org.elasticsearch.common.ssl.SslDiagnostics Maven / Gradle / Ivy
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the "Elastic License
* 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side
* Public License v 1"; you may not use this file except in compliance with, at
* your election, the "Elastic License 2.0", the "GNU Affero General Public
* License v3.0 only", or the "Server Side Public License, v 1".
package org.elasticsearch.common.ssl;
import org.elasticsearch.core.Nullable;
import java.time.Clock;
import java.time.Instant;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
public class SslDiagnostics {
public static final SslDiagnostics INSTANCE = new SslDiagnostics(Clock.systemUTC());
public SslDiagnostics(Clock clock) {
this.clock = clock;
private final Clock clock;
public static List describeValidHostnames(X509Certificate certificate) {
try {
final Collection> names = certificate.getSubjectAlternativeNames();
if (names == null || names.isEmpty()) {
return Collections.emptyList();
final List description = new ArrayList<>(names.size());
for (List> pair : names) {
if (pair == null || pair.size() != 2) {
if ((pair.get(0) instanceof Integer) == false || (pair.get(1) instanceof String) == false) {
final int type = ((Integer) pair.get(0)).intValue();
final String name = (String) pair.get(1);
if (type == 2) {
description.add("DNS:" + name);
} else if (type == 7) {
description.add("IP:" + name);
return description;
} catch (CertificateParsingException e) {
return Collections.emptyList();
public enum PeerType {
private record IssuerTrust(List issuerCerts, boolean verified) {
private static IssuerTrust noMatchingCertificate() {
return new IssuerTrust(null, false);
private static IssuerTrust verifiedCertificates(List issuerCert) {
return new IssuerTrust(issuerCert, true);
private static IssuerTrust unverifiedCertificates(List issuerCert) {
return new IssuerTrust(issuerCert, false);
boolean isVerified() {
return issuerCerts != null && verified;
boolean foundCertificateForDn() {
return issuerCerts != null;
private static class CertificateTrust {
* These certificates are trusted in the relevant context.
* They might not match with the requested certificate (see {@link #match}) but will be for the requested DN.
private final List trustedCertificates;
private final boolean match;
private final boolean identicalCertificate;
private CertificateTrust(List certificates, boolean match, boolean identicalCertificate) {
this.trustedCertificates = certificates;
this.match = match;
this.identicalCertificate = identicalCertificate;
private static CertificateTrust noMatchingIssuer() {
return new CertificateTrust(null, false, false);
* We trust the provided certificates.
private static CertificateTrust sameCertificate(X509Certificate issuerCert) {
return new CertificateTrust(List.of(issuerCert), true, true);
* Found trusted certificates with the same DN + same public keys, but different certificates
private static CertificateTrust samePublicKey(List issuerCerts) {
return new CertificateTrust(issuerCerts, true, false);
* Found certificates for the requested DN, but they have different public keys
private static CertificateTrust nonMatchingCertificates(List certificates) {
return new CertificateTrust(certificates, false, false);
boolean hasCertificates() {
return trustedCertificates != null && trustedCertificates.isEmpty() == false;
boolean isTrusted() {
return hasCertificates() && match;
boolean isSameCertificate() {
return isTrusted() && identicalCertificate;
* These names align with the values (and indices) defined by {@link X509Certificate#getKeyUsage()}
private static final String[] KEY_USAGE_NAMES = new String[] {
"decipherOnly" };
private enum ExtendedKeyUsage {
private String oid;
ExtendedKeyUsage(String oid) {
this.oid = Objects.requireNonNull(oid);
public static String decodeOid(String oid) {
for (ExtendedKeyUsage e : values()) {
if (e.oid.equals(oid)) {
return oid;
* @param contextName The descriptive name of this SSL context (e.g. "")
* @param trustedIssuers A Map of DN to Certificate, for the issuers that were trusted in the context in which this failure occurred
* (see {@link})
public String getTrustDiagnosticFailure(
X509Certificate[] chain,
PeerType peerType,
SSLSession session,
String contextName,
@Nullable Map> trustedIssuers
) {
final String peerAddress = Optional.ofNullable(session).map(SSLSession::getPeerHost).orElse("");
final StringBuilder message = new StringBuilder("failed to establish trust with ").append(
.append(" at [")
.append("]; ");
if (chain == null || chain.length == 0) {
message.append("the ").append(" did not provide a certificate");
return message.toString();
final X509Certificate peerCert = chain[0];
message.append("the ")
.append(" provided a certificate with subject name [")
.append("], ")
.append(", ")
.append(" and ")
addCertificateExpiryDescription(peerCert, message);
addSessionDescription(session, message);
if (peerType == PeerType.SERVER) {
try {
final Collection> alternativeNames = peerCert.getSubjectAlternativeNames();
if (alternativeNames == null || alternativeNames.isEmpty()) {
message.append("; the certificate does not have any subject alternative names");
} else {
final List hostnames = describeValidHostnames(peerCert);
if (hostnames.isEmpty()) {
message.append("; the certificate does not have any DNS/IP subject alternative names");
} else {
message.append("; the certificate has subject alternative names [").append(String.join(",", hostnames)).append("]");
} catch (CertificateParsingException e) {
message.append("; the certificate's subject alternative names cannot be parsed");
if (isSelfIssued(peerCert)) {
message.append("; the certificate is ").append(describeSelfIssuedCertificate(peerCert, contextName, trustedIssuers));
} else {
final String issuerName = peerCert.getIssuerX500Principal().getName();
message.append("; the certificate is issued by [").append(issuerName).append("]");
if (chain.length == 1) {
message.append(" but the ")
.append(" did not provide a copy of the issuing certificate in the certificate chain")
.append(describeIssuerTrust(contextName, trustedIssuers, peerCert, issuerName));
if (chain.length > 1) {
message.append("; the certificate is ");
// skip index-0, that's the peer cert.
