Sec_error_unknown_issuer on ubuntu 22.1

[rtest12]

Environment

• Operating system (including version): Ubuntu 22.1
• mkcert version (from mkcert -version): v1.4.4
• Server (where the certificate is loaded): localhost
• Client (e.g. browser, CLI tool, or script): all

What you did

mkcert -install
The local CA is already installed in the system trust store! 👍
The local CA is already installed in the Firefox and/or Chrome/Chromium trust store!

I installed it and it seems to be fine, it put the certificate in dirs:

/home/maxim/.local/share/mkcert
/usr/local/share/ca-certificates
/etc/ssl/certs

mkcert -CAROOT
/home/maxim/.local/share/mkcert

The check to see if the certificate is added to the root passed successfully:
openssl verify -verbose -CAfile /etc/ssl/certs/ca-certificates.crt /home/maxim/.local/share/mkcert/rootCA.pem /home/maxim/.local/share/mkcert/rootCA.pem: OK
It also appeared in the root certificates of Firefox.

I generated certs for my local sites, assigned them to www-data user, and added links to the nginx config.

What went wrong

Firefox sees the certificate, but there is an error:
SEC_ERROR_UNKNOWN_ISSUER
In curl too:
SSL certificate problem: unable to get local issuer certificate

curl log

✦6 ➜ curl -v https://example.local/
*   Trying 127.0.1.1:443...
* Connected to example.local (127.0.1.1) port 443 (#0)
* ALPN: offers h2
* ALPN: offers http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS header, Unknown (21):
* TLSv1.3 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: unable to get local issuer certificate
* Closing connection 0
curl: (60) SSL certificate problem: unable to get local issuer certificate

testssl output:
(NOT ok chain incomplete error)

Start 2023-04-11 21:45:19        -->> 127.0.1.1:443 (example.local) <<--

 rDNS (127.0.1.1):       huawei
 Service detected:       HTTP


 Testing protocols via sockets except NPN+ALPN 

 SSLv2      not offered (OK)
 SSLv3      not offered (OK)
 TLS 1      not offered
 TLS 1.1    not offered
 TLS 1.2    offered (OK)
 TLS 1.3    offered (OK): final
 NPN/SPDY   not offered
 ALPN/HTTP2 http/1.1 (offered)

 Testing cipher categories 

 NULL ciphers (no encryption)                  not offered (OK)
 Anonymous NULL Ciphers (no authentication)    not offered (OK)
 Export ciphers (w/o ADH+NULL)                 not offered (OK)
 LOW: 64 Bit + DES, RC[2,4] (w/o export)       not offered (OK)
 Triple DES Ciphers / IDEA                     not offered
 Obsolete CBC ciphers (AES, ARIA etc.)         offered
 Strong encryption (AEAD ciphers)              offered (OK)


 Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 

 PFS is offered (OK)          TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384
                              ECDHE-RSA-AES256-SHA ECDHE-RSA-CHACHA20-POLY1305 ECDHE-RSA-CAMELLIA256-SHA384 ECDHE-ARIA256-GCM-SHA384
                              TLS_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
                              ECDHE-RSA-CAMELLIA128-SHA256 ECDHE-ARIA128-GCM-SHA256 
 Elliptic curves offered:     prime256v1 secp384r1 secp521r1 X25519 X448 
 Finite field group:          ffdhe2048 ffdhe3072 ffdhe4096 ffdhe6144 ffdhe8192

 Testing server preferences 

 Has server cipher order?     yes (OK) -- TLS 1.3 and below
 Negotiated protocol          TLSv1.3
 Negotiated cipher            TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519)
 Cipher order
    TLSv1.2:   ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-CHACHA20-POLY1305 ECDHE-ARIA256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256
               ECDHE-ARIA128-GCM-SHA256 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-CAMELLIA256-SHA384 ECDHE-RSA-AES128-SHA256
               ECDHE-RSA-CAMELLIA128-SHA256 ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA AES256-GCM-SHA384 AES256-CCM8 AES256-CCM
               ARIA256-GCM-SHA384 AES128-GCM-SHA256 AES128-CCM8 AES128-CCM ARIA128-GCM-SHA256 AES256-SHA256 CAMELLIA256-SHA256
               AES128-SHA256 CAMELLIA128-SHA256 AES256-SHA CAMELLIA256-SHA AES128-SHA CAMELLIA128-SHA 
    TLSv1.3:   TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 


 Testing server defaults (Server Hello) 

