6iOzqJvm
vQO6hansgn1gVlkF4i1qWE7ROArhUCgM7jl+mKAS84BGQAeGJEO8B3y5X0Ia8xcS
2Wg8223/uvPIululZq5SPUWdYXc0bU2EDieIa3wBxbiQ14ouJ7uo3S+aKBLhV9Yv
khxlliVIBp3Nt9Bt4YHeDpVw1m+HIgzii2KKtVkG8+4MIQ9wUej0hYr4uaktCeRq
8tnLpb/PrRaM32BEkaSwZgOxFMr3Ax8GXn7u+lPFdfNJDAWdLjLdx2rE1MTHEGg7
l/0b5ZG8YQVRhtiPmgORswe2+R7ZVNqjb5rNah4Uqi5K3xdGS1TbGNu2/+MAgCRl
RzcENs5Od7rl3m/g8/nW5/++tGHnlOkvsJUfiq5hpBLM6bIQdGNci+MnrhoPa0pk
brD4RjvGO/hFUwQ10Z6AJRHsn2bDSWlS2L7LabCqTUxB9gUV/n3LuJMZzdpZumrq
S+POrnGOb8tszX25/FC7FbEvNmWwqjByicLm3UsRHOSLotnv21prmlBgaTNPs09v
x64zDws0IIqsgN8yZv3ZBGWHa6LLiY2VBTFbbnsCAwEAAaOCAdswggHXMAkGA1Ud
EwQCMAAwHQYDVR0OBBYEFG52C3tOT5zhYMptLOknoqKUs3c3MB8GA1UdIwQYMBaA
FPpVDYw0ZlFDTPfns6dsla965qSXMAsGA1UdDwQEAwIGwDAWBgNVHSUBAf8EDDAK
BggrBgEFBQcDCDBjBggrBgEFBQcBAQRXMFUwKgYIKwYBBQUHMAKGHmh0dHA6Ly93
d3cuZnJlZXRzYS5vcmcvdHNhLmNydDAnBggrBgEFBQcwAYYbaHR0cDovL3d3dy5m
cmVldHNhLm9yZzoyNTYwMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuZnJl
ZXRzYS5vcmcvY3JsL3Jvb3RfY2EuY3JsMIHGBgNVHSAEgb4wgbswgbgGAQAwgbIw
MwYIKwYBBQUHAgEWJ2h0dHA6Ly93d3cuZnJlZXRzYS5vcmcvZnJlZXRzYV9jcHMu
aHRtbDAyBggrBgEFBQcCARYmaHR0cDovL3d3dy5mcmVldHNhLm9yZy9mcmVldHNh
X2Nwcy5wZGYwRwYIKwYBBQUHAgIwOxo5RnJlZVRTQSB0cnVzdGVkIHRpbWVzdGFt
cGluZyBTb2Z0d2FyZSBhcyBhIFNlcnZpY2UgKFNhYVMpMA0GCSqGSIb3DQEBDQUA
A4ICAQClyUTixvrAoU2TCn/QoLFytB/BSDw+lXxoorzZuXZPGpUBYf1yRy1Bpe7S
d3hiA7VCIkD7OibN4XYIe2+xAR30zBniVxqkoFEQlmXpTEb1C9Kt7mrEE34lGyWj
navaRRUV2P+eByCejsILeHT34aDt58AJN/6EozT4syZc7S2O2d9hOWWDZ3/rOCwe
47I+bqXwXfMN57n4kAXSUmb2EvOci09tq6bXv7rBljK5Bjcyn1Km8GahDkPqqB+E
mmxf4/6LXqIydfaH8gUuUC6mwwdipmjM4Hhx3Y6X4xW7qSniVYmXegoxLOlsUQax
Q3x3nys2GxgoiPPuiiNDdPoGPpVhkmJ/fEMQc5ZdEmCSjroAnoA0Ka4yTPlvBCNU
83vKWv3cefeTRqs4i/x58B3JhhJU6mzBKZQQdrg9IFVvO+UTJoN/KHb3gzs3Dnw9
QQUjgn1PU0AMciGNdSKf8QxviJOpo6HAxCu0yJjBPfQcf2VztPxWUVlxphCnsNKF
fIIlqfsgTqzsouiXGqGvh4hqKuPHL+CgquhCmAp3vvFrkhFUWAkNmCtZRmA3ZOda
CtPRFFS5mG9ni5q2r+hJcDOuOr/U60O3vJ3uaIFZSeZIFYKoLnhSd/IoIQfv45Ag
DgUIrLjqguolBSdvPJ2io9O0rTi7+IQr2jb8JEgpH1WNwC3R4A==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIH/zCCBeegAwIBAgIJAMHphhYNqOmAMA0GCSqGSIb3DQEBDQUAMIGVMREwDwYD
VQQKEwhGcmVlIFRTQTEQMA4GA1UECxMHUm9vdCBDQTEYMBYGA1UEAxMPd3d3LmZy
ZWV0c2Eub3JnMSIwIAYJKoZIhvcNAQkBFhNidXNpbGV6YXNAZ21haWwuY29tMRIw
EAYDVQQHEwlXdWVyemJ1cmcxDzANBgNVBAgTBkJheWVybjELMAkGA1UEBhMCREUw
HhcNMTYwMzEzMDE1MjEzWhcNNDEwMzA3MDE1MjEzWjCBlTERMA8GA1UEChMIRnJl
ZSBUU0ExEDAOBgNVBAsTB1Jvb3QgQ0ExGDAWBgNVBAMTD3d3dy5mcmVldHNhLm9y