for (int i = 1; i < chain.length; i++) {
message.append("signed by (subject [")
.append("] ")
if (trustedIssuers != null) {
if (resolveCertificateTrust(trustedIssuers, chain[i]).isTrusted()) {
message.append(" {trusted issuer}");
message.append(") ");
final X509Certificate root = chain[chain.length - 1];
if (isSelfIssued(root)) {
message.append("which is ").append(describeSelfIssuedCertificate(root, contextName, trustedIssuers));
} else {
final String rootIssuer = root.getIssuerX500Principal().getName();
message.append("which is issued by [")
.append("] (but that issuer certificate was not provided in the chain)")
.append(describeIssuerTrust(contextName, trustedIssuers, root, rootIssuer));
return message.toString();
private static CharSequence describeIssuerTrust(
String contextName,
@Nullable Map> trustedIssuers,
X509Certificate certificate,
String issuerName
) {
if (trustedIssuers == null) {
return "";
StringBuilder message = new StringBuilder();
final IssuerTrust trust = checkIssuerTrust(trustedIssuers, certificate);
if (trust.isVerified()) {
message.append("; the issuing ")
.append(trust.issuerCerts.size() == 1 ? "certificate" : "certificates")
.append(" with ")
.append(" ")
.append(trust.issuerCerts.size() == 1 ? "is" : "are")
.append(" trusted in this ssl context ([")
} else if (trust.foundCertificateForDn()) {
message.append("; this ssl context ([")
.append("]) trusts [")
.append("] ")
.append(trust.issuerCerts.size() == 1 ? "certificate" : "certificates")
.append(" with subject name [")
.append("] and ")
.append(" but the signatures do not match");
} else {
message.append("; this ssl context ([").append(contextName).append("]) is not configured to trust that issuer");
if (trustedIssuers.isEmpty()) {
message.append(" or any other issuer");
} else {
if (trustedIssuers.size() == 1) {
String trustedIssuer = trustedIssuers.keySet().iterator().next();
message.append(", it only trusts the issuer [")
.append("] with ")
} else {
message.append(" but trusts [").append(trustedIssuers.size()).append("] other issuers");
if (trustedIssuers.size() < 10) {
// 10 is an arbitrary number, but printing out hundreds of trusted issuers isn't helpful
message.append(" ([")
.append(trustedIssuers.keySet().stream().sorted().collect(Collectors.joining(", ")))
return message;
private static CharSequence describeSelfIssuedCertificate(
X509Certificate certificate,
String contextName,
@Nullable Map> trustedIssuers
) {
if (trustedIssuers == null) {
return "self-issued";
final StringBuilder message = new StringBuilder();
final CertificateTrust trust = resolveCertificateTrust(trustedIssuers, certificate);
message.append("self-issued; the [")
.append("] certificate ")
.append(trust.isTrusted() ? "is" : "is not")
.append(" trusted in this ssl context ([")
if (trust.isTrusted()) {
if (trust.isSameCertificate() == false) {
if (trust.trustedCertificates.size() == 1) {
message.append(" because we trust a certificate with ")
.append(" for the same public key");
} else {
message.append(" because we trust [")
.append("] certificates with ")
.append(" for the same public key");
} else {
if (trust.hasCertificates()) {
if (trust.trustedCertificates.size() == 1) {
final X509Certificate match = trust.trustedCertificates.get(0);
message.append("; this ssl context does trust a certificate with subject [")
.append("] but the trusted certificate has ")
} else {
message.append("; this ssl context does trust [")
.append("] certificates with subject [")
.append("] but those certificates have ")
return message;
private static CertificateTrust resolveCertificateTrust(Map> trustedIssuers, X509Certificate cert) {
assert trustedIssuers != null : "Do not call `resolveCertificateTrust` with null issuers";
final List trustedCerts = trustedIssuers.get(cert.getSubjectX500Principal().getName());
