Re: remove passphrase from the key?
kloomis wrote: At 11:17 PM 3/6/2006 -0700, you wrote: The practical upshot of this is, yes, your apache configuration needs the privkey.pem file in order to do SSL/TLS at all. I have myServer.csr, myServer.cert and myServer.key located in ssl.csr, ssl.crt, and ssl.key respectively. The ssl.conf points to the cert and the key. There is a privkey.pem in ssl.pem, but there is no reference in the ssl.conf to it. I have these settings in the ssl.conf: # Server Certificate: SSLCertificateFile /etc/httpd/conf/ssl.crt/myServer.com.cert # Server Private Key: SSLCertificateKeyFile /etc/httpd/conf/ssl.key/myServer.com.key # Certificate Authority (CA): SSLCACertificateFile /etc/httpd/conf/ssl.crt/myServer.com.cert Should the private key be the .pem? Is the .key a public key? Where should it go? The private key (which also includes the public part) should be in the file referenced by SSLCertificateKeyFile. I think you did name the private keyfile something.key. SSLCertificateFile points to the certificate file which was generated by the CA (key and certificate may be in the same file). BTW, SSLCACertificateFile should contain you CA's cert. Ken. Hope it helps. Ted ;) -- PGP Public Key Information Download complete Key from http://www.convey.de/ted/tedkey_convey.asc Key fingerprint = 31B0 E029 BCF9 6605 DAC1 B2E1 0CC8 70F4 7AFB 8D26 smime.p7s Description: S/MIME Cryptographic Signature
Choice of CAs in SSL/TLS handshake
Hi, I came across the following problem: I do have two user CAs under the same root CA: Root CA |- User CA 1 - User Certificate 1 |- User CA 2 - User Certificate 2 I want to tell a webserver to accept certificates from User CA 1 but not from User CA 2. But: In openssl s_server AND in mod_ssl I can only specify a list (as file or directory) of trusted CAs. These are used for two purposes: a) the server puts all of them in his certificate_request message during SSL connection establishment. b) they have to contain the root certificate as trust anchor. What I need is a way to specify the requested client CAs WITHOUT the root certificate. Otherwise clients (Mozilla/Firefox) think that both CAs are accepted (because the root certificate is in the certificate request message). Any way to do this? Is this just a missing feature or do I read the RFC wrong? This is what RFC 2246 says about the request message (sec. 7.4.4): certificate_authorities A list of the distinguished names of acceptable certificate authorities. These distinguished names may specify a desired distinguished name for a root CA or for a subordinate CA; thus, this message can be used both to describe known roots and a desired authorization space. So it should be possible to provide only the certificate of User CA 1? (but then openssl s_server and mod_ssl do not find a valid root certificate.) Thanks for any help, Olaf -- Dipl.Inform. Olaf Gellert PRESECURE (R) Senior Researcher, Consulting GmbH Phone: (+49) 0700 / PRESECURE [EMAIL PROTECTED] A daily view on Internet Attacks https://www.ecsirt.net/sensornet __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Choice of CAs in SSL/TLS handshake
you can put CA2 as part of the revocation list? if CA2 is part of the client's CRL, then it will automatically be rejected..is this what you want? Thanks --G3 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Olaf Gellert Sent: Tuesday, March 07, 2006 5:26 PM To: openssl-users@openssl.org Subject: Choice of CAs in SSL/TLS handshake Hi, I came across the following problem: I do have two user CAs under the same root CA: Root CA |- User CA 1 - User Certificate 1 |- User CA 2 - User Certificate 2 I want to tell a webserver to accept certificates from User CA 1 but not from User CA 2. But: In openssl s_server AND in mod_ssl I can only specify a list (as file or directory) of trusted CAs. These are used for two purposes: a) the server puts all of them in his certificate_request message during SSL connection establishment. b) they have to contain the root certificate as trust anchor. What I need is a way to specify the requested client CAs WITHOUT the root certificate. Otherwise clients (Mozilla/Firefox) think that both CAs are accepted (because the root certificate is in the certificate request message). Any way to do this? Is this just a missing feature or do I read the RFC wrong? This is what RFC 2246 says about the request message (sec. 7.4.4): certificate_authorities A list of the distinguished names of acceptable certificate authorities. These distinguished names may specify a desired distinguished name for a root CA or for a subordinate CA; thus, this message can be used both to describe known roots and a desired authorization space. So it should be possible to provide only the certificate of User CA 1? (but then openssl s_server and mod_ssl do not find a valid root certificate.) Thanks for any help, Olaf -- Dipl.Inform. Olaf Gellert PRESECURE (R) Senior Researcher, Consulting GmbH Phone: (+49) 0700 / PRESECURE [EMAIL PROTECTED] A daily view on Internet Attacks https://www.ecsirt.net/sensornet __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
OpenSLL:Unable to load config file
