On 08/23/13 23:10, Paul Goyette wrote:
[---]
> I don't think I need anything fancy, just need to provide a secure
> channel between my local machine(s) and a remote imaps server, so that
> the server can authenticate me without sending a clear-text password on
> the wire.
I'm going to assume that you control the imap server (or have some
sort of influence over how it is configured).
> Suggestions, anyone?
Take a look at the attached scripts. I use them to quickly generate
keys and certificates in test environments at work, and they may be of
help. I have commented them a little so that people at work who are not
involved with PKI stuff will have a fighting chance to understand what
the relevant steps are.
I'm guessing that since you want something unfancy, yet are looking
for openssl commands, that you want to generate a CA certificate, a
server key+certificate and tell the server to use them, and then tell
the client to use TLS.
Save files somewhere, put the *.params under params/. Modify files
appropriately (for instance; set the mail server's fqdn in the
commonName field, change the number of days the certificates should
valid, names, email addresses, etc). You probably won't need
mkclients.sh and params/frank.params, but I included them for completeness.
Then:
1) Run ./mkca.sh
2) Run ./mkservers.sh
3) Run ./mkclients.sh (you probably don't need this)
.. if something fails ..
4) Run ./cleanup.sh and goto 1 to start over
(Don't worry about the warnings about it not being able to read
openssl.cnf. Do worry about errors, though)
Now you need to know how to configure your specific imap server.
Simply put the _CA certificate_, the _server key_ and the _server
certificate_ in a Good Place(tm), make sure that the server's key's
permissions aren't too liberal (some programs won't start if anyone but
root can read it), then point your imap server to use the certificates
and key. Then tell your imap client to connect to the server using SSL/TLS.
If you want mutual authentication, full certificate chain
verification, etc, then you need to generate the client certificate+key
(possibly putting it + key in a PKCS#12 file) as well, configure the
server to only allow clients which validate completely against the CA,
install the client certificate in the mail client, yadda, yadda, yadda..
Probably not best to get into right now.
Some points which you may not really care about now, but things which
could be worth making a mental note about:
- Anyone using RSA for signing today should be using RSA-PSS (these
scripts are for internal use in test-environments, so I haven't bothered..)
- The CA key is typically protected by a strong pass phrase (and,
even better, is stored on a system which has not network access at all).
- The server key typically doesn't have a pass phrase (or it could
block rc.d during startup..)
- There are other ways than using commonName to validate that the
certificate belongs to the domain the client is connecting to. Google
for it and you shall be enlightened, but again -- keeping it unfancy.
- The scripts are actually used on Windows, so I did a quick port and
didn't test them very well, so I wouldn't expect them to be entirely
problem free.
- Some programs require a CRL, so you may need to add that to the
server configuration as well.
.. etc ..
--
Kind regards,
Jan Danielsson
#!/bin/sh
rm -rf *.pem *.key *.csr *.srl crlnumber* index.* serial* newcerts *.crt *.crl
#!/bin/sh
# Initial certificate serial number
echo deadface > serial
# Initial certificate revocation list number
echo 01 > crlnumber
# Empty database
[ -f index.txt ] && rm index.txt
touch index.txt
[ -d newcerts ] || mkdir newcerts
# Create CA's key
openssl genrsa -out ca.key 2048
# Create CA certificate sign request, and dump it
cat params/ca.params | openssl req -new -outform pem -key ca.key -out ca.csr
-config openssl.cnf
openssl req -in ca.csr -noout -text
# Self-sign CA certificate, and dump it
openssl ca -selfsign -in ca.csr -keyfile ca.key -out cacrt.pem -days 3650
-config openssl.cnf -extensions v3_ca -batch
openssl x509 -noout -in cacrt.pem -text
# Make a BER (read: DER) encoded copy of the certificate
openssl x509 -inform pem -in cacrt.pem -outform der -out ca.crt
# Generate a certificate revocation list, and dump it
openssl ca -gencrl -config openssl.cnf -days 365 -out crl.pem -cert cacrt.pem
-keyfile ca.key
openssl crl -noout -in crl.pem -text
# Make a BER (read: DER) encoded copy of the CRL
openssl crl -inform pem -in crl.pem -outform der -out trustme.crl
# cleanup
rm ca.csr
#!/usr/bin
for user in frank
do
# Generate key
openssl genrsa -out ${user}.key 2048
# Generate certificate sign request
cat params/${user}.params | openssl req -new -outform pem -key
${user}.key -out ${user}.csr -config openssl.cnf
openssl req -noout -in ${user}.csr -text
# Sign CSR using CA
openssl ca -in ${user}.csr -out ${user}.pem -cert cacrt.pem -keyfile
