View Issue Details

IDProjectCategoryView StatusLast Update
0001540Main CAcert Websitecertificate issuingpublic2022-06-02 14:21
Reporteralkas Assigned Tojandd  
Status newResolutionopen 
PlatformDefaultOSanyOS Versionany
Summary0001540: Class 3 Root doesn't contain attributes X509v3 Subject Key Identifier & X509v3 Authority Key Identifier & X509v3 Key Usage
DescriptionIntermediate certificate:
Key usage required, but our class 3 cert seems to not have the key usage extension ("X509v3 Key Usage"). End-user certs do have it.
The wrong Issuer URL leads to failing checks of the trust chain.

See the attached picture comparing the new (SN=14E288, left side) and the old (SN=0A418A, right side) Class 3 Roots.
You can see that both the attributes mentioned are missing.
Tagscertificates, Class 3, Class 3 Root, class3
Reviewed by
Test InstructionsPerform a dump of the Class 3 Root certificate



2022-05-31 19:30


Class_3_compare.gif (42,257 bytes)   
Class_3_compare.gif (42,257 bytes)   


2022-05-31 20:54

manager   ~0006113

The difference between Class 3 Root SN=00000E and Class 3 Root SN=14E228. See the picture. Another diffs = dates only.
Class_3_compare_0Ex14E228.gif (63,293 bytes)   
Class_3_compare_0Ex14E228.gif (63,293 bytes)   


2022-06-01 07:33

manager   ~0006114

Google Workspace, Hosted S/MIME service.
There are two instructions how to make a certificate chain.


2022-06-02 14:21

manager   ~0006115

A problem with the X509v3 Authority Key Identifier creating a new CA certificate, please see:

Issue History

Date Modified Username Field Change
2022-05-31 19:30 alkas New Issue
2022-05-31 19:30 alkas Assigned To => jandd
2022-05-31 19:30 alkas Tag Attached: certificates
2022-05-31 19:30 alkas Tag Attached: Class 3
2022-05-31 19:30 alkas Tag Attached: Class 3 Root
2022-05-31 19:30 alkas Tag Attached: class3
2022-05-31 19:30 alkas File Added: Class_3_compare.gif
2022-05-31 20:54 alkas Note Added: 0006113
2022-05-31 20:54 alkas File Added: Class_3_compare_0Ex14E228.gif
2022-06-01 07:33 alkas Note Added: 0006114
2022-06-02 14:21 alkas Note Added: 0006115