New chain certificates from InCommon and Comodo

On October 6, 2014 Comodo updated the InCommon SHA-2 intermediate from SHA-512 to SHA-384. See Updated Information, below.

The Comodo USERTrust RSA Certification Authority self-signed root CA certificate has a SHA-384 signature. The signature on a root certificate itself is not usually important because the subject and public key of the root certificate are present within the (signed) root store of the client platform (e.g. browser). However, the certificate chaining is somewhat more involved with these new SHA-2 certificates because the roots are newer and so Comodo has had to take 'legacy' cases into account where the new SHA-2 root itself is not directly trusted by the client platform/browser.

The CA bundle that Comodo provided for installation on the webserver has to achieve two different things.

  • For a client that trusts the new SHA-2 root, the server must provide intermediates necessary for the client to build a chain to the new root.
  • For a client that does not yet trust the new SHA-2 root, the server must provide intermediates necessary for the client to build a chain to an old (SHA-1) root.

The two chains in more detail:

Chain
Root
First intermediate (Int1)
Second intermediate (Int2)
End entity
New USERTrust RSA Certification Authority (the newer root certificate, self-signed, 4096-bit RSA key, sha384RSA signature, issued 01 February 2010, serial = 01 fd 6d 30 fc a3 ca 51 a8 1b bc 64 0e 35 03 2d) (none) InCommon RSA Server CA (4096-bit RSA key, sha512RSA signature, issued 19 ‎September ‎2014, serial = 25 b5 5d 45 99 b4 5d 74 e6 dc c9 21 00 54 81 72) End Entity Certificate (2048-bit key, sha256RSA signature)
Legacy support AddTrust External CA Root (the older root certificate, self-signed, 2048-bit RSA key, sha1RSA signature, issued ‎30 ‎May ‎2000, serial = 01) USERTrust RSA Certification Authority (the cross-certificate, 4096-bit key, sha384RSA signature, issued ‎30 ‎May ‎2000 [but actually generated 31 July 2012], serial = 13 ea 28 70 5b f4 ec ed 0c 36 63 09 80 61 43 36) InCommon RSA Server CA (4096-bit RSA key, sha512RSA signature, issued 19 ‎September ‎2014, serial = 25 b5 5d 45 99 b4 5d 74 e6 dc c9 21 00 54 81 72) End Entity Certificate (2048-bit key, sha256RSA signature)

The CA at Int1 in the legacy support chain is the one that's of interest for legacy clients.

Comodo calls it a cross-certificate because it is a signing of one root certificate by another. It's needed to build the chain up to the older trusted root.

For a client running IE or Chrome on a version of MS Windows newer than XP SP2, the USERTrust RSA Certification Authority root will be pulled into the root store on first use and the shorter 3-certificate chain will be what the browser builds.

Clients running Chrome on Linux or Safari or FireFox will not yet trust the USERTrust RSA Certification Authority root, and so will build the longer 4-certificate chain.

Comodo expects the new root to be present in FireFox, Chrome on Linux, and Safari by the end of 2014, although they recommend that folks keep using the chain back to the legacy root for some years to come to catch the long-tail of older clients.

Thus these new SHA-2 SSL certificates need two intermediate CA certificates. That's more bytes on your SSL handshake of course, but it's needed to ensure backward compatibility with older clients as mentioned above. If you are running in a closed environment and you know for sure that all of your end users already trust the USERTrust RSA Certification Authority then you could get rid of the extra intermediate, but at the cost of having no legacy client support, so Comodo suggests that this won't suit the default use-case.

Finally, the InCommon RSA Server CA (with its sha512RSA signature) is actually no 'stronger' than the USERTrust RSA Certification Authority root. The hash variants (SHA-384, SHA-512) are both 'strong enough' to support the use of the 4096-bit RSA key of the USERTrust RSA Certification Authority root CA in signature generation.

Updated information

Comodo has gone ahead and updated InCommon's SHA-2 intermediate from SHA-512 to SHA-384. As of about 0945 EDT on October 6, 2014, all InCommon certificates with "SHA-2" as part of the certificate type's name will be issued off this new Intermediate CA. If you already have SHA-2 signed InCommon certificate in place and wish to replace the Intermediate CA, then please find the drop-in CA certificate replacement for 'InCommon RSA Server CA' below in PEM format.

If you require assistance with its installation/replacement please do not hesitate to contact us through the normal channels [https://www.incommon.org/certificates/support ].