ca.key -days 3650 -config openssl.cnf -extensions client_cert -batch
openssl x509 -noout -text -inform pem -in ${user}.pem
# cleanup
rm ${user}.csr
# Create a compound key+cert file
cat ${user}.pem ${user}.key > ${user}_cert_key.pem
done
#!/bin/sh
for NAME in mailsrv
do
# Generate key
openssl genrsa -out ${NAME}.key 2048
# Generate certificate sign request
cat params/${NAME}.params | openssl req -new -outform pem -key
${NAME}.key -out ${NAME}.csr -config openssl.cnf
openssl req -noout -in ${NAME}.csr -text
# Sign CSR using CA
openssl ca -in ${NAME}.csr -out ${NAME}.pem -cert cacrt.pem -keyfile
ca.key -days 3650 -config openssl.cnf -extensions server_cert -batch
openssl x509 -noout -text -inform pem -in ${NAME}.pem
# Make a BER (read: DER) encoded copy of the certificate
openssl x509 -inform pem -in ${NAME}.pem -outform der -out ${NAME}.crt
# cleanup
rm ${NAME}.csr
# Create a compound key+cert file
cat ${NAME}.pem ${NAME}.key > ${NAME}_cert_key.pem
done
# This definition stops the following lines choking if HOME isn't
# defined.
HOME = .
RANDFILE = $ENV::HOME/.rnd
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
[ new_oids ]
# testoid1=1.2.3.4
# testoid2=${testoid1}.5.6
#userId=1.2.63.75
####################################################################
[ ca ]
#default_ca = CA_default # The default ca section
default_ca = CA_mycerts
####################################################################
[ CA_default ]
dir = ./demoCA # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of
#
several ctificates with same subject.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
crlnumber = $dir/crlnumber # the current crl number
# must be commented out to
leave a V1 CRL
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem # The private key
RANDFILE = $dir/private/.rand # private random number file
x509_extensions = client_cert # The extentions to add to the cert
# Comment out the following two lines for the "traditional"
# (and highly broken) format.
name_opt = ca_default # Subject Name options
cert_opt = ca_default # Certificate field options
# Extension copying option: use with caution.
# copy_extensions = copy
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
# so this is commented out by default to leave a V1 CRL.
# crlnumber must also be commented out to leave a V1 CRL.
# crl_extensions = crl_ext
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = sha1 # which md to use.
preserve = no # keep passed DN ordering
# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_match
# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = match
localityName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
#serialNumber = optional
emailAddress = optional
#description = optional
#givenName = optional
#surname = optional
# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
#serialNumber = supplied
emailAddress = optional
#description = optional
#givenName = optional
#surname = optional
####################################################################
# Our own CA
####################################################################
[ CA_mycerts ]
dir = . # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of
# several ctificates with same subject.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
crlnumber = $dir/crlnumber # the current crl number
# must be commented out to
leave a V1 CRL
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem # The private key
RANDFILE = $dir/private/.rand # private random number file
x509_extensions = v3_ca # The extentions to add to the cert
# Comment out the following two lines for the "traditional"
# (and highly broken) format.
name_opt = ca_default # Subject Name options
cert_opt = ca_default # Certificate field options
# Extension copying option: use with caution.
# copy_extensions = copy
crl_extensions = crl_ext
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = sha1 # which md to use.
preserve = no # keep passed DN
ordering
# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_match
####################################################################
[ req ]
default_bits = 2048
default_keyfile = privkey.pem
default_md = sha1
distinguished_name = req_distinguished_name
attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert
# Passwords for private keys if not present they will be prompted for
# input_password = secret
# output_password = secret
#string_mask = nombstr
string_mask = utf8only
# req_extensions = v3_req # The extensions to add to a certificate request
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = US
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = MyState
localityName = Locality Name (eg, city)
localityName_default = MyCity
0.organizationName = Organization Name (eg, company)
0.organizationName_default = La Cosa Nostra
# we can do this but