 TLS extensions (standard)    "renegotiation info/#65281" "server name/#0" "EC point formats/#11" "session ticket/#35"
                              "supported versions/#43" "key share/#51" "supported_groups/#10" "max fragment length/#1"
                              "application layer protocol negotiation/#16" "encrypt-then-mac/#22" "extended master secret/#23"
 Session Ticket RFC 5077 hint 300 seconds, session tickets keys seems to be rotated < daily
 SSL Session ID support       yes
 Session Resumption           Tickets: yes, ID: yes
 TLS clock skew               Random values, no fingerprinting possible 
 Signature Algorithm          SHA256 with RSA
 Server key size              RSA 2048 bits
 Server key usage             Digital Signature, Key Encipherment
 Server extended key usage    TLS Web Server Authentication
 Serial / Fingerprints        3421D029AB3D13B67C4357E53F46B9F2 / SHA1 D6624629BA5BCD1E9BD241EFE6B0B068BC25071E
                              SHA256 CD2EB0818C841E27BDD91B4C4CAEA6754321F82A50E8F06B2ABCF60B90B588A4
 Common Name (CN)             (no CN field in subject)
 subjectAltName (SAN)         example.local *.example.local localhost 127.0.0.1 0:0:0:0:0:0:0:1 
 Issuer                       mkcert root@huawei (mkcert development CA)
 Trust (hostname)             Ok via SAN (same w/o SNI)
 Chain of trust               NOT ok (chain incomplete)
 EV cert (experimental)       no 
 ETS/"eTLS", visibility info  not present
 Certificate Validity (UTC)   821 >= 60 days (2023-04-11 09:50 --> 2025-07-11 09:50)
 # of certificates provided   1
 Certificate Revocation List  --
 OCSP URI                     --
                              NOT ok -- neither CRL nor OCSP URI provided
 OCSP stapling                not offered
 OCSP must staple extension   --
 DNS CAA RR (experimental)    not offered
 Certificate Transparency     --


 Testing HTTP header response @ "/" 

 HTTP Status Code             200 OK
 HTTP clock skew              0 sec from localtime
 Strict Transport Security    not offered
 Public Key Pinning           --
 Server banner                nginx/1.22.0 (Ubuntu)
 Application banner           --
 Cookie(s)                    (none issued at "/")
 Security headers             --
 Reverse Proxy banner         --


 Testing vulnerabilities 

 Heartbleed (CVE-2014-0160)                not vulnerable (OK), no heartbeat extension
 CCS (CVE-2014-0224)                       not vulnerable (OK)
 Ticketbleed (CVE-2016-9244), experiment.  not vulnerable (OK)
 ROBOT                                     not vulnerable (OK)
 Secure Renegotiation (RFC 5746)           supported (OK)
 Secure Client-Initiated Renegotiation     not vulnerable (OK)
 CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
 BREACH (CVE-2013-3587)                    potentially NOT ok, "gzip" HTTP compression detected. - only supplied "/" tested
                                           Can be ignored for static pages or if no secrets in the page
 POODLE, SSL (CVE-2014-3566)               not vulnerable (OK), no SSLv3 support
 TLS_FALLBACK_SCSV (RFC 7507)              No fallback possible (OK), no protocol below TLS 1.2 offered
 SWEET32 (CVE-2016-2183, CVE-2016-6329)    not vulnerable (OK)
 FREAK (CVE-2015-0204)                     not vulnerable (OK)
 DROWN (CVE-2016-0800, CVE-2016-0703)      not vulnerable on this host and port (OK)
                                           make sure you don't use this certificate elsewhere with SSLv2 enabled services
                                           https://censys.io/ipv4?q=CD2EB0818C841E27BDD91B4C4CAEA6754321F82A50E8F06B2ABCF60B90B588A4 could help you to find out
 LOGJAM (CVE-2015-4000), experimental      not vulnerable (OK): no DH EXPORT ciphers, no DH key detected with <= TLS 1.2
 BEAST (CVE-2011-3389)                     not vulnerable (OK), no SSL3 or TLS1
 LUCKY13 (CVE-2013-0169), experimental     potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches
 RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)

 ...
 ...

[rtest12]

After several re-installations, I finally succeeded, although I'm not sure of the reason for this error. Although I did the installation without sudo, when I was generating the website certificate, I didn't have the permission to create a file in the current directory, so I elevated the permissions through sudo. After issuing the certificates in the /tmp folder, everything worked. But I'm not sure if this was the actual reason, although no other conditions were changed.

[rtest12]

After a couple more experiments, yes, this is the reason.

[Azmisov]

I had a similar issue, SEC_ERROR_UNKNOWN_ISSUER from the following (non-sudo) commands:

mkcert -install
mkcert localhost

I was using mkcert v1.4.3, but upgrading to the latest v1.4.4-1-g1c1dc4e (I built from source) fixed the issue. Probably because I am using the Firefox snap, which support was added for in v1.4.4

[iamprogrammerlk]

You must install mkcert without the sudo and generate the certificates without the sudo, this will create the CA and certificate with your username in it,

Example: CA

Organization: mkcert development CA
Organizational Unit: iamprogrammerlk@iamlg15n540ubuntu (I am Programmer)
Common Name: mkcert iamprogrammerlk@iamlg15n540ubuntu (I am Programmer)

Example: Certificate

Organization: mkcert development certificate
Organizational Unit: iamprogrammerlk@iamlg15n540ubuntu (I am Programmer)

suppose you used sudo to install mkcert. In that case, the Organizational Unit name will be root@iamlg15n540ubuntu (I am Programmer) and will not match the Organizational Unit name on the certificate that did not use sudo to generate with. this will cause problems.