currently in my work, we have a PKI made with Microsoft Certificate Authority Role.
Root CA: Out of domain and turned off.
Sub CA: Domain connected, provides CRL (using IIS) and sign certificates for domain computers.
My idea is to reproduce the environment with Linux and Openssl. At least my first objective is for the internal webs.
I followed this tutorial https://jamielinux.com/docs/openssl-certificate-authority/ and everything works fine.
I create the Root CA and self-sign it.
I create the Subca, I sign it with the Root and verify that the certification chain is correct -> OK
The problem is when I try to create a website certificate with SAN (Subject Alternative Name) field. This is the way I create the csr and key files.
openssl req -nodes -new -newkey rsa:4096 \
-keyout test3.psc.local.key \
-out test3.psc.local.csr \
-addext "subjectAltName = DNS:test3.psc.local" \
-subj "/C=ES/ST=Barcelona/L=Barcelona/O=GRG-CA/OU=GRG-CA/emailAddress=your#email.dot/CN=test3.psc.local/"
If I check the CSR with OpenSSL command openssl x509 -noout -text -in test3.psc.local.csr the SAN field exist and has the value that I set in generation command (test3.psc.local).
Certificate Request:
Data:
Version: 1 (0x0)
Subject: C = ES, ST = Barcelona, L = Barcelona, O = GRG-CA, OU = GRG-CA, emailAddress = your#email.dot, CN = test3.psc.local
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (4096 bit)
Modulus:
00:dc:17:8c:c1:90:26:16:67:4e:16:b3:0c:9b:2b:
3d:ec:8e:94:47:b9:8c:b8:14:ac:be:09:b8:bb:f5:
d8:f2:79:26:a6:9d:2f:73:5b:48:64:cb:3a:c2:f6:
bd:6d:7f:fd:7e:f2:... bla bla bla
Exponent: 65537 (0x10001)
Attributes:
Requested Extensions:
X509v3 Subject Alternative Name:
DNS:test3.psc.local
Signature Algorithm: sha256WithRSAEncryption
b5:f0:7f:ba:ab:dc:f6:ee:37:c5:fa:14:27:6b:09:a8:b8:08:
0b:4f:ed:2a:44:72:cd:8d:50:47:79:7d:69:e3:73:cc:14:89:
b6:69:ff:61:bb:79:0a:41:12:32:c7:d1:6f:1d:a4:e4:cb:ef:
16:56:35:fd:44:0a:0c:70:fc:45:1f:7d:c2:d7:4c:ca:bd:66:
6d:e6:41:74:56:2c:... bla bla bla
When I try to sign the certificate with OpenSSL Subca I execute with this command.
openssl ca -config intermediate/sub-ca-openssl.cnf \
-extensions server_cert \
-days 375 -notext -md sha512 \
-in /root/ca/test3.psc.local.csr \
-out /root/ca/test3.psc.local.crt
But the SAN field isn't present, so Firefox, Chrome and others dont trust in certificate. Only IE11 trust.
Using configuration from intermediate/sub-ca-openssl.cnf
Enter pass phrase for /root/ca/intermediate/private/intermediate.key.pem:
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number: 4099 (0x1003)
Validity
Not Before: Oct 12 20:58:53 2022 GMT
Not After : Oct 22 20:58:53 2023 GMT
Subject:
countryName = ES
stateOrProvinceName = Barcelona
localityName = Barcelona
organizationName = GRG-CA
organizationalUnitName = GRG-CA
commonName = test3.psc.local
emailAddress = your#email.dot
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Cert Type:
SSL Server
Netscape Comment:
OpenSSL Generated Server Certificate
X509v3 Subject Key Identifier:
BC:11:0C:2E:08:FA:7D:91:16:1E:AC:0E:12:DA:80:69:64:F7:F1:58
X509v3 Authority Key Identifier:
keyid:7D:B8:7B:9E:59:4F:70:7B:F8:2C:1F:2B:0C:A2:E9:90:3C:D1:7A:71
DirName:/C=ES/ST=Barcelona/L=Barcelona/O=GRG-CA/OU=GRG-CA/CN=GRG Root CA
serial:10:00
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 CRL Distribution Points:
Full Name:
URI:http://pki.dominio.com/intermediate.crl
Certificate is to be certified until Oct 22 20:58:53 2023 GMT (375 days)
Sign the certificate? [y/n]:
Content of SUB CA config:
[ ca ]
default_ca = CA_default
[ CA_default ]
dir = /root/ca/intermediate
certs = $dir/certs
crl_dir = $dir/crl
new_certs_dir = $dir/newcerts
database = $dir/subordinate-ca-database.txt
serial = $dir/serial
RANDFILE = $dir/private/.rand
private_key = $dir/private/intermediate.key.pem
certificate = $dir/certs/intermediate.cert.pem
crlnumber = $dir/crlnumber
crl = $dir/crl/intermediate.crl.pem
crl_extensions = crl_ext
default_crl_days = 365
default_md = sha512
name_opt = ca_default
cert_opt = ca_default
default_days = 5840
preserve = no
policy = subca_policy
[ subca_policy ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ req ]
default_bits = 4096
distinguished_name = req_distinguished_name
string_mask = utf8only
default_md = sha512
x509_extensions = v3_ca
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
stateOrProvinceName = State or Province Name
localityName = Locality Name
0.organizationName = Organization Name
organizationalUnitName = Organizational Unit Name
commonName = Common Name
emailAddress = Email Address
# Optionally, specify some defaults.
countryName_default = ES
stateOrProvinceName_default = Barcelona
localityName_default = Barcelona
0.organizationName_default = GRG-CA
organizationalUnitName_default = GRG-CA
#emailAddress_default =
[ v3_ca ]