Excuse me: When I create an certificate, encounter this error:Unable to load config file. The ditails below: My system enviroment:FC3 core + apache-1.3.33 +openssl-0.9.8 + mod_ssl-2.8.28 Install Mode :DSO when i excute command in shell: #openssl req -new -x509 -days 3650 -key ca.key -out ca.crt //ca.ke is already existed. Unable to load config info Enter pass phrase for ca.key:** unable to find 'distinguished name' in config problems making Certificate Request 8097: error 0E06D06A:configuration file routines:NCONF_get_string:no conf or enviroment variable:conf_lib.c325: //--- Openssl Location: /usr/bin/openssl /usr/include/openssl and there is a config file 'openssl.conf' in the source code directory which is already make make install How can I solve this problem? _ 与联机的朋友进行交流,请使用 MSN Messenger: http://messenger.msn.com/cn __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Choice of CAs in SSL/TLS handshake
Gayathri Sundar wrote: you can put CA2 as part of the revocation list? if CA2 is part of the client's CRL, then it will automatically be rejected..is this what you want? Nothing about revocation, both CAs are valid and should stay valid. I do have a User CA 1 for one type of service (or one group of users) and a User CA 2 for another kind of service. Both are under the same root CA. When I setup Apache/Mod_SSL I am not able to specify, that the Server should only request client certificates from User CA 1. It will always put the root certificate in the TLS certificate request and so the client assumes that it is ok to send a certificate from User CA 2... The only way to cope with this with Mozilla is to setup manual choice for the certificate (so whenever e certificate is necessary, the browser asks you, which is very often and annoying). So I am looking for a way to configure what the server sends in his client certificate request... (Anyone who knows better how the words in the RFC are meant, speak up now! :-)) Of course, thanks for your help, Cheers, Olaf -- Dipl.Inform. Olaf Gellert PRESECURE (R) Senior Researcher, Consulting GmbH Phone: (+49) 0700 / PRESECURE [EMAIL PROTECTED] A daily view on Internet Attacks https://www.ecsirt.net/sensornet __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Choice of CAs in SSL/TLS handshake
Hi, May be changing the verification of the depth level solve this issue. ( I mean check the chain only upto User CA 1 and not upto the Root CA ) In this case it should not report about missing valid root. Im not sure. this is just an idea. Regards, Samy Olaf Gellert [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 07.03.2006 12:56 Please respond to openssl-users@openssl.org To openssl-users@openssl.org cc Subject Choice of CAs in SSL/TLS handshake Classification Hi, I came across the following problem: I do have two user CAs under the same root CA: Root CA |- User CA 1 - User Certificate 1 |- User CA 2 - User Certificate 2 I want to tell a webserver to accept certificates from User CA 1 but not from User CA 2. But: In openssl s_server AND in mod_ssl I can only specify a list (as file or directory) of trusted CAs. These are used for two purposes: a) the server puts all of them in his certificate_request message during SSL connection establishment. b) they have to contain the root certificate as trust anchor. What I need is a way to specify the requested client CAs WITHOUT the root certificate. Otherwise clients (Mozilla/Firefox) think that both CAs are accepted (because the root certificate is in the certificate request message). Any way to do this? Is this just a missing feature or do I read the RFC wrong? This is what RFC 2246 says about the request message (sec. 7.4.4): certificate_authorities A list of the distinguished names of acceptable certificate authorities. These distinguished names may specify a desired distinguished name for a root CA or for a subordinate CA; thus, this message can be used both to describe known roots and a desired authorization space. So it should be possible to provide only the certificate of User CA 1? (but then openssl s_server and mod_ssl do not find a valid root certificate.) Thanks for any help, Olaf -- Dipl.Inform. Olaf Gellert PRESECURE (R) Senior Researcher, Consulting GmbH Phone: (+49) 0700 / PRESECURE [EMAIL PROTECTED] A daily view on Internet Attacks https://www.ecsirt.net/sensornet __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: OpenSLL:Unable to load config file
王 振江 wrote: Excuse me: When I create an certificate, encounter this error:Unable to load config file. The ditails below: My system enviroment:FC3 core + apache-1.3.33 +openssl-0.9.8 + mod_ssl-2.8.28 Install Mode :DSO when i excute command in shell: #openssl req -new -x509 -days 3650 -key ca.key -out ca.crt //ca.ke is already existed. Unable to load config info Enter pass phrase for ca.key:** unable to find 'distinguished name' in config problems making Certificate Request 8097: error 0E06D06A:configuration file routines:NCONF_get_string:no conf or enviroment variable:conf_lib.c325: //--- Openssl Location: /usr/bin/openssl /usr/include/openssl and there is a config file 'openssl.conf' in the source code directory which is already make make install How can I solve this problem? Tell OpenSSL where it can find the configuration file you want to use, either by using the -config parameter or by setting the environment variable OPENSSL_CONF. Be sure to edit the config file to match your needs... Hope it helps, Ted ;) -- PGP Public Key Information Download complete Key from http://www.convey.de/ted/tedkey_convey.asc Key fingerprint = 31B0 E029 BCF9 6605 DAC1 B2E1 0CC8 70F4 7AFB 8D26 smime.p7s Description: S/MIME Cryptographic Signature
