X509Chain has a different behavior in Ubuntu Linux compared to Windows OS

[MittalNitish]

We have been running a .NET Core application in windows and it works well. Recently we have started looking up to deploy the application on Linux VMs (Ubuntu 18.04).
The issue we are facing is that the X509Chain.Build() method is generating two X509ChainElement on Windows while it is generating only one X509ChainElement in Linux. The certificate whose thumbprint should match with the root certificate is not getting appeared in X509Chain.Build() results.
We have written some unit tests which generates SelfSigned Certificates for testing. For X509Chain.Build(), while on Windows I get UntrustedRoot, on Linux it gives PartialChain.
Can you please help in resolving this issue or any workaround.

Attaching a sample application which regenerates the issue:
LinuxX509ChainRepro.zip

[bartonjs]

You seem to have an endianness twist during the building of the Authority Key Identifier.

Request.IssuerSerialNumber = new BigInteger(issuingCertificate.GetSerialNumber());

X509Certificate.GetSerialNumber() returns the bytes in little-endian byte order, and the BigInteger type being used on that line seems to expect big-endian. You could correct it with

byte[] issuerSerial = issuingCertificate.GetSerialNumber();
Array.Reverse(issuerSerial);
Request.IssuerSerialNumber = new BigInteger(issuerSerial);

This is evidenced by:

$ openssl x509 -in issuer.cer -text -noout
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6457512733990417520 (0x599db19e420f7470)
    Signature Algorithm: sha512WithRSAEncryption
        Issuer: CN=IssuingCert
        Validity
            Not Before: Feb 21 18:22:17 2019 GMT
            Not After : Feb 22 18:22:17 2021 GMT
        Subject: CN=IssuingCert
        ...
        X509v3 extensions:
            X509v3 Authority Key Identifier:
                keyid:27:A0:F4:1D:CF:AA:8A:CB:66:65:4C:AA:77:66:4E:80:EC:8E:D5:EB
                DirName:/CN=IssuingCert
                serial:59:9D:B1:9E:42:0F:74:70

            X509v3 Subject Key Identifier:
                27:A0:F4:1D:CF:AA:8A:CB:66:65:4C:AA:77:66:4E:80:EC:8E:D5:EB

(Note that AKId.serial is 59:9D:B1:9E:42:0F:74:70, which matches the serial hex 0x599db19e420f7470)

vs

$ openssl x509 -in ~/cust/LinuxX509ChainRepro/issued.cer -text -noout
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 727108170421058932 (0xa173507533b3d74)
    Signature Algorithm: sha512WithRSAEncryption
        Issuer: CN=IssuingCert
        Validity
            Not Before: Feb 21 18:22:17 2019 GMT
            Not After : Feb 22 18:22:17 2021 GMT
        Subject: CN=Tesing
        ...
        X509v3 extensions:
            X509v3 Authority Key Identifier:
                keyid:27:A0:F4:1D:CF:AA:8A:CB:66:65:4C:AA:77:66:4E:80:EC:8E:D5:EB
                DirName:/CN=IssuingCert
                serial:70:74:0F:42:9E:B1:9D:59

(note that AKId.serial is now backwards)

Windows (observationally) seems to skip doing the Issuer/Serial match when the key identifier segment is present (possibly for name-correction scenarios); OpenSSL seems to match all the fields.

[smartpcr]

the problem still exists after upgrading .net core to 3.0 in ubuntu-16.04, please reopen this issue