# Extensions for a typical CA (`man x509v3_config`).
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer
basicConstraints = critical,CA:true
keyUsage = critical, digitalSignature, cRLSign, keyCertSign
[ v3_intermediate_ca ]
# Extensions for a typical intermediate CA (`man x509v3_config`).
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer
basicConstraints = critical, CA:true, pathlen:0
keyUsage = critical, digitalSignature, cRLSign, keyCertSign
[ usr_cert ]
# Extensions for client certificates (`man x509v3_config`).
basicConstraints = CA:FALSE
nsCertType = client, email
nsComment = "OpenSSL Generated Client Certificate"
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer
keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
extendedKeyUsage = clientAuth, emailProtection
[ server_cert ]
# Extensions for server certificates (`man x509v3_config`).
basicConstraints = CA:FALSE
nsCertType = server
nsComment = "OpenSSL Generated Server Certificate"
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer:always
keyUsage = critical, digitalSignature, keyEncipherment
extendedKeyUsage = serverAuth
crlDistributionPoints = URI:http://pki.dominio.com/intermediate.crl
[ ocsp ]
# Extension for OCSP signing certificates (`man ocsp`).
basicConstraints = CA:FALSE
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer
keyUsage = critical, digitalSignature
extendedKeyUsage = critical, OCSPSigning
[ crl_ext ]
# Extension for CRLs (`man x509v3_config`).
authorityKeyIdentifier=keyid:always
[ crl_info ]
URI.0 = http://pki.dominio.com/sub-ca.crl
URI.1 = https://www.dominio.com/pki/sub-ca.crl
I've read that I need a SAN.conf with alternate names in SUBCA server for sign... and change all Alternate Names for every CSR (website) that I want to sign... but in Microsoft Subca I dont need to tell that fields when I sign the CSR (only on generation, same command as I write before).
There is a way to do that?
From the man page for OpenSSL's CA command:
copy_extensions
determines how extensions in certificate requests should be handled.
If set to none or this option is not present then extensions are
ignored and not copied to the certificate. If set to copy then any
extensions present in the request that are not already present are
copied to the certificate. If set to copyall then all extensions in
the request are copied to the certificate: if the extension is already
present in the certificate it is deleted first. See the WARNINGS
section before using this option.
The main use of this option is to allow a certificate request to
supply values for certain extensions such as subjectAltName.
Also, you should understand that using OpenSSL as a CA isn't the best idea. There is no logging, no multi-person control etc. - basically no security. Read the WARNINGS section of the same man page.
Related
For quite some time, I am trying to generate a self signed cert for viewing website locally in "real" https mode. It would be very important that this works across all OSes and also all Browsers (at least FF, Chrome and Safari).
Until now I created the cert using this guide: https://medium.com/#tbusser/creating-a-browser-trusted-self-signed-ssl-certificate-2709ce43fd15
Certs using this way work fine in all systems, except with Android (version 8 or greater), so in this case I cannot use some functions correctly (for example the Service Worker) when testing locally.
Now I have stumbled upon this guide, especially the answer here: https://stackoverflow.com/a/57684211/1794480
I have adapted the conf file a bit, and now the generated cert works in Android, but NOT in Firefox. The Error in FF I get is: MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT. I also found an explanation for this error here: https://stackoverflow.com/a/59739121/1794480
Seems like basicConstraints = critical, CA:TRUE is the cuplrit here. However, the problem now is that this exact setting seems to be responsible for making this work on Android. (also see here: https://android.stackexchange.com/questions/237141/how-to-get-android-11-to-trust-a-user-root-ca-without-a-private-key/238859#238859)
Now, the big question is: is it possible to make this work for ALL systems, in this case including Firefox?
Here is the command I use: openssl req -config ./openssl.cnf -new -x509 -days 398 -out myServer.crt and here is the openssl.cnf:
[ req ]
default_bits = 2048
default_keyfile = myServer.key
default_md = sha256
default_days = 398
encrypt_key = yes
distinguished_name = req_distinguished_name
req_extensions = req_ext
x509_extensions = x509_ext
string_mask = utf8only
prompt = no
[ req_distinguished_name ]
commonName = myServer
emailAddress = info#myServer.de
[ x509_ext ]
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer
basicConstraints = critical, CA:TRUE
keyUsage = critical, digitalSignature, keyEncipherment, cRLSign, keyCertSign, dataEncipherment
subjectAltName = #alt_names
extendedKeyUsage = serverAuth
[ req_ext ]
authorityKeyIdentifier = keyid,issuer
basicConstraints = CA:FALSE
extendedKeyUsage = serverAuth
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = #alt_names
[ alt_names ]
DNS.1 = sub1.myServer
DNS.2 = sub2.myServer
Any help is greatly appreciated!
as others i'm struggling with utf8 in requests. sure i went through all preciding questions and answers. well here is my workout.
configuration:
[ req ]
default_bits = 2048
default_md = sha256
string_mask = utf8only
utf8 = yes
distinguished_name = DistName
attributes = Attr
[ DistName ]
commonName = Name (your official name)
commonName_default = hans nägli dödüé
stateOrProvinceName = State or Province Name (full name)
countryName = Country Code (2 letter code)
countryName_default = CH
[ Attr ]
subjectAltName = Name (international / latin)
subjectAltName_default = hans nägeli dädü
postalCode = zip code
localityName = Locality Name (eg, city)
emailAddress = Email Address
i verified this config file is utf8 and started thereafter using default values:
openssl req -verbose -config CsrPerson.cfg -new -key HansMuster-ecpem.key -passin pass:gugus -out HansMuster-pem.csr
i then had a look into the request using
openssl req -utf8 -noout -text -in HansMuster-pem.csr
showing
Certificate Request:
Data:
Version: 1 (0x0)
Subject: CN = hans n\C3\A4gli d\C3\B6d\C3\BC\C3\A9, ST = z\C3\BCrich, C = CH
Subject Public Key Info:
...snip...
NIST CURVE: P-384
Attributes:
postalCode :2222
localityName :Dörrhausen
X509v3 Subject Alternative Name:hans nägeli dädü
emailAddress :hans.naegeli#gmx.net
...snip...
using same source, same configuration, same procedure: subject/distinguished name has not been treated as utf8 but worked out well with attributes even with locality name which was entred by keyboard.
ASN1 definition of subject show a possible content as utf8 string. openssl version OpenSSL 1.1.0g 2 Nov 2017.
where have i been mistaken?
have fun
You can try the following:
openssl req -nameopt utf8 -noout -text -in HansMuster-pem.csr
This should only fix the display problem, you have to check if your other requirements are still met.
You can find more details about the "-nameopt" options here in the "NAME OPTIONS" section: https://www.openssl.org/docs/man1.0.2/man1/x509.html
Other related links:
How to create CSR with utf8 subject in openssl?
I want to use KDSoap, which uses Qt, which uses OpenSSL, to consume a web service, that requires a secure connection, established by using a key stored in a USB HSM (SmartCard + Reader basically, called an Athena IDProtect Key v2.0).
I've installed 64bit OpenSSL from Shining Light Productions. Qt 5.8 can load it (I've checked with QSslSocket).
Problem
The problem is that even though it seems that Qt's network backend should load the OpenSSL config file, it does not. In fact, I think OpenSSL is to blame here and not Qt because of the tests I've done with the provided openssl tool.
First of all, the config is read because any syntax error in the config makes the openssl tool complain about it next time I run it.
Second of all, with a clean config, this works:
C:\Users\brokenthorn>openssl engine dynamic -t -pre SO_PATH:C:\OpenSSL-Win64\bin\capi.dll -pre LOAD -post list_certs
(dynamic) Dynamic engine loading support
[Success]: SO_PATH:C:\OpenSSL-Win64\bin\capi.dll
[Success]: LOAD
Loaded: (capi) CryptoAPI ENGINE
[ available ]
Certificate 0
<No Friendly Name>
Subject: C = RO, L = Mun. Constanta, O = SC MINI-FARM SRL, CN = Valentina Calin, serialNumber = 2006051670CV93, name = Valentina Calin, GN = Valentina, SN = Calin
Issuer: C = RO, O = certSIGN, OU = certSIGN Qualified CA Class 3 G2, CN = certSIGN Qualified CA Class 3 G2
Certificate 1
<No Friendly Name>
Subject: CN = DESKTOP-IF670KN\\brokenthorn
Issuer: CN = DESKTOP-IF670KN\\brokenthorn
[Success]: list_certs
But if I try to load the engine by ID, after having defined it in the config file, I get an error where it says it cannot find the DLL file, except it adds .dll.dll to the specified ID:
OpenSSL> engine -t -pre ID:capi -pre LOAD
(dynamic) Dynamic engine loading support
[Success]: ID:capi
[Failure]: LOAD
4684:error:25078067:DSO support routines:WIN32_LOAD:could not load the shared library:.\crypto\dso\dso_win32.c:179:filename(capi.dll.dll)
4684:error:25070067:DSO support routines:DSO_load:could not load the shared library:.\crypto\dso\dso_lib.c:233:
4684:error:260B6084:engine routines:DYNAMIC_LOAD:dso not found:.\crypto\engine\eng_dyn.c:467:
[ unavailable ]
Now, I've tried creating a copy of capi.dll and named it capi.dll.dll and the above command starts working:
OpenSSL> engine -t -pre ID:capi -pre LOAD
(dynamic) Dynamic engine loading support
[Success]: ID:capi
[Success]: LOAD
Loaded: (capi) CryptoAPI ENGINE
[ available ]
My openssl.cfg is standard except the last part, where've I added the engine directives that should make OpenSSL load the CryptoAPI engine by default, which I need if I'm ever going to be able to open a secure socket using the key stored on the HSM. I'll paste the full config here for a full reference, in case something bad sticks out:
#
# OpenSSL example configuration file.
# This is mostly being used for generation of certificate requests.
#
# This definition stops the following lines choking if HOME isn't
# defined.
HOME = .
