331.1 - X.509 Certificates and Public Key Infrastructures

Key Knowledge Areas:

• Understand X.509 certificates, X.509 certificate lifecycle, X.509 certificate fields and X.509v3 certificate extensions
• Understand trust chains and public key infrastructures, including certificate transparency
• Generate and manage public and private keys
• Create, operate and secure a certification authority
• Request, sign and manage server and client certificates
• Revoke certificates and certification authorities
• Basic feature knowledge of Let’s Encrypt, ACME and certbot
• Basic feature knowledge of CFSSL

Partial list of the used files, terms and utilities:

• openssl (including relevant subcommands)
• OpenSSL configuration
• PEM, DER, PKCS
• CSR
• CRL
• OCSP

Terms

PEM, DER, PKCS

• PEM
• DER
• PKCS

CSR

certificate signing request

CRL

certificate revocation list

OCSP

online certificate status protocol

OCSP stapling

online certificate status protocol stapling

Files

OpenSSL configuration

/etc/pki/tls/openssl.cnf

Utilities

openssl

man 1 ca
man 1 openssl
man 1 genpkey
man 1 pkeyutl
man 1 req

Notes

Certificate Transparency

• Certificate Transparency

Certification Authority

• Certificate Authority
• create root certificate:
  • copy and update the configuration file: mkdir -p CA/newcerts && cp /etc/pki/tls/openssl.cnf CA/ && sed -e "s@^dir\t\t=.*@dir\t\t= ./CA@" -i CA/openssl.cnf && echo -e "\n[ v3_intermediate ]\n\n# CRL and OCSP extensions\nauthorityInfoAccess\t= OCSP;URI:http://ocsp.my.host/\ncrlDistributionPoints\t= URI:http://example.com/crl.pem\n# PKIX recommendation.\nauthorityKeyIdentifier\t= keyid:always,issuer\nbasicConstraints\t\t= critical,CA:true\nsubjectKeyIdentifier\t\t= hash" >> CA/openssl.cnf
  • generate the root certificate: openssl req -days 1460 -keyout CA/key.ca.pem -new -newkey rsa:4096 -nodes -out CA/cert.ca.pem -sha256 -subj "/C=CY/ST=ProvinceState/L=City/O=Organization/CN=ca.example.net" -x509
  • (inspect the root certificate: openssl x509 -dates -ext basicConstraints -in CA/cert.ca.pem -issuer -noout -subject)
• create intermediate certificate:
  • copy and update the configuration file: mkdir -p Intermediate/newcerts && cp /etc/pki/tls/openssl.cnf Intermediate/ && sed -e "s@^dir\t\t=.*@dir\t\t= ./Intermediate@" -i Intermediate/openssl.cnf
  • generate private key: openssl genpkey -algorithm ED25519 -out Intermediate/key.int.pem
  • generate certificate signing request: openssl req -key Intermediate/key.int.pem -new -out Intermediate/cert.int.csr -subj "/C=CY/ST=ProvinceState/L=City/O=Organization/CN=intermediate1.example.net"
  • (inspect the certificate signing request: openssl req -in Intermediate/cert.int.csr -noout -text)
• operate:
  • sign (intermediate) certificate:
    • (initialize database: touch CA/index.txt)
    • openssl ca -batch -cert CA/cert.ca.pem -config CA/openssl.cnf -create_serial -days 1095 -extensions v3_intermediate -in Intermediate/cert.int.csr -keyfile CA/key.ca.pem -out Intermediate/cert.int.pem
  • revoke (intermediate) certificate: openssl ca -cert CA/cert.ca.pem -config CA/openssl.cnf -keyfile CA/key.ca.pem -revoke Intermediate/cert.int.pem
  • publish certificate status:
    • (initialize CRL sequence: echo "00" > CA/crlnumber)
    • generate CRL: openssl ca -cert CA/cert.ca.pem -config CA/openssl.cnf -gencrl -keyfile CA/key.ca.pem -out CA/crl.pem
    • (host crl.pem at the URL configured in v3_intermediate section of CA/openssl.cnf, or make crl.pem accessible to the OCSP responder configured in v3_intermediate section of CA/openssl.cnf)
• secure:
  • consider offline root CA with long-lasting CRL
  • consider OCSP for real-time certificate status information
  • consider OCSP stapling to reduce traffic to the (intermediate) CA

Public and private keys

• Public key certificate
• generate:
  • leaf certificate path: mkdir Leaf
  • private key: openssl genpkey -algorithm ED25519 -out Leaf/key.pem; openssl genpkey -algorithm RSA -out Leaf/key.pem -pkeyopt rsa_keygen_bits:2048
  • public key (certificate signing request): openssl req -key Leaf/key.pem -new -out Leaf/cert.csr -subj "/C=CY/ST=ProvinceState/L=City/O=Organization/CN=localhost.example.net"
  • (inspect the certificate signing request: openssl req -in Leaf/cert.csr -noout -text)
• manage:
  • extensions: echo -e "authorityInfoAccess\t= OCSP;URI:http://ocsp.my.host/\ncrlDistributionPoints\t= URI:http://example.com/crl.pem" > Intermediate/extensions.cnf
  • sign (/issue) certificate: openssl x509 -CA Intermediate/cert.int.pem -CAcreateserial -CAkey Intermediate/key.int.pem -CAserial Intermediate/serial -days 730 -extfile Intermediate/extensions.cnf -in Leaf/cert.csr -out Leaf/cert.pem -req
  • (inspect the certificate: openssl x509 -dates -ext authorityInfoAccess,crlDistributionPoints,subjectAltName -in Leaf/cert.pem -issuer -noout -subject)
  • revoke certificate:
    • (initialize database: touch Intermediate/index.txt)
    • openssl ca -cert Intermediate/cert.int.pem -config Intermediate/openssl.cnf -keyfile Intermediate/key.int.pem -revoke Leaf/cert.pem -verbose
  • publish revocation:
    • (initialize CRL sequence: echo "00" > Intermediate/crlnumber)
    • openssl ca -cert Intermediate/cert.int.pem -config Intermediate/openssl.cnf -gencrl -keyfile Intermediate/key.int.pem -out Intermediate/crl.pem
    • (host crl.pem at the URL configured in Intermediate/extensions.cnf, or make crl.pem accessible to the OCSP responder configured in Intermediate/extensions.cnf)
• commands:
  • openssl genpkey: generates private key or parameters
  • openssl list -public-key-algorithms: lists supported algorithms
  • openssl pkeyparam: prints and validates parameters
  • openssl pkeyutl: performs low level public key operations (sign data, recover signed data, verify signature, derive shared secret)

parameter generation:

• valid algorithms: DH, DSA and EC
• examples:
  • openssl genpkey -genparam -algorithm DH -out dh-params.pem -outform PEM -pkeyopt dh_paramgen_prime_len:2048
  • openssl genpkey -genparam -algorithm DSA -out dsa-params.pem -outform PEM -pkeyopt dsa_paramgen_bits:2048
  • openssl genpkey -genparam -algorithm EC -out ec-params.pem -outform PEM -pkeyopt ec_paramgen_curve:P-256

parameter validation:

• examples:
  • openssl pkeyparam -check -in dh-params.pem -text
  • openssl pkeyparam -check -in dsa-params.pem -noout
  • openssl pkeyparam -in ec-params.pem -text

Best practices

• Qualys SSL Labs: Best Practices
• Mozilla wiki: Security/Server Side TLS

Howtos

• Root and Intermediate CA including OCSP, CRL, and revocation