Categories
Windows

A self-sighed certificate with SANs and SHA256 by OpenSSL.

同一記事の日本語版
Update information      Edit(Oct.28)

   When I tested my SSL server by “Qualys SSL Labs – Projects / SSL Server Test” for this dust, the test gave me following Reds and Oranges (^_^;).
 
||Reds||

  1. Trusted : No NOT TRUSTED <<---- Because I use a self-sighed certificate that the Labs doesn't know. So I ignore the message with confidence ha-ha.
  2. IE 6 / XP No FS 1 No SNI 2 : Protocol or cipher suite mismatch : Fail3 <<---- My SSL server user is only me, and I don't use IE 6 / XP. So I ignore the message.
  3. Fail3 They say “Only first connection attempt simulated. Browsers tend to retry with a lower protocol version.” My SSL server doesn’t accept lower protocols, but it’s no problem for me.
  4.    As above I have nothing to be done about Reds.

||Oranges||

  1. Prefix handling : Not valid for “www.o6asan.com” :CONFUSING
  2. Signature algorithm : SHA1withRSA : WEAK
  3. Chain issues : Contains anchor <<---- Ivan Ristić replied about “Chain issues Contains anchor”. So I ignore the message.
  4. Not in trust store <<---- Because I use a self-sighed certificate. So I ignore the message.
  5. Downgrade attack prevention : No, TLS_FALLBACK_SCSV not supported
  6. Forward Secrecy : With some browsers

   As above I have something to be done about 1, 2, 5 and 6. First I handle 5 and 6 because I need to re-create a new certificate for 1 and 2.

  1. I update Apache 2.4.10 (httpd-2.4.10-win32-VC11.zip) to October 20 version. Because it was built with openssl-1.0.1j which supported TLS_FALLBACK_SCSV.
  2. I uncommented SSLHonorCipherOrder on and changed SSLCipherSuite Directive value in the httpd-ssl.conf.
    HIGH:MEDIUM:!aNULL:!MD5

    EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384
    EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256
    EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP
    !PSK !SRP !DSS

       Ref : Configuring Apache, Nginx, and OpenSSL for Forward Secrecy
    ↓ I changed on Dec. 23 because of RC4.
    EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384
    EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH
    EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"

       Ref : RC4 in TLS is Broken: Now What?

    IF your server should support some mobile OS/browser or legacy ones, you need more additional configuration. But the above is enough to my server.
  3. After them the test gives me “Downgrade attack prevention : Yes, TLS_FALLBACK_SCSV supported” and “Forward Secrecy : Yes (with most browsers) ROBUST”.

   Second I handle 1 and 2.
   The 1 is caused by my self-sighed certificate only has o6asan.com as its Common Name. So I have to create a new certificate supporting both o6asan.com and www.o6asan.com. But there is a problem that I want to use only one IP address for my SSL server. Nowadays we have the solution for this issue that is called SNI(Server Name Indication) though all OS/browser haven’t supported it yet. I can use a wildcard certificate or SAN for SNI. I use SANs because I don’t want to allow my SSL server to accept all sub domains though I can restrict them by Apache configuration.
   The 2 is caused by my creation of the certificate by OpenSSL default, which is set to use SHA1. So I’ll use default_md = sha256 for the new certificate.
 On 28th, I re-read Server Name Indication. Is SNI a different story from wildcard certificate / SAN? I don’t understand them still now. Difficult.

   I copy the file openssl.cnf(← this is the default name) from Apche24conf folder to c:openssl-1.0.1x-winxxssl(← this is the default location) and customize like the followings.

    Change values and uncomment a line.

  1. dir = ./demoCA —->> dir = X:/demoCA <<----Need an exact path
  2. default_crl_days = 30 —->> default_crl_days = 365
  3. default_md = default —->> default_md = sha256
  4. default_bits = 1024 —->> default_bits = 2048
  5. # req_extensions = v3_req —->> req_extensions = v3_req
    Adding lines.

  1. subjectAltName = @alt_names to [ v3_req ] area.
  2. [ alt_names ]
    DNS.1 = example.com
    DNS.2 = www.example.com
    to just before [ v3_ca ] area.
     
    You can add your domains, like DNS.1, DNS.2, DNS.3, ….
  3. If you make a client certificate, add the followings to the end of the openssl.cnf.
    [ ssl_client ]
    basicConstraints = CA:FALSE
    nsCertType = client
    keyUsage = digitalSignature, keyEncipherment
    extendedKeyUsage = clientAuth
    nsComment = "OpenSSL Certificate for SSL Client"

   Now I’ll create new certificate. (Ref : WordPress: Administration Over SSL #1)

    ||Create myCA||

  1. Make myCA folder at X:/
  2. Make two folders and a file named private, newcerts and index.txt in the myCA.
  3. Run cmd.exe as Administrator
    pushd X:myCA
    echo 01 > serial
    openssl req -new -keyout privatecakey.pem -out careq.pem
    openssl ca -selfsign -in careq.pem -extensions v3_ca -out cacert.pem
    copy cacert.pem (Drive_SV):Apache24confssl.crt
    copy cacert.pem my_ca.crt

      Note) (Drive_SV) is a partition for server components on my home server PC.
    ||Create Server Cert||

  1. pushd X:myCA
    openssl genrsa -out server.key 2048
    openssl req -new -out server.csr -key server.key
  2. Check multiple SANs in the CSR (Can you see ‘Subject Alternative Name’ area in it?)
    openssl req -text -noout -in server.csr
  3. openssl ca -in server.csr -out server.crt -extensions v3_req
    copy server.key cp_server.key
    openssl rsa <cp_server.key> server.key
    copy server.key (Drive_SV):Apache24conf
    copy server.crt (Drive_SV):Apache24conf
    ||Create Client Cert||

  1. pushd X:myCA
    openssl req -new -keyout client.key -out client.csr
    openssl ca -policy policy_anything -extensions ssl_client -in client.csr -out client.crt
    openssl pkcs12 -export -in client.crt -inkey client.key -out clientcert.p12

References about SANs : FAQ/subjectAltName (SAN), Multiple Names on One Certificate.

   I have a self-sighed certificate with SANs and SHA256 now. Mission complete!!

Leave a Reply

Your email address will not be published. Required fields are marked *