RANDFILE = $ENV::HOME/.rnd
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
# To use this configuration file with the "-extfile" option of the
# "openssl x509" utility, name here the section containing the
# X.509v3 extensions to use:
# extensions =
# (Alternatively, use a configuration file that has only
# X.509v3 extensions in its main [= default] section.)
[ new_oids ]
# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
# Add a simple OID like this:
# testoid1=1.2.3.4
# Or use config file substitution like this:
# testoid2=${testoid1}.5.6
# Policies used by the TSA examples.
tsa_policy1 = 1.2.3.4.1
tsa_policy2 = 1.2.3.4.5.6
tsa_policy3 = 1.2.3.4.5.7
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir = ./demoCA # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of
# several ctificates with same subject.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
crlnumber = $dir/crlnumber # the current crl number
# must be commented out to leave a V1 CRL
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem# The private key
RANDFILE = $dir/private/.rand # private random number file
x509_extensions = usr_cert # The extentions to add to the cert
# Comment out the following two lines for the "traditional"
# (and highly broken) format.
name_opt = ca_default # Subject Name options
cert_opt = ca_default # Certificate field options
# Extension copying option: use with caution.
# copy_extensions = copy
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
# so this is commented out by default to leave a V1 CRL.
# crlnumber must also be commented out to leave a V1 CRL.
# crl_extensions = crl_ext
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = default # use public key default MD
preserve = no # keep passed DN ordering
# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_match
# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
####################################################################
[ req ]
default_bits = 2048
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert
# Passwords for private keys if not present they will be prompted for
# input_password = secret
# output_password = secret
# This sets a mask for permitted string types. There are several options.
# default: PrintableString, T61String, BMPString.
# pkix : PrintableString, BMPString (PKIX recommendation before 2004)
# utf8only: only UTF8Strings (PKIX recommendation after 2004).
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
# MASK:XXXX a literal mask value.
# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
string_mask = utf8only
# req_extensions = v3_req # The extensions to add to a certificate request
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = AU
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Some-State
localityName = Locality Name (eg, city)
0.organizationName = Organization Name (eg, company)
0.organizationName_default = Internet Widgits Pty Ltd
# we can do this but it is not needed normally :-)
#1.organizationName = Second Organization Name (eg, company)
#1.organizationName_default = World Wide Web Pty Ltd
organizationalUnitName = Organizational Unit Name (eg, section)
#organizationalUnitName_default =
commonName = Common Name (e.g. server FQDN or YOUR name)
commonName_max = 64
emailAddress = Email Address
emailAddress_max = 64
# SET-ex3 = SET extension number 3
[ req_attributes ]
challengePassword = A challenge password
challengePassword_min = 4
challengePassword_max = 20
unstructuredName = An optional company name
[ usr_cert ]
# These extensions are added when 'ca' signs a request.
# This goes against PKIX guidelines but some CAs do it and some software
# requires this to avoid interpreting an end user certificate as a CA.
basicConstraints=CA:FALSE
# Here are some examples of the usage of nsCertType. If it is omitted
# the certificate can be used for anything *except* object signing.
# This is OK for an SSL server.
# nsCertType = server
# For an object signing certificate this would be used.
# nsCertType = objsign
# For normal client use this is typical
# nsCertType = client, email
# and for everything including object signing:
# nsCertType = client, email, objsign
# This is typical in keyUsage for a client certificate.
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# This will be displayed in Netscape's comment listbox.
nsComment = "OpenSSL Generated Certificate"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
# An alternative to produce certificates that aren't
# deprecated according to PKIX.
# subjectAltName=email:move
# Copy subject details
# issuerAltName=issuer:copy
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
#nsBaseUrl
#nsRevocationUrl
#nsRenewalUrl
#nsCaPolicyUrl
#nsSslServerName
# This is required for TSA certificates.
# extendedKeyUsage = critical,timeStamping
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ v3_ca ]
# Extensions for a typical CA
# PKIX recommendation.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer
# This is what PKIX recommends but some broken software chokes on critical
# extensions.
#basicConstraints = critical,CA:true
# So we do this instead.
basicConstraints = CA:true
# Key usage: this is typical for a CA certificate. However since it will
# prevent it being used as an test self-signed certificate it is best
# left out by default.
# keyUsage = cRLSign, keyCertSign
# Some might want this also
# nsCertType = sslCA, emailCA
# Include email address in subject alt name: another PKIX recommendation
# subjectAltName=email:copy
# Copy issuer details
# issuerAltName=issuer:copy
# DER hex encoding of an extension: beware experts only!
# obj=DER:02:03
# Where 'obj' is a standard or added object
# You can even override a supported extension:
# basicConstraints= critical, DER:30:03:01:01:FF
[ crl_ext ]
# CRL extensions.
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
# issuerAltName=issuer:copy
authorityKeyIdentifier=keyid:always
[ proxy_cert_ext ]
# These extensions should be added when creating a proxy certificate
# This goes against PKIX guidelines but some CAs do it and some software
# requires this to avoid interpreting an end user certificate as a CA.
basicConstraints=CA:FALSE
# Here are some examples of the usage of nsCertType. If it is omitted
# the certificate can be used for anything *except* object signing.
# This is OK for an SSL server.
# nsCertType = server
# For an object signing certificate this would be used.
# nsCertType = objsign
# For normal client use this is typical
# nsCertType = client, email
# and for everything including object signing:
# nsCertType = client, email, objsign
# This is typical in keyUsage for a client certificate.
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# This will be displayed in Netscape's comment listbox.