=======

PEM:

-----BEGIN CERTIFICATE-----
MIIF+TCCA+GgAwIBAgIQRyDQ+oVGGn4XoWQCkYRjdDANBgkqhkiG9w0BAQwFADCB
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQx
MDA2MDAwMDAwWhcNMjQxMDA1MjM1OTU5WjB2MQswCQYDVQQGEwJVUzELMAkGA1UE
CBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjESMBAGA1UEChMJSW50ZXJuZXQyMREw
DwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMWSW5Db21tb24gUlNBIFNlcnZlciBD
QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJwb8bsvf2MYFVFRVA+e
xU5NEFj6MJsXKZDmMwysE1N8VJG06thum4ltuzM+j9INpun5uukNDBqeso7JcC7v
HgV9lestjaKpTbOc5/MZNrun8XzmCB5hJ0R6lvSoNNviQsil2zfVtefkQnI/tBPP
iwckRR6MkYNGuQmm/BijBgLsNI0yZpUn6uGX6Ns1oytW61fo8BBZ321wDGZq0GTl
qKOYMa0dYtX6kuOaQ80tNfvZnjNbRX3EhigsZhLI2w8ZMA0/6fDqSl5AB8f2IHpT
eIFken5FahZv9JNYyWL7KSd9oX8hzudPR9aKVuDjZvjs3YncJowZaDuNi+L7RyML
fzcCAwEAAaOCAW4wggFqMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bL
MB0GA1UdDgQWBBQeBaN3j2yW4luHS6a0hqxxAAznODAOBgNVHQ8BAf8EBAMCAYYw
EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgGBmeBDAECAjBQBgNVHR8ESTBHMEWgQ6BB
hj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNh
dGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNo
dHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5j
cnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZI
hvcNAQEMBQADggIBAC0RBjjW29dYaK+qOGcXjeIT16MUJNkGE+vrkS/fT2ctyNMU
11ZlUp5uH5gIjppIG8GLWZqjV5vbhvhZQPwZsHURKsISNrqOcooGTie3jVgU0W+0
+Wj8mN2knCVANt69F2YrA394gbGAdJ5fOrQmL2pIhDY0jqco74fzYefbZ/VS29fR
5jBxu4uj1P+5ZImem4Gbj1e4ZEzVBhmO55GFfBjRidj26h1oFBHZ7heDH1Bjzw72
hipu47Gkyfr2NEx3KoCGMLCj3Btx7ASn5Ji8FoU+hCazwOU1VX55mKPU1I2250Lo
RCASN18JyfsD5PVldJbtyrmz9gn/TKbRXTr80U2q5JhyvjhLf4lOJo/UzL5WCXED
Smyj4jWG3R7Z8TED9xNNCxGBMXnMete+3PvzdhssvbORDwBZByogQ9xL2LUZFI/i
eoQp0UM/L8zfP527vWjEzuDN5xwxMnhi+vCToh7J159o5ah29mP+aJnvujbXEnGa
nrNxHzu+AGOePV8hwrGGG7hOIcPDQwkuYwzN/xT29iLp/cqf9ZhEtkGcQcIImH3b
oJ8ifsCnSbu0GB9L06Yqh7lcyvKDTEADslIaeSEINxhO2Y1fmcYFX/Fqrrp1WnhH
OjplXuXE0OPa0utaKC25Aplgom88L2Z8mEWcyfoB7zKOfD759AN7JKZWCYwk
-----END CERTIFICATE-----



TEXT:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:20:d0:fa:85:46:1a:7e:17:a1:64:02:91:84:63:74
        Signature Algorithm: sha384WithRSAEncryption
        Issuer: C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
        Validity
            Not Before: Oct  6 00:00:00 2014 GMT
            Not After : Oct  5 23:59:59 2024 GMT
        Subject: C=US, ST=MI, L=Ann Arbor, O=Internet2, OU=InCommon, CN=InCommon RSA Server CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (2048 bit)
                Modulus (2048 bit):
                    00:9c:1b:f1:bb:2f:7f:63:18:15:51:51:54:0f:9e:
                    c5:4e:4d:10:58:fa:30:9b:17:29:90:e6:33:0c:ac:
                    13:53:7c:54:91:b4:ea:d8:6e:9b:89:6d:bb:33:3e:
                    8f:d2:0d:a6:e9:f9:ba:e9:0d:0c:1a:9e:b2:8e:c9:
                    70:2e:ef:1e:05:7d:95:eb:2d:8d:a2:a9:4d:b3:9c:
                    e7:f3:19:36:bb:a7:f1:7c:e6:08:1e:61:27:44:7a:
                    96:f4:a8:34:db:e2:42:c8:a5:db:37:d5:b5:e7:e4:
                    42:72:3f:b4:13:cf:8b:07:24:45:1e:8c:91:83:46:
                    b9:09:a6:fc:18:a3:06:02:ec:34:8d:32:66:95:27:
                    ea:e1:97:e8:db:35:a3:2b:56:eb:57:e8:f0:10:59:
                    df:6d:70:0c:66:6a:d0:64:e5:a8:a3:98:31:ad:1d:
                    62:d5:fa:92:e3:9a:43:cd:2d:35:fb:d9:9e:33:5b:
                    45:7d:c4:86:28:2c:66:12:c8:db:0f:19:30:0d:3f:
                    e9:f0:ea:4a:5e:40:07:c7:f6:20:7a:53:78:81:64:
                    7a:7e:45:6a:16:6f:f4:93:58:c9:62:fb:29:27:7d:
                    a1:7f:21:ce:e7:4f:47:d6:8a:56:e0:e3:66:f8:ec:
                    dd:89:dc:26:8c:19:68:3b:8d:8b:e2:fb:47:23:0b:
                    7f:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier:
keyid:53:79:BF:5A:AA:2B:4A:CF:54:80:E1:D8:9B:C0:9D:F2:B2:03:66:CB