ZzEiMCAGCSqGSIb3DQEJARYTYnVzaWxlemFzQGdtYWlsLmNvbTESMBAGA1UEBxMJ
V3VlcnpidXJnMQ8wDQYDVQQIEwZCYXllcm4xCzAJBgNVBAYTAkRFMIICIjANBgkq
hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtgKODjAy8REQ2WTNqUudAnjhlCrpE6ql
mQfNppeTmVvZrH4zutn+NwTaHAGpjSGv4/WRpZ1wZ3BRZ5mPUBZyLgq0YrIfQ5Fx
0s/MRZPzc1r3lKWrMR9sAQx4mN4z11xFEO529L0dFJjPF9MD8Gpd2feWzGyptlel
b+PqT+++fOa2oY0+NaMM7l/xcNHPOaMz0/2olk0i22hbKeVhvokPCqhFhzsuhKsm
q4Of/o+t6dI7sx5h0nPMm4gGSRhfq+z6BTRgCrqQG2FOLoVFgt6iIm/BnNffUr7V
DYd3zZmIwFOj/H3DKHoGik/xK3E82YA2ZulVOFRW/zj4ApjPa5OFbpIkd0pmzxzd
EcL479hSA9dFiyVmSxPtY5ze1P+BE9bMU1PScpRzw8MHFXxyKqW13Qv7LWw4sbk3
SciB7GACbQiVGzgkvXG6y85HOuvWNvC5GLSiyP9GlPB0V68tbxz4JVTRdw/Xn/XT
FNzRBM3cq8lBOAVt/PAX5+uFcv1S9wFE8YjaBfWCP1jdBil+c4e+0tdywT2oJmYB
BF/kEt1wmGwMmHunNEuQNzh1FtJY54hbUfiWi38mASE7xMtMhfj/C4SvapiDN837
gYaPfs8x3KZxbX7C3YAsFnJinlwAUss1fdKar8Q/YVs7H/nU4c4Ixxxz4f67fcVq
M2ITKentbCMCAwEAAaOCAk4wggJKMAwGA1UdEwQFMAMBAf8wDgYDVR0PAQH/BAQD
AgHGMB0GA1UdDgQWBBT6VQ2MNGZRQ0z357OnbJWveuaklzCBygYDVR0jBIHCMIG/
gBT6VQ2MNGZRQ0z357OnbJWveuakl6GBm6SBmDCBlTERMA8GA1UEChMIRnJlZSBU
U0ExEDAOBgNVBAsTB1Jvb3QgQ0ExGDAWBgNVBAMTD3d3dy5mcmVldHNhLm9yZzEi
MCAGCSqGSIb3DQEJARYTYnVzaWxlemFzQGdtYWlsLmNvbTESMBAGA1UEBxMJV3Vl
cnpidXJnMQ8wDQYDVQQIEwZCYXllcm4xCzAJBgNVBAYTAkRFggkAwemGFg2o6YAw
MwYDVR0fBCwwKjAooCagJIYiaHR0cDovL3d3dy5mcmVldHNhLm9yZy9yb290X2Nh
LmNybDCBzwYDVR0gBIHHMIHEMIHBBgorBgEEAYHyJAEBMIGyMDMGCCsGAQUFBwIB
FidodHRwOi8vd3d3LmZyZWV0c2Eub3JnL2ZyZWV0c2FfY3BzLmh0bWwwMgYIKwYB
BQUHAgEWJmh0dHA6Ly93d3cuZnJlZXRzYS5vcmcvZnJlZXRzYV9jcHMucGRmMEcG
CCsGAQUFBwICMDsaOUZyZWVUU0EgdHJ1c3RlZCB0aW1lc3RhbXBpbmcgU29mdHdh
cmUgYXMgYSBTZXJ2aWNlIChTYWFTKTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUH
MAGGG2h0dHA6Ly93d3cuZnJlZXRzYS5vcmc6MjU2MDANBgkqhkiG9w0BAQ0FAAOC
AgEAaK9+v5OFYu9M6ztYC+L69sw1omdyli89lZAfpWMMh9CRmJhM6KBqM/ipwoLt
nxyxGsbCPhcQjuTvzm+ylN6VwTMmIlVyVSLKYZcdSjt/eCUN+41K7sD7GVmxZBAF
ILnBDmTGJmLkrU0KuuIpj8lI/E6Z6NnmuP2+RAQSHsfBQi6sssnXMo4HOW5gtPO7
gDrUpVXID++1P4XndkoKn7Svw5n0zS9fv1hxBcYIHPPQUze2u30bAQt0n0iIyRLz
aWuhtpAtd7ffwEbASgzB7E+NGF4tpV37e8KiA2xiGSRqT5ndu28fgpOY87gD3ArZ
DctZvvTCfHdAS5kEO3gnGGeZEVLDmfEsv8TGJa3AljVa5E40IQDsUXpQLi8G+UC4
1DWZu8EVT4rnYaCw1VX7ShOR1PNCCvjb8S8tfdudd9zhU3gEB0rxdeTy1tVbNLXW
99y90xcwr1ZIDUwM/xQ/noO8FRhm0LoPC73Ef+J4ZBdrvWwauF3zJe33d4ibxEcb
8/pz5WzFkeixYM2nsHhqHsBKw7JPouKNXRnl5IAE1eFmqDyC7G/VT7OF669xM6hb
Ut5G21JE4cNK6NNucS+fzg1JPX0+3VhsYZjj7D5uljRvQXrJ8iHgr/M6j2oLHvTA
I2MLdq2qjZFDOCXsxBxJpbmLGBx9ow6ZerlUxzws2AWv2pk=
-----END CERTIFICATE-----