nsComment = "OpenSSL Generated Certificate"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
# An alternative to produce certificates that aren't
# deprecated according to PKIX.
# subjectAltName=email:move
# Copy subject details
# issuerAltName=issuer:copy
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
#nsBaseUrl
#nsRevocationUrl
#nsRenewalUrl
#nsCaPolicyUrl
#nsSslServerName
# This really needs to be in place for it to be a proxy certificate.
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
####################################################################
[ tsa ]
default_tsa = tsa_config1 # the default TSA section
[ tsa_config1 ]
# These are used by the TSA reply generation only.
dir = ./demoCA # TSA root directory
serial = $dir/tsaserial # The current serial number (mandatory)
crypto_device = builtin # OpenSSL engine to use for signing
signer_cert = $dir/tsacert.pem # The TSA signing certificate
# (optional)
certs = $dir/cacert.pem # Certificate chain to include in reply
# (optional)
signer_key = $dir/private/tsakey.pem # The TSA private key (optional)
default_policy = tsa_policy1 # Policy if request did not specify it
# (optional)
other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
digests = md5, sha1 # Acceptable message digests (mandatory)
accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
clock_precision_digits = 0 # number of digits after dot. (optional)
ordering = yes # Is ordering defined for timestamps?
# (optional, default: no)
tsa_name = yes # Must the TSA name be included in the reply?
# (optional, default: no)
ess_cert_id_chain = no # Must the ESS cert id chain be included?
# (optional, default: no)
#
# Custom configuration for definition of CAPI engine
#
openssl_conf = openssl_init
[openssl_init]
engines = engine_section
[engine_section]
capi = capi_config
[capi_config]
ID = capi
SO_PATH = C:\OpenSSL-Win64\bin\capi.dll
LIST_ADD = 1
LOAD = 1
Now, OpenSSL should load the capi engine by default on library initialisation, which happens in every app that links with this OpenSSL (and does not call special routines that unload or disable loading of the default config file), including the openssl command line tool.
I don't know how yet, but eventually I should also make it the default crypto provider.
Anyways, after adding the above config and also before that, of course, I get this:
OpenSSL> engine -t
(rdrand) Intel RDRAND engine
[ available ]
(dynamic) Dynamic engine loading support
[ unavailable ]
This shouldn't happen. The dynamic engine should have morphed into the capi engine... like the OpenSSL docs say.
Also the CSP for the HSM works. I can list the loaded CSPs like so:
C:\Users\brokenthorn>openssl engine dynamic -t -pre SO_PATH:C:\OpenSSL-Win64\bin\capi.dll -pre LOAD -post list_csps
(dynamic) Dynamic engine loading support
[Success]: SO_PATH:C:\OpenSSL-Win64\bin\capi.dll
[Success]: LOAD
Loaded: (capi) CryptoAPI ENGINE
[ available ]
Available CSPs:
0. Athena ASECard Crypto CSP, type 1
1. Microsoft Base Cryptographic Provider v1.0, type 1
2. Microsoft Base DSS and Diffie-Hellman Cryptographic Provider, type 13
3. Microsoft Base DSS Cryptographic Provider, type 3
4. Microsoft Base Smart Card Crypto Provider, type 1
5. Microsoft DH SChannel Cryptographic Provider, type 18
6. Microsoft Enhanced Cryptographic Provider v1.0, type 1
7. Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider, type 13
8. Microsoft Enhanced RSA and AES Cryptographic Provider, type 24
9. Microsoft RSA SChannel Cryptographic Provider, type 12
10. Microsoft Strong Cryptographic Provider, type 1
11. OpenSC CSP, type 1
[Success]: list_csps
CSP index 0 is my HSM's CSP. I've also sent a few simple commands using the openssl tool, to the HSM, to confirm that it actually works and it does as it should (it's a vendor supplied CSP provider for CAPI).
Any suggestions?
www.googleadservices.com uses an invalid security certificate. www.googleadservices.com shows following issue:
The certificate was signed using a signature algorithm that is disabled because it is not secure.
HTTP Strict Transport Security: false
HTTP Public Key Pinning: true
Please help
Your client appears to be misconfigured and producing spurious messages. Or, your connection is being intercepted and the proxy is using weak/wounded algorithms. Misconfigured and out of date TLS proxies are a known problem. Also see Jarmoc's BlackHat talk SSL Interception Proxies and Transitive Trust.
