Didier Stevens

Wednesday 8 May 2013

Howto: Make Your Own Cert And Revocation List With OpenSSL

Filed under: Encryption — Didier Stevens @ 10:34

Here is a variant to my “Howto: Make Your Own Cert With OpenSSL” method. This time, I needed a signing cert with a Certificate Revocation List (CRL) extension and an (empty) CRL. I used instructions from this post.

Adding a CRL extension to a certificate is not difficult, you just need to include a configuration file with one line. But creating a CRL file requires more steps, that’s why I needed this howto. The start of this howto is the same as my previous howto.

First we generate a 4096-bit long RSA key for our root CA and store it in file ca.key:

openssl genrsa -out ca.key 4096

Generating RSA private key, 4096 bit long modulus
...................................................................................++
........................................................................++
e is 65537 (0x10001)

If you want to password-protect this key, add option -des3.

Next, we create our self-signed root CA certificate ca.crt; you’ll need to provide an identity for your root CA:

openssl req -new -x509 -days 1826 -key ca.key -out ca.crt

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:BE
State or Province Name (full name) []:Brussels
Locality Name (eg, city) [Default City]:Brussels
Organization Name (eg, company) [Default Company Ltd]:Didier Stevens
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:Didier Stevens CA
Email Address []:

The -x509 option is used for a self-signed certificate. 1826 days gives us a cert valid for 5 years.

Next step: create our subordinate CA that will be used for the actual signing. First, generate the key:

openssl genrsa -out ia.key 4096

Generating RSA private key, 4096 bit long modulus
.....++
.............................................................................++
e is 65537 (0x10001)

Then, request a certificate for this subordinate CA:

openssl req -new -key ia.key -out ia.csr

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:BE
State or Province Name (full name) []:Brussels
Locality Name (eg, city) [Default City]:Brussels
Organization Name (eg, company) [Default Company Ltd]:Didier Stevens
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:Didier Stevens IA
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Make sure the Common Name is different for both certs, otherwise you’ll get an error. Now, before we process the request for the subordinate CA certificate and get it signed by the root CA, we need to create a couple of files (this step is done with Linux; to create empty file certindex on Windows, you could use Notepad in stead of touch).

touch certindex
echo 01 > certserial
echo 01 > crlnumber

And also create this configuration file (ca.conf):

# Mainly copied from:
# http://swearingscience.com/2009/01/18/openssl-self-signed-ca/

[ ca ]
default_ca = myca

[ crl_ext ]
# issuerAltName=issuer:copy  #this would copy the issuer name to altname
authorityKeyIdentifier=keyid:always

 [ myca ]
 dir = ./
 new_certs_dir = $dir
 unique_subject = no
 certificate = $dir/ca.crt
 database = $dir/certindex
 private_key = $dir/ca.key
 serial = $dir/certserial
 default_days = 730
 default_md = sha1
 policy = myca_policy
 x509_extensions = myca_extensions
 crlnumber = $dir/crlnumber
 default_crl_days = 730

 [ myca_policy ]
 commonName = supplied
 stateOrProvinceName = supplied
 countryName = optional
 emailAddress = optional
 organizationName = supplied
 organizationalUnitName = optional

 [ myca_extensions ]
 basicConstraints = CA:false
 subjectKeyIdentifier = hash
 authorityKeyIdentifier = keyid:always
 keyUsage = digitalSignature,keyEncipherment
 extendedKeyUsage = serverAuth
 crlDistributionPoints = URI:http://example.com/root.crl
 subjectAltName  = @alt_names

 [alt_names]
 DNS.1 = example.com
 DNS.2 = *.example.com

Notice the crlDistributionPoints and DNS. entries pointing to domain example.com. You should change them to your domain.

Now you can sign the request:

openssl ca -batch -config ca.conf -notext -in ia.csr -out ia.crt

Using configuration from ca.conf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName          : PRINTABLE:'BE'
stateOrProvinceName   :ASN.1 12:'Brussels'
localityName          :ASN.1 12:'Brussels'
organizationName      :ASN.1 12:'Didier Stevens'
commonName            :ASN.1 12:'Didier Stevens IA'
Certificate is to be certified until May  3 21:13:02 2015 GMT (730 days)

Write out database with 1 new entries
Data Base Updated

To use this subordinate CA key for Authenticode signatures with Microsoft’s signtool, you’ll have to package the keys and certs in a PKCS12 file:

openssl pkcs12 -export -out ia.p12 -inkey ia.key -in ia.crt -chain -CAfile ca.crt

Enter Export Password:
Verifying - Enter Export Password:

Finally, you can generate the empty CRL file:
openssl ca -config ca.conf -gencrl -keyfile ca.key -cert ca.crt -out root.crl.pem
openssl crl -inform PEM -in root.crl.pem -outform DER -out root.crl
rm root.crl.pem

rm is a Linux command, use del on a Windows machine.

The last step is to host this root.crl file on the webserver pointed to in the CRL extension (http://example.com/root.crl in this example).

If you need to revoke the intermediate certificate, use this command:

openssl ca -config ca.conf -revoke ia.crt -keyfile ca.key -cert ca.crt

And then regenerate the CRL file like explained above.

2 Comments »

  1. […] before it retrieves a URL when a PDF document contains an action to do so. But what about the Certificate Revocation List in a signed PDF […]

    Pingback by Adobe Reader and CRLs | Didier Stevens — Monday 13 May 2013 @ 18:08

  2. Certificate Authority setup: Doing it right with OpenSSL

    In my previous post about securing HTTP-connections HTTP Secure: Is Internet really broken? I was speculating about the current state of encryption security in web applications. This article is about how to actually implement a CA in detail and the req…

    Trackback by Hacker's ramblings — Friday 27 December 2013 @ 10:56


RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated)

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

The Rubric Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 225 other followers

%d bloggers like this: