linux - reproduce - Certificado con Extended Key Usage solo funciona en Firefox
facebook mozilla firefox gratis (1)
Traté de generar un certificado de auto-firma en mi servidor para múltiples dominios. Utilicé OpenSL basándose en la extensión v3_req. Utilicé esta línea de comando para generar certificados con dominio múltiple y uso de claves extendidas:
openssl x509 -req -days 3650 -in san_domain_com.csr -signkey san_domain_com.key -out san_domain_com.crt -extensions v3_req -extensions mysection -extfile openssl.cnf
Como resultado, mi certificado contiene el dominio múltiple, pero no el uso de claves extendido para serverauth y la orientación de la red, también mi sitio web solo es accesible desde Firefox. ¿Alguien tiene idea sobre esto? Gracias
Mi archivo openssl.conf
se estructuró de esta manera:
#
# OpenSSL example configuration file.
# This is mostly being used for generation of certificate requests.
#
# This definition stops the following lines choking if HOME isn''t
# defined.
HOME = .
RANDFILE = $ENV::HOME/.rnd
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
# To use this configuration file with the "-extfile" option of the
# "openssl x509" utility, name here the section containing the
# X.509v3 extensions to use:
# extensions =
# (Alternatively, use a configuration file that has only
# X.509v3 extensions in its main [= default] section.)
[ new_oids ]
# We can add new OIDs in here for use by ''ca'' and ''req''.
# Add a simple OID like this:
# testoid1=1.2.3.4
# Or use config file substitution like this:
# testoid2=${testoid1}.5.6
streetAddress = 2.5.4.9
postalCode = 2.5.4.17
POBox = 2.5.4.18
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir = ./demoCA # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem# The private key
RANDFILE = $dir/private/.rand # private random number file
x509_extensions = usr_cert # The extentions to add to the cert
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
# so this is commented out by default to leave a V1 CRL.
# crl_extensions = crl_ext
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = sha1 # which md to use
preserve = no # keep passed DN ordering
# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_match
# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
# For the ''anything'' policy
# At this point in time, you must list all acceptable ''object''
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
####################################################################
[ req ]
default_bits = 2048
default_keyfile = privkey.pem
default_md = sha1
distinguished_name = req_distinguished_name
req_extensions = v3_req
#attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert
# Passwords for private keys if not present they will be prompted for
# input_password = secret
# output_password = secret
# This sets a mask for permitted string types. There are several options.
# default: PrintableString, T61String, BMPString.
# pkix : PrintableString, BMPString.
# utf8only: only UTF8Strings.
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
# MASK:XXXX a literal mask value.
# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
# so use this option with caution!
string_mask = nombstr
# req_extensions = v3_req # The extensions to add to a certificate request
[ req_distinguished_name ]
countryName = Nom du pays (code ISO a 2 lettres)
countryName_default = FR
countryName_min = 2
countryName_max = 2
stateOrProvinceName = Nom du departement
stateOrProvinceName_default = Alpes Maritimes
stateOrProvinceName_max = 64
localityName = Nom de la ville
localityName_default = Nice
localityName_max = 64
organizationName = Raison Sociale (nom officiel de l organisation)
organizationName_default = Michel Durand SA
organizationName_max = 64
# we can do this but it is not needed normally :-)
#1.organizationName = Second Organization Name (eg, company)
#1.organizationName_default = World Wide Web Pty Ltd
organizationalUnitName = Nom commercial, service, ou texte libre (optionnel)
organizationalUnitName_default = Fourni par TBS internet
organizationalUnitName_max = 64
commonName = Adresse du site a securiser (FQDN de votre site)
commonName_default = www.monsitessl.fr
commonName_max = 64
# SET-ex3 = SET extension number 3
[ req_attributes ]
challengePassword = A challenge password
challengePassword_min = 4
challengePassword_max = 20
unstructuredName = An optional company name
[ usr_cert ]
# These extensions are added when ''ca'' signs a request.
# This goes against PKIX guidelines but some CAs do it and some software
# requires this to avoid interpreting an end user certificate as a CA.
basicConstraints=CA:FALSE
# Here are some examples of the usage of nsCertType. If it is omitted
# the certificate can be used for anything *except* object signing.
# This is OK for an SSL server.
# nsCertType = server
# For an object signing certificate this would be used.
# nsCertType = objsign
# For normal client use this is typical
# nsCertType = client, email
# and for everything including object signing:
# nsCertType = client, email, objsign
# This is typical in keyUsage for a client certificate.
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# This will be displayed in Netscape''s comment listbox.