Here's my view of www.googleadservices.com. As far as I am aware, both RSA-2048 and SHA-256 are acceptable by today's standards:
$ openssl s_client -connect www.googleadservices.com:443 -servername www.googleadservices.com -tls1 | openssl x509 -text -noout
depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority
verify return:1
depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
verify return:1
depth=1 C = US, O = Google Inc, CN = Google Internet Authority G2
verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google Inc, CN = www.googleadservices.com
verify return:1
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 294569083916079532 (0x416850568a151ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2
Validity
Not Before: Jan 25 10:41:05 2017 GMT
Not After : Apr 19 10:09:00 2017 GMT
Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=www.googleadservices.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a2:85:55:c4:95:3d:38:30:8f:75:cc:b2:55:59:
9f:9b:6f:e5:07:92:48:e7:c9:4e:3c:9c:4a:b6:a4:
2f:05:1e:6f:8e:61:0d:85:bb:6e:be:8a:a9:27:66:
e9:31:da:ec:2a:29:8f:b5:11:05:fb:b8:d6:53:c1:
80:f4:f7:75:68:e0:46:5e:3d:9b:64:7c:26:98:95:
91:d8:e2:c7:8e:12:6b:58:24:70:9c:04:b7:da:f3:
6e:ed:a1:a0:c1:ad:32:6a:62:e7:91:8d:84:48:c9:
16:a8:49:e1:a7:bd:18:3e:fa:85:be:84:67:b4:c1:
28:24:94:d8:76:f3:fe:ac:e4:09:55:f0:42:49:97:
2d:3e:f5:c8:41:5d:67:c6:7d:4f:7f:56:80:1f:e9:
3e:fe:90:83:89:8c:9a:db:be:6c:60:b2:64:08:d0:
d9:c0:01:1a:a5:15:28:dc:89:39:52:94:b2:12:a7:
b4:ff:6b:56:56:a9:38:bb:34:4a:cc:9e:9a:57:29:
d1:bc:21:46:84:0d:3d:08:23:6f:27:e5:c9:4d:81:
e2:e9:b4:b0:05:b4:35:bd:73:13:cc:4b:db:78:51:
bb:85:f9:6f:18:38:cd:2b:55:cf:2a:5b:7c:17:de:
c1:e5:40:4c:7f:d5:8d:09:dd:c4:86:49:a3:92:ea:
39:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Subject Alternative Name:
DNS:www.googleadservices.com
Authority Information Access:
CA Issuers - URI:http://pki.google.com/GIAG2.crt
OCSP - URI:http://clients1.google.com/ocsp
X509v3 Subject Key Identifier:
F4:A4:33:19:C3:E0:AB:5C:C9:53:90:26:7E:AB:4E:CB:B3:99:1C:59
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Authority Key Identifier:
keyid:4A:DD:06:16:1B:BC:F6:68:B5:76:F5:81:B6:BB:62:1A:BA:5A:81:2F
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.11129.2.5.1
Policy: 2.23.140.1.2.2
X509v3 CRL Distribution Points:
Full Name:
URI:http://pki.google.com/GIAG2.crl
Signature Algorithm: sha256WithRSAEncryption
53:db:ed:18:e3:47:b7:6d:a7:7d:5a:e1:d0:ce:be:af:48:79:
ea:1b:d4:22:64:1e:73:2d:5f:24:b2:34:e7:d8:7d:fd:f5:22:
1d:e7:5b:32:3c:f6:d2:59:87:9c:35:8b:95:5f:74:69:c7:d0:
94:1e:ce:09:de:1c:f8:48:a4:25:5b:6b:36:d6:15:87:90:2c:
a8:84:26:65:cc:fb:33:05:ba:90:dc:a0:58:00:cc:1d:b1:6b:
ed:6c:dd:e7:83:cd:bd:6c:27:ee:0e:cc:11:00:b1:49:f9:4c:
59:6e:50:15:b0:22:9f:31:ac:10:f4:dc:14:d2:5a:be:6d:47:
f5:fd:c8:d8:bd:ff:3a:de:29:dd:a9:ac:fa:5b:63:cc:ee:50:
b6:25:5e:b5:4a:c1:fa:c2:bb:c8:f2:33:e5:92:b9:ec:18:13:
2f:0b:70:86:6b:f6:94:15:ec:53:ed:af:52:2f:3e:06:9a:8d:
b5:80:a5:bc:b5:b3:56:92:a8:1b:c6:d1:cd:49:b4:04:65:b4:
be:9a:56:1c:e9:17:84:54:24:85:c4:07:ce:4e:dd:0b:f6:8d:
53:54:66:90:7f:36:77:3e:8f:40:79:79:73:75:d1:66:bd:b2:
41:ee:5f:d2:4f:e2:fa:78:c1:3d:e4:ff:a4:ae:7a:94:81:af:
d2:6a:60:2b
I am trying understand what is going wrong here. Due to reasons I don't understand, my company's software requires two ports to connect using NTLM. Initially it connects on 443, then redirects to 4244 for authentication then is returned to 443 afterwards. The same certificate is bound on the server to both ports.
My first HTTPS GET works fine, however the second complains about the certificate. I believe this is due to the redirect back. If I set the domain for set_auth to 4244, it fails on the redirect back, if I set it to 443 (i.e. leave the port off) then it fails to authenticate.
client = HTTPClient.new()
client.ssl_config.set_trust_ca('./SenseStandalone/root.pem')
client.ssl_config.set_client_cert_file(cert, key)
...
#base_uri = "https://SenseStandalone"
https_url = #base_uri+path #+'?xrfkey='+#xrf
client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_PEER
client.set_auth(#base_uri, 'login', 'password')
t = client.get(https_url, query, extheader, :follow_redirect => true)
pp t
redirect = t.http_header.request_uri.to_s
puts redirect
client.set_auth('https://SenseStandalone:4244', 'login', 'password')
r = client.get(redirect, nil, extheader, :follow_redirect => true)
pp r.status_code, r.body
What I really neeed it do be able to set the domain to the whole server. Setting it to 'nil' causes it to fail altogether.
Of course I can fix this with:
client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE
But I'd rather not do that if I have a choice.
As an aside, any idea why I need to do the first redirect manually? The second one redirects on its own.