if (trustedCerts == null || trustedCerts.isEmpty()) {
return CertificateTrust.noMatchingIssuer();
final int index = trustedCerts.indexOf(cert);
if (index != -1) {
return CertificateTrust.sameCertificate(trustedCerts.get(index));
final List sameKey =
.filter(c -> c.getPublicKey().equals(cert.getPublicKey()))
if (sameKey.isEmpty() == false) {
return CertificateTrust.samePublicKey(sameKey);
} else {
return CertificateTrust.nonMatchingCertificates(trustedCerts);
public static IssuerTrust checkIssuerTrust(Map> trustedIssuers, X509Certificate peerCert) {
final List knownIssuers = trustedIssuers.get(peerCert.getIssuerX500Principal().getName());
if (knownIssuers == null || knownIssuers.isEmpty()) {
return IssuerTrust.noMatchingCertificate();
final List matchIssuers = -> checkIssuer(peerCert, i)).collect(Collectors.toList());
if (matchIssuers.isEmpty() == false) {
return IssuerTrust.verifiedCertificates(matchIssuers);
} else {
return IssuerTrust.unverifiedCertificates(knownIssuers);
private static String fingerprintDescription(List certificates) {
return", "));
private static String fingerprintDescription(X509Certificate certificate) {
try {
final String fingerprint = SslUtil.calculateFingerprint(certificate, "SHA-1");
return "fingerprint [" + fingerprint + "]";
} catch (CertificateEncodingException e) {
return "invalid encoding [" + e.toString() + "]";
private static boolean checkIssuer(X509Certificate certificate, X509Certificate possibleIssuer) {
try {
return true;
} catch (Exception e) {
return false;
private static boolean isSelfIssued(X509Certificate certificate) {
return certificate.getIssuerX500Principal().equals(certificate.getSubjectX500Principal());
private static String keyUsageDescription(X509Certificate certificate) {
boolean[] keyUsage = certificate.getKeyUsage();
if (keyUsage == null || keyUsage.length == 0) {
return "no keyUsage";
final String keyUsageDescription = IntStream.range(0, keyUsage.length)
.filter(i -> keyUsage[i])
.mapToObj(i -> (i < KEY_USAGE_NAMES.length) ? KEY_USAGE_NAMES[i] : ("#" + i))
.collect(Collectors.joining(", "));
return keyUsageDescription.isEmpty() ? "no keyUsage" : ("keyUsage [" + keyUsageDescription + "]");
private static String extendedKeyUsageDescription(X509Certificate certificate) {
try {
return Optional.ofNullable(certificate.getExtendedKeyUsage())
.flatMap(keyUsage -> generateExtendedKeyUsageDescription(keyUsage))
.orElse("no extendedKeyUsage");
} catch (CertificateParsingException e) {
return "invalid extendedKeyUsage [" + e + "]";
private static Optional generateExtendedKeyUsageDescription(List oids) {
return, y) -> x + ", " + y).map(str -> "extendedKeyUsage [" + str + "]");
private void addCertificateExpiryDescription(X509Certificate certificate, StringBuilder message) {
final Instant now =;
final Instant notBefore = certificate.getNotBefore().toInstant();
final Instant notAfter = certificate.getNotAfter().toInstant();
final boolean tooEarly = now.isBefore(notBefore);
final boolean expired = now.isAfter(notAfter);
message.append("; the certificate is valid between [")
.append("] and [")
.append("] (current time is [")
.append("], ");
if (expired) {
message.append("** certificate has expired");
} else if (tooEarly) {
message.append("** certificate is not yet valid");
} else {
message.append("certificate dates are valid");
private static void addSessionDescription(SSLSession session, StringBuilder message) {
String cipherSuite = Optional.ofNullable(session).map(SSLSession::getCipherSuite).orElse("");
String protocol = Optional.ofNullable(session).map(SSLSession::getProtocol).orElse("");
message.append("; the session uses cipher suite [").append(cipherSuite).append("] and protocol [").append(protocol).append("]");
© 2015 - 2025 Weber Informatics LLC | Privacy Policy