            X509v3 Subject Key Identifier:
1E:05:A3:77:8F:6C:96:E2:5B:87:4B:A6:B4:86:AC:71:00:0C:E7:38
            X509v3 Key Usage: critical
                Digital Signature, Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
            X509v3 Extended Key Usage:
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies:
                Policy: X509v3 Any Policy
                Policy: 2.23.140.1.2.2

            X509v3 CRL Distribution Points:
URI:http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl

            Authority Information Access:
                CA Issuers - URI:http://crt.usertrust.com/USERTrustRSAAddTrustCA.crt
                OCSP - URI:http://ocsp.usertrust.com

    Signature Algorithm: sha384WithRSAEncryption
        2d:11:06:38:d6:db:d7:58:68:af:aa:38:67:17:8d:e2:13:d7:
        a3:14:24:d9:06:13:eb:eb:91:2f:df:4f:67:2d:c8:d3:14:d7:
        56:65:52:9e:6e:1f:98:08:8e:9a:48:1b:c1:8b:59:9a:a3:57:
        9b:db:86:f8:59:40:fc:19:b0:75:11:2a:c2:12:36:ba:8e:72:
        8a:06:4e:27:b7:8d:58:14:d1:6f:b4:f9:68:fc:98:dd:a4:9c:
        25:40:36:de:bd:17:66:2b:03:7f:78:81:b1:80:74:9e:5f:3a:
        b4:26:2f:6a:48:84:36:34:8e:a7:28:ef:87:f3:61:e7:db:67:
        f5:52:db:d7:d1:e6:30:71:bb:8b:a3:d4:ff:b9:64:89:9e:9b:
        81:9b:8f:57:b8:64:4c:d5:06:19:8e:e7:91:85:7c:18:d1:89:
        d8:f6:ea:1d:68:14:11:d9:ee:17:83:1f:50:63:cf:0e:f6:86:
        2a:6e:e3:b1:a4:c9:fa:f6:34:4c:77:2a:80:86:30:b0:a3:dc:
        1b:71:ec:04:a7:e4:98:bc:16:85:3e:84:26:b3:c0:e5:35:55:
        7e:79:98:a3:d4:d4:8d:b6:e7:42:e8:44:20:12:37:5f:09:c9:
        fb:03:e4:f5:65:74:96:ed:ca:b9:b3:f6:09:ff:4c:a6:d1:5d:
        3a:fc:d1:4d:aa:e4:98:72:be:38:4b:7f:89:4e:26:8f:d4:cc:
        be:56:09:71:03:4a:6c:a3:e2:35:86:dd:1e:d9:f1:31:03:f7:
        13:4d:0b:11:81:31:79:cc:7a:d7:be:dc:fb:f3:76:1b:2c:bd:
        b3:91:0f:00:59:07:2a:20:43:dc:4b:d8:b5:19:14:8f:e2:7a:
        84:29:d1:43:3f:2f:cc:df:3f:9d:bb:bd:68:c4:ce:e0:cd:e7:
        1c:31:32:78:62:fa:f0:93:a2:1e:c9:d7:9f:68:e5:a8:76:f6:
        63:fe:68:99:ef:ba:36:d7:12:71:9a:9e:b3:71:1f:3b:be:00:
        63:9e:3d:5f:21:c2:b1:86:1b:b8:4e:21:c3:c3:43:09:2e:63:
        0c:cd:ff:14:f6:f6:22:e9:fd:ca:9f:f5:98:44:b6:41:9c:41:
        c2:08:98:7d:db:a0:9f:22:7e:c0:a7:49:bb:b4:18:1f:4b:d3:
        a6:2a:87:b9:5c:ca:f2:83:4c:40:03:b2:52:1a:79:21:08:37:
        18:4e:d9:8d:5f:99:c6:05:5f:f1:6a:ae:ba:75:5a:78:47:3a:
        3a:65:5e:e5:c4:d0:e3:da:d2:eb:5a:28:2d:b9:02:99:60:a2:
        6f:3c:2f:66:7c:98:45:9c:c9:fa:01:ef:32:8e:7c:3e:f9:f4:
        03:7b:24:a6:56:09:8c:24