The actual error:
So to be specific the error is:
C:/dev/Ruby22-x64/lib/ruby/2.2.0/openssl/ssl.rb:240:in `post_connection_check': hostname "sensestandalone" does not match the server certificate (OpenSSL::SSL::SSLError)
The certificate is the same for both ports:
C:\Windows\system32>netsh http show sslcert
SSL Certificate bindings:
IP:port : 0.0.0.0:4244
Certificate Hash : 7b2969cf62af93fc0ebca19b597a370a32be89b7
Application ID : {cebd7eb4-e9bb-4377-85be-d961248daa80}
Certificate Store Name : (null)
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
IP:port : 0.0.0.0:443
Certificate Hash : 7b2969cf62af93fc0ebca19b597a370a32be89b7
Application ID : {3af37b68-4503-431e-b020-9e85fe225814}
Certificate Store Name : (null)
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
SSL Certificate (443):
C:\openssl\bin>openssl s_client -connect sensestandalone:443 -tls1 -servername sensestandalone | openssl x509 -text -noout
Loading 'screen' into random state - done
depth=0 CN = SenseStandalone
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = SenseStandalone
verify error:num=21:unable to verify the first certificate
verify return:1
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
d9:cd:81:4e:f8:8c:28:ed:f5:1d:0c:67:ae:5c:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=SenseStandalone-CA
Validity
Not Before: Jan 2 04:19:53 2017 GMT
Not After : Jan 9 04:19:53 2027 GMT
Subject: CN=SenseStandalone
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:8b:23:c4:f9:6c:d2:19:90:db:9c:51:2a:14:5e:
88:c5:24:cf:e9:3a:67:82:7a:8f:db:9b:ad:39:99:
9c:4c:1c:c4:11:ae:6a:96:20:24:e1:e2:19:c3:9e:
53:ba:52:45:4d:93:79:80:8b:c3:d9:3f:e7:7e:88:
65:16:b7:e5:84:8e:7c:1d:1e:e4:b4:df:29:8b:b4:
1e:6b:c2:c0:b8:83:78:16:de:4d:65:80:b0:b5:c6:
53:86:05:63:b3:2b:52:a0:20:8a:35:b0:fc:5d:25:
e8:77:32:b3:8c:28:b3:53:39:d1:4e:7b:df:0b:ee:
4c:51:bd:bf:01:f2:99:4b:59:31:c2:8e:04:a3:15:
0e:2c:34:da:e7:66:11:1d:77:85:80:28:d2:6b:05:
97:28:c0:97:a3:e4:8e:28:a7:d0:24:d5:69:da:e2:
2c:b1:5f:ee:5b:28:4e:44:04:c2:45:32:26:d7:8f:
19:56:95:e1:2a:ac:72:e1:57:ef:85:7e:53:dc:09:
44:22:4e:02:d6:20:69:02:c0:6a:49:23:76:5e:6d:
4f:e1:c6:9c:1b:a2:75:9d:b2:f7:65:89:cf:89:10:
37:c3:57:b0:a8:77:aa:c4:15:a8:7c:00:e6:75:c9:
06:7d:76:9e:cb:51:e9:ae:4e:e9:f8:57:ee:e2:e4:
de:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:90:47:3E:66:51:DA:14:1A:A5:85:77:D2:36:66:61:E4:3A:08:FF
X509v3 Authority Key Identifier:
keyid:C9:D1:A4:38:7F:FA:6F:9A:05:DD:CC:8A:D9:7B:4C:12:98:38:86:AE
1.3.6.1.5.5.7.13.3:
..Service
1.3.6.1.5.5.7.13.1:
vgu,...e...q......Y.*r...GiG!./aL..+..O......>..w.9...M`f..,....T..w`...i^.b..&...!C.... ]..{h9.W...W3...F(...(=.)..Z....x..F..2
1.3.6.1.5.5.7.13.2:
...SJ....S.8/....................(P*R.............5]..........?..b..l..=\.O......L.W.x.,.......|.. .,....t2aK..z)..s=..3,......x
Signature Algorithm: sha256WithRSAEncryption
27:2d:1d:c1:43:00:77:ec:76:a9:f1:f8:c3:73:26:58:e8:7d:
fc:61:3b:cf:91:dd:cf:b7:6c:66:ac:5d:c7:bb:08:10:85:2a:
4a:be:b8:d2:df:c3:02:ff:02:f9:9d:89:e7:6c:6c:82:d9:99:
9a:47:2a:65:01:c8:d2:ad:f4:c8:e1:a4:12:72:3a:c6:11:d6:
90:b2:4e:2a:42:a5:d6:53:69:1b:57:ee:2c:02:b6:a1:8a:a5:
bb:6d:23:04:46:69:74:fa:c7:f3:70:d4:a7:d0:8b:ca:cd:ff:
65:5e:e3:44:20:be:28:58:08:5b:5f:9d:f0:07:1b:b9:ee:ca:
7e:33:99:49:2e:57:b8:5e:dd:82:e4:7e:85:33:e7:3d:27:7c:
d5:a9:b0:24:22:6b:17:3e:34:91:c6:a0:22:b7:3c:85:6c:64:
ed:d2:72:a7:ac:a7:5d:04:b5:fa:4a:48:49:bc:31:0f:48:38:
