Ever wanted to make your own public key certificate for digital signatures? There are many recipes and tools on the net, like this one. My howto uses OpenSSL, and gives you a cert with a nice chain to your root CA.
First we generate a 4096-bit long RSA key for our root CA and store it in file ca.key:
openssl genrsa -out ca.key 4096
Generating RSA private key, 4096 bit long modulus ...................................................................................++ ........................................................................++ e is 65537 (0x10001)
If you want to password-protect this key, add option -des3.
Next, we create our self-signed root CA certificate ca.crt; you’ll need to provide an identity for your root CA:
openssl req -new -x509 -days 1826 -key ca.key -out ca.crt
You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [GB]:BE State or Province Name (full name) [Berkshire]:Brussels Locality Name (eg, city) [Newbury]:Brussels Organization Name (eg, company) [My Company Ltd]:https://DidierStevens.com Organizational Unit Name (eg, section) []: Common Name (eg, your name or your server's hostname) []:Didier Stevens (https://DidierStevens.com) Email Address []:didier stevens Google mail
The -x509 option is used for a self-signed certificate. 1826 days gives us a cert valid for 5 years.
Next step: create our subordinate CA that will be used for the actual signing. First, generate the key:
openssl genrsa -out ia.key 4096
Generating RSA private key, 4096 bit long modulus .....++ .............................................................................++ e is 65537 (0x10001)
Then, request a certificate for this subordinate CA:
openssl req -new -key ia.key -out ia.csr
You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [GB]:BE State or Province Name (full name) [Berkshire]:Brussels Locality Name (eg, city) [Newbury]:Brussels Organization Name (eg, company) [My Company Ltd]:https://DidierStevens.com Organizational Unit Name (eg, section) []:Didier Stevens Code Signing (https://DidierStevens.com) Common Name (eg, your name or your server's hostname) []: Email Address []:didier stevens Google mail Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:
Next step: process the request for the subordinate CA certificate and get it signed by the root CA.
openssl x509 -req -days 730 -in ia.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out ia.crt
Signature ok subject=/C=BE/ST=Brussels/L=Brussels/O=https://DidierStevens.com/OU=Didier Stevens Code Signing (https://DidierStevens.com)/emailAddress=didier stevens Google mail Getting CA Private Key
The cert will be valid for 2 years (730 days) and I decided to choose my own serial number 01 for this cert (-set_serial 01). For the root CA, I let OpenSSL generate a random serial number.
That’s all there is to it! Of course, there are many options I didn’t use. Consult the OpenSSL documentation for more info. For example, I didn’t restrict my subordinate CA key usage to digital signatures. It can be used for anything, even making another subordinate CA. When you buy a code signing certificate, the CA company will limit its use to code signing.
To use this subordinate CA key for Authenticode signatures with Microsoft’s signtool, you’ll have to package the keys and certs in a PKCS12 file:
openssl pkcs12 -export -out ia.p12 -inkey ia.key -in ia.crt -chain -CAfile ca.crt
Enter Export Password: Verifying - Enter Export Password:
To sign executables in Windows with the signtool: install file ia.p12 in your certificate store (e.g. double click it), and then use signtool /wizard to sign your PE file.
I’ve used this process to generate certs for my own code signing, and for my Authenticode Challenge.
[...] to Windows executables (PE files). This howto shows you how to use signtool. You’ll need to create your own certificate and key (or buy one) to sign [...]
Pingback by Howto: Add a Digital Signature to Executables « Didier Stevens — Wednesday 31 December 2008 @ 10:57
[...] now I sign good.exe with my own cert. But there’s a little change in the code signing procedure I explained in this other [...]
Pingback by Playing With Authenticode and MD5 Collisions « Didier Stevens — Saturday 17 January 2009 @ 15:13
Hallo Didier,
Merci voor de nuttige info. Ik kan het goed gebruiken
Waarvoor ex-collega’s al niet goed zijn hé.
Groeten,
Geert
Comment by Geert Bex — Tuesday 10 March 2009 @ 19:06
Inderdaad, België is klein hé!
Comment by Didier Stevens — Tuesday 10 March 2009 @ 19:31
Thanks for this post. It came in very handy for testing SSL support in hMailServer on Windows.
Comment by Kevin miller — Wednesday 11 March 2009 @ 19:49
Hi,
I followed the steps exactly and I got this error:
Error self signed certificate getting chain.
Any idea?
Comment by M — Wednesday 29 April 2009 @ 9:46
Forgot to mention, I get the error after running this command:
openssl pkcs12 -export -out ia.p12 -inkey ia.key -in ia.crt -chain -CAfile ca.crt
The other commands work fine
Comment by M — Wednesday 29 April 2009 @ 9:50
The error is:
Error self signed certificate getting chain.
Comment by M — Wednesday 29 April 2009 @ 10:02
What version of OpenSSL are you using, and on which OS?
Comment by Didier Stevens — Wednesday 29 April 2009 @ 11:29
OpenSSL 0.9.8b 04 May 2006
running on x86_64 GNU/Linux
Comment by M — Wednesday 29 April 2009 @ 11:32
I’ve also done the procedure on an older version of OpenSSL than yours (0.9.7a), so it’s probably not version dependent. If you can share your keysfiles and cert files, I’m willing to try on my machine. I have a gmail account, details on my About page.
Comment by Didier Stevens — Wednesday 29 April 2009 @ 11:47
Update: the reason of “Error self signed certificate getting chain.” is that you use identical data for your CA and IA certificate.
Comment by Didier Stevens — Monday 4 May 2009 @ 20:07
Thank you so much for sharing this!
In your instructions, I don’t know how you got around the requirement of designating an openssl.cnf configuration file. Maybe the version of OpenSSL you were using was compiled to look for it in the right place. Mine was compiled to look for it in /usr/local/ssl/openssl.cnf, which doesn’t exist on a Windows machine.
The next problem is, that on Windows XP at least, .cnf files are designated a NetMeeting “SpeedDial” files. But you can edit the file extension to break this link, or better yet have the extension open in Notepad. This isn’t absolutely necessary though.
I found the default openssl.cnf file installed in my OpenSSL/share directory, so I moved it to the bin directory, so when I ran openssl from there, I could just add -config openssl.cnf to my openssl commands when it complained about not finding it.
Finally, thank you again for your comment about the “Error self signed certificate getting chain” error. I went back and changed some of my answers to the cert issuing questions, and the error disappeared when I tried again.
My next task is to install a certificate (which one?) on my intranet Active Directory domain server, so all the computers in my domain will trust code that I sign with my digital signature.
Comment by jeng1111 — Friday 5 March 2010 @ 21:17
@jeng1111 It’s the root CA you need to distribute (the self-signed one).
Comment by Didier Stevens — Friday 5 March 2010 @ 22:49
Thanks for your help! I installed my root cert on the other machines in the office by going to Start > Run… > mmc > File > Add/Remove snap-in > Add… and choosing Certificates. Then I right-clicked somewhere to import the root cert file I had made.
After I had installed the root CA, when I opened a file in Microsoft Office that I had signed (with a certificate that had been issued using that same root cert), I was presented with the option of always trusting files signed liked that.
Next I would like to experiment with creating a certificate just for code signing. I believe the information is here: http://www.openssl.org/docs/apps/x509v3_config.html under “Extended Key Usage.”
Comment by jeng1111 — Friday 16 April 2010 @ 19:54