Re: Choice of CAs in SSL/TLS handshake
Samy Thiyagarajan wrote: Hi, May be changing the verification of the depth level solve this issue. ( I mean check the chain only upto User CA 1 and not upto the Root CA ) In this case it should not report about missing valid root. Im not sure. this is just an idea. Good idea. But unfortunately it does not work out. I removed the root-certificate from the SSLCACertificateFile. The Server now only allows the user CA 1 (otherwise it still offers the root CA as valid CA). And I shortened the verifyDepth to one. But the server denies access saying: [Tue Mar 07 15:56:34 2006] [error] Certificate Verification: Error (20): unable to get local issuer certificate Seems that verifyDepth still requires a self-signed root certificate (so the chain has to reach the toplevel in the given number of steps). Hm... Any other proposals? :-) Cheers, Olaf -- Dipl.Inform. Olaf Gellert PRESECURE (R) Senior Researcher, Consulting GmbH Phone: (+49) 0700 / PRESECURE [EMAIL PROTECTED] A daily view on Internet Attacks https://www.ecsirt.net/sensornet __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Choice of CAs in SSL/TLS handshake
When you want to operate in this special CA filtering mode, you could hook the OpenSSL certificate validation logic. Your callback could then implement it's only validation logic and return a reject when you see a certificate you want to deny (even though it's valid). Randy On Mar 7, 2006, at 7:03 AM, Olaf Gellert wrote: Samy Thiyagarajan wrote: Hi, May be changing the verification of the depth level solve this issue. ( I mean check the chain only upto User CA 1 and not upto the Root CA ) In this case it should not report about missing valid root. Im not sure. this is just an idea. Good idea. But unfortunately it does not work out. I removed the root-certificate from the SSLCACertificateFile. The Server now only allows the user CA 1 (otherwise it still offers the root CA as valid CA). And I shortened the verifyDepth to one. But the server denies access saying: [Tue Mar 07 15:56:34 2006] [error] Certificate Verification: Error (20): unable to get local issuer certificate Seems that verifyDepth still requires a self-signed root certificate (so the chain has to reach the toplevel in the given number of steps). Hm... Any other proposals? :-) Cheers, Olaf -- Dipl.Inform. Olaf Gellert PRESECURE (R) Senior Researcher, Consulting GmbH Phone: (+49) 0700 / PRESECURE [EMAIL PROTECTED] A daily view on Internet Attacks https://www.ecsirt.net/sensornet __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
hmac.c
How can hmac.c(openssl/crypto/hmac) be used as pseudo random generator (to generate keys) and mac calculation? For both purpose i.e to generate keys and mac hmac.c is used. During keys 4th parameter of HMAC() is passed 0.AND During mac 4th parameter is message. prf= HMAC( md, key, keylen,(void *) ZERO, sizeof(int), dummy, len); mac = HMAC( md, key, keylen, msg, mlen, NULL, len); I did not get how this is working for key and mac both, -- View this message in context: http://www.nabble.com/hmac.c-t1243771.html#a3293262 Sent from the OpenSSL - User forum at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Choice of CAs in SSL/TLS handshake
I think verify depth of 1 will work only for self signed certificates, in this case it wont work, you should override the default certificate checking functions by registering ur own callback for this function pointer in ssl_st. int (*verify_callback)(int ok,X509_STORE_CTX *ctx) as you already know CA2 issuername and common name, you can reject that certificate if presented. Hope this helps. Thanks --Gayathri -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Olaf Gellert Sent: Tuesday, March 07, 2006 8:34 PM To: openssl-users@openssl.org Subject: Re: Choice of CAs in SSL/TLS handshake Samy Thiyagarajan wrote: Hi, May be changing the verification of the depth level solve this issue. ( I mean check the chain only upto User CA 1 and not upto the Root CA ) In this case it should not report about missing valid root. Im not sure. this is just an idea. Good idea. But unfortunately it does not work out. I removed the root-certificate from the SSLCACertificateFile. The Server now only allows the user CA 1 (otherwise it still offers the root CA as valid CA). And I shortened the verifyDepth to one. But the server denies access saying: [Tue Mar 07 15:56:34 2006] [error] Certificate Verification: Error (20): unable to get local issuer certificate Seems that verifyDepth still requires a self-signed root certificate (so the chain has to reach the toplevel in the given number of steps). Hm... Any other proposals? :-) Cheers, Olaf -- Dipl.Inform. Olaf Gellert PRESECURE (R) Senior Researcher, Consulting GmbH Phone: (+49) 0700 / PRESECURE [EMAIL PROTECTED] A daily view on Internet Attacks https://www.ecsirt.net/sensornet __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]