20:84:4e:a3:fe:f2:2c:bc:89:ee:0d:2f:4d:3f:87:29:9f:f7:
c6:3d:97:a3:12:28:a0:92:5a:64:7f:45:de:18:b3:c3:91:5f:
eb:85:9a:99:e9:e2:f5:cc:a6:47:65:5f:be:d6:dd:50:88:38:
5c:17:88:16:25:07:20:e2:cd:13:ca:69:14:97:73:ad:d9:cd:
52:3b:0b:e4
SSL Certificate (4244):
C:\openssl\bin>openssl s_client -connect sensestandalone:4244 -tls1 -servername sensestandalone | openssl x509 -text -noout
depth=0 CN = SenseStandalone
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = SenseStandalone
verify error:num=21:unable to verify the first certificate
verify return:1
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
d9:cd:81:4e:f8:8c:28:ed:f5:1d:0c:67:ae:5c:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=SenseStandalone-CA
Validity
Not Before: Jan 2 04:19:53 2017 GMT
Not After : Jan 9 04:19:53 2027 GMT
Subject: CN=SenseStandalone
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:8b:23:c4:f9:6c:d2:19:90:db:9c:51:2a:14:5e:
88:c5:24:cf:e9:3a:67:82:7a:8f:db:9b:ad:39:99:
9c:4c:1c:c4:11:ae:6a:96:20:24:e1:e2:19:c3:9e:
53:ba:52:45:4d:93:79:80:8b:c3:d9:3f:e7:7e:88:
65:16:b7:e5:84:8e:7c:1d:1e:e4:b4:df:29:8b:b4:
1e:6b:c2:c0:b8:83:78:16:de:4d:65:80:b0:b5:c6:
53:86:05:63:b3:2b:52:a0:20:8a:35:b0:fc:5d:25:
e8:77:32:b3:8c:28:b3:53:39:d1:4e:7b:df:0b:ee:
4c:51:bd:bf:01:f2:99:4b:59:31:c2:8e:04:a3:15:
0e:2c:34:da:e7:66:11:1d:77:85:80:28:d2:6b:05:
97:28:c0:97:a3:e4:8e:28:a7:d0:24:d5:69:da:e2:
2c:b1:5f:ee:5b:28:4e:44:04:c2:45:32:26:d7:8f:
19:56:95:e1:2a:ac:72:e1:57:ef:85:7e:53:dc:09:
44:22:4e:02:d6:20:69:02:c0:6a:49:23:76:5e:6d:
4f:e1:c6:9c:1b:a2:75:9d:b2:f7:65:89:cf:89:10:
37:c3:57:b0:a8:77:aa:c4:15:a8:7c:00:e6:75:c9:
06:7d:76:9e:cb:51:e9:ae:4e:e9:f8:57:ee:e2:e4:
de:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:90:47:3E:66:51:DA:14:1A:A5:85:77:D2:36:66:61:E4:3A:08:FF
X509v3 Authority Key Identifier:
keyid:C9:D1:A4:38:7F:FA:6F:9A:05:DD:CC:8A:D9:7B:4C:12:98:38:86:AE
1.3.6.1.5.5.7.13.3:
..Service
1.3.6.1.5.5.7.13.1:
vgu,...e...q......Y.*r...GiG!./aL..+..O......>..w.9...M`f..,....T..w`...i^.b..&...!C.... ]..{h9.W...W3...F(...(=.)..Z....x..F..2
1.3.6.1.5.5.7.13.2:
...SJ....S.8/....................(P*R.............5]..........?..b..l..=\.O......L.W.x.,.......|.. .,....t2aK..z)..s=..3,......x
Signature Algorithm: sha256WithRSAEncryption
27:2d:1d:c1:43:00:77:ec:76:a9:f1:f8:c3:73:26:58:e8:7d:
fc:61:3b:cf:91:dd:cf:b7:6c:66:ac:5d:c7:bb:08:10:85:2a:
4a:be:b8:d2:df:c3:02:ff:02:f9:9d:89:e7:6c:6c:82:d9:99:
9a:47:2a:65:01:c8:d2:ad:f4:c8:e1:a4:12:72:3a:c6:11:d6:
90:b2:4e:2a:42:a5:d6:53:69:1b:57:ee:2c:02:b6:a1:8a:a5:
bb:6d:23:04:46:69:74:fa:c7:f3:70:d4:a7:d0:8b:ca:cd:ff:
65:5e:e3:44:20:be:28:58:08:5b:5f:9d:f0:07:1b:b9:ee:ca:
7e:33:99:49:2e:57:b8:5e:dd:82:e4:7e:85:33:e7:3d:27:7c:
d5:a9:b0:24:22:6b:17:3e:34:91:c6:a0:22:b7:3c:85:6c:64:
ed:d2:72:a7:ac:a7:5d:04:b5:fa:4a:48:49:bc:31:0f:48:38:
20:84:4e:a3:fe:f2:2c:bc:89:ee:0d:2f:4d:3f:87:29:9f:f7:
c6:3d:97:a3:12:28:a0:92:5a:64:7f:45:de:18:b3:c3:91:5f:
eb:85:9a:99:e9:e2:f5:cc:a6:47:65:5f:be:d6:dd:50:88:38:
5c:17:88:16:25:07:20:e2:cd:13:ca:69:14:97:73:ad:d9:cd:
52:3b:0b:e4
The command seemed to hang at the end both times..
So I managed to get a difference certificate. I set both the FQDN and hostname as SAN's in lowercase.
One of these has fixed my issue. I am not sure which. I would appreciate a reference to the requirement for Subject Alternate names as the developers I spoke to as my company see this as just a suggestion.