nsComment = "OpenSSL Generated Certificate"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
# Copy subject details
# issuerAltName=issuer:copy
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
#nsBaseUrl
#nsRevocationUrl
#nsRenewalUrl
#nsCaPolicyUrl
#nsSslServerName
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = abc.bce.com
DNS.2 = abc.bced.com
DNS.3 = abc.bced.com
[ mysection ]
keyUsage = digitalSignature
extendedKeyUsage = codeSigning
[ v3_ca ]
# Extensions for a typical CA
# PKIX recommendation.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
# This is what PKIX recommends but some broken software chokes on critical
# extensions.
#basicConstraints = critical,CA:true
# So we do this instead.
basicConstraints = CA:true
# Key usage: this is typical for a CA certificate. However since it will
# prevent it being used as an test self-signed certificate it is best
# left out by default.
# keyUsage = cRLSign, keyCertSign
# Some might want this also
# nsCertType = sslCA, emailCA
# Include email address in subject alt name: another PKIX recommendation
# subjectAltName=email:copy
# Copy issuer details
# issuerAltName=issuer:copy
# DER hex encoding of an extension: beware experts only!
# obj=DER:02:03
# Where ''obj'' is a standard or added object
# You can even override a supported extension:
# basicConstraints= critical, DER:30:03:01:01:FF
[ crl_ext ]
# CRL extensions.
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
# issuerAltName=issuer:copy
authorityKeyIdentifier=keyid:always,issuer:always
¿Alguien tiene idea sobre esto?
El navegador participa en el foro CA / Browsers. La otra parte son las CA públicas. Algunos los llaman "el cártel". Los navegadores tienen un modelo de seguridad denominado "modelo de seguridad del navegador" o el "modelo de seguridad de la aplicación web". En este modelo de seguridad, se utiliza una colección de punto de anclaje confiable predefinido.
El cártel espera que los certificados de entidad final (servidor) sean firmados por una CA pública en la tienda de confianza que los navegadores lleven consigo. Hay una renuncia de mano con "carry-around" porque Chromium utiliza la tienda de confianza del sistema operativo.
Supongo que probablemente no instaló el certificado autofirmado correctamente para los otros navegadores que está probando.
No nos mostró el certificado que le está causando problemas, por lo que solo podemos especular si está bien formado o es válido. Pero intentaré responder a su pregunta sobre Uso de clave y Uso de clave extendida.
Mi archivo openssl.conf estaba estructurado así ...
[ mysection ]
keyUsage = digitalSignature
extendedKeyUsage = codeSigning
Esta es una combinación extraña. ¿Lo estás usando? Si es así, ¿por qué lo estás usando? (Sería útil si publicaste tu certificado).
A continuación se muestran algunos greps de certificados de Google, Microsoft y Yahoo. Sus certificados de servidor no incluyen la firma de código, e incluyen algún uso adicional.
$ openssl s_client -connect www.google.com:443 | openssl x509 -text -noout | grep -A 1 -i key
...
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
--
X509v3 Subject Key Identifier:
30:11:ED:AE:FE:C3:60:32:1D:CF:9C:B7:4B:B4:E3:DD:2D:1D:FC:40
--
X509v3 Authority Key Identifier:
keyid:4A:DD:06:16:1B:BC:F6:68:B5:76:F5:81:B6:BB:62:1A:BA:5A:81:2F
$ openssl s_client -connect www.microsoft.com:443 | openssl x509 -text -noout | grep -A 1 -i key
...
X509v3 Key Usage:
Digital Signature, Key Encipherment, Data Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
--
X509v3 Subject Key Identifier:
2B:DB:4A:3F:90:02:48:9E:0F:89:21:E2:EB:4A:73:1E:E0:0F:85:6B
--
X509v3 Authority Key Identifier:
keyid:EB:DB:11:5E:F8:09:9E:D8:D6:62:9C:FD:62:9D:E3:84:4A:28:E1:27
$ openssl s_client -connect www.yahoo.com:443 | openssl x509 -text -noout | grep -A 1 -i key
...
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
--
X509v3 Authority Key Identifier:
keyid:0D:44:5C:16:53:44:C1:82:7E:1D:20:AB:25:F4:01:63:D8:BE:79:A5
Certificado con Extended Key Usage solo funciona en Firefox ...
De acuerdo con RFC 5280 , Extended Key Usage es opcional. El otro estándar son los requisitos básicos de CA / foros del navegador , y es la política utilizada por la mayoría de las autoridades públicas para emitir certificados. No puedo decir lo que dice el CA / B BR con respecto a los certificados de entidad final porque es muy confuso.
Uso clave
En primer lugar, el uso de la clave para los certificados RSA suele ser digitalSignature
y keyEncipherment
.