If I try to load this using openssl, I get the following error:

$ openssl pkcs7 -inform pem -in chain.pem -text
unable to load PKCS7 object
372716:error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag:../openssl-1.1.1i/crypto/asn1/tasn_dec.c:1149:
372716:error:0D06C03A:asn1 encoding routines:asn1_d2i_ex_primitive:nested asn1 error:../openssl-1.1.1i/crypto/asn1/tasn_dec.c:713:
372716:error:0D08303A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../openssl-1.1.1i/crypto/asn1/tasn_dec.c:646:Field=type, Type=PKCS7
372716:error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib:../openssl-1.1.1i/crypto/pem/pem_oth.c:33:

I checked answers in this https://stackoverflow.com/questions/45048858/pem-routinespem-read-biobad-end-line one, but It seems the headers and footers are propper – so, what’s wrong with this certificate file?

certificates – Digital Signature uses private key for encryption, and public key for decryption?

Public key is for encryption, and private key is for decryption in PKIs.
And digital signature employs the PKIs.
How to use a private key for encryption, and using public key for decryption which violate asymmetric cryptography?

==quote==

from geeksforgeeks
https://www.geeksforgeeks.org/digital-signatures-certificates/

The steps followed in creating digital signature are :

  1. Message digest is computed by applying hash function on the message and then message digest is encrypted using private key of sender to form the digital signature. (digital signature = encryption (private key of sender, message digest) and message digest = message digest algorithm(message)).
  2. Digital signature is then transmitted with the message.(message + digital signature is transmitted)
  3. Receiver decrypts the digital signature using the public key of sender.(This assures authenticity,as only sender has his private key so only sender can encrypt using his private key which can thus be decrypted by sender’s public key).
  4. The receiver now has the message digest.
  5. The receiver can compute the message digest from the message (actual message is sent with the digital signature).
  6. The message digest computed by receiver and the message digest (got by decryption on digital signature) need to be same for ensuring integrity.

==unquote==