Si tiene un certificado con parámetros Diffie-Hellman, entonces usaría keyAgreement
. Nunca he visto firmas con Diffie-Hellman (creo que es la firma de ElGamal), así que no creo que un cert con los parámetros de Diffie-Hellman deba incluir digitalSignature
.
No debe usar dataEncipherment
porque no quiere hacer un cifrado masivo con la clave; en su lugar, solo desea transportar una clave que se utiliza para el cifrado masivo (vis-à-vis keyEncipherment
).
Y no nonRepudiation
no significa nada, así que no lo use.
Uso extendido de clave
Segundo, el estado de los RFC (en la Sección 4.2.1.12): "[EKU] indica uno o más propósitos para los cuales se puede usar la clave pública certificada, además o en lugar de los propósitos básicos indicados en la extensión de uso de la clave" . Según los requisitos básicos de CA / foros de navegador , creo que el uso de clave extendida es opcional para los certificados de entidad final. Solo puedo decir "Creo" porque el Apéndice (B) (3) (G) es confuso. Sin embargo, estoy bastante seguro de que EKU es obligatorio para los certificados de CA subordinados.
Debido a que trato el uso de teclas extendidas como un atributo opcional, generalmente lo omito. Si fuera a incluirlo, usaría serverAuth
y posiblemente clientAuth
(deberían ser mutuamente excluyentes, pero a menudo los veo a ambos en un certificado).
Archivo de configuración
Aquí está el archivo CONF que utilizo para generar certificados autofirmados para las pruebas. Es mínimo y no incluye las secciones adicionales del archivo de configuración de OpenSSL. Nunca he tenido un problema con esto en bibliotecas o navegadores.
Deberá descomentar # extendedKeyUsage = serverAuth, clientAuth
y modificarlo según su gusto.
# Self Signed (note the addition of -x509):
# openssl req -config example-com.conf -new -x509 -newkey rsa:2048 -nodes -keyout example-com.key.pem -days 365 -out example-com.cert.pem
# Signing Request (note the lack of -x509):
# openssl req -config example-com.conf -new -newkey rsa:2048 -nodes -keyout example-com.key.pem -days 365 -out example-com.req.pem
# Print it:
# openssl x509 -in example-com.cert.pem -text -noout
# openssl req -in example-com.req.pem -text -noout
[ req ]
default_bits = 2048
default_keyfile = server-key.pem
distinguished_name = subject
req_extensions = req_ext
x509_extensions = x509_ext
string_mask = utf8only
# The Subject DN can be formed using X501 or RFC 4514 (see RFC 4519 for a description).
# Its sort of a mashup. For example, RFC 4514 does not provide emailAddress.
[ subject ]
countryName = Country Name (2 letter code)
countryName_default = US
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = NY
localityName = Locality Name (eg, city)
localityName_default = New York
organizationName = Organization Name (eg, company)
organizationName_default = Example, LLC
# Use a friendly name here because its presented to the user. The server''s DNS
# names are placed in Subject Alternate Names. Plus, DNS names here is deprecated
# by both IETF and CA/Browser Forums.
commonName = Common Name (e.g. server FQDN or YOUR name)
commonName_default = Example Company
emailAddress = Email Address
emailAddress_default = [email protected]
# Section x509_ext is used when generating a self-signed certificate. I.e., openssl req -x509 ...
[ x509_ext ]
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer
basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment
subjectAltName = @alternate_names
nsComment = "OpenSSL Generated Certificate"
# RFC 5280, Section 4.2.1.12 makes EKU optional
# CA/Browser Baseline Requirements, Appendix (B)(3)(G) makes me confused
# extendedKeyUsage = serverAuth, clientAuth
# Section req_ext is used when generating a certificate signing request. I.e., openssl req ...
[ req_ext ]
subjectKeyIdentifier = hash
basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment
subjectAltName = @alternate_names
nsComment = "OpenSSL Generated Certificate"
# RFC 5280, Section 4.2.1.12 makes EKU optional
# CA/Browser Baseline Requirements, Appendix (B)(3)(G) makes me confused
# extendedKeyUsage = serverAuth, clientAuth
[ alternate_names ]
DNS.1 = example.com
DNS.2 = www.example.com
DNS.3 = mail.example.com
DNS.4 = ftp.example.com
# Add these if you need them. But usually you don''t want them or
# need them in production. You may need them for development.
# DNS.5 = localhost
# DNS.6 = localhost.localdomain
# DNS.7 = 127.0.0.1
# IPv6 localhost
# DNS.8 = ::1
# DNS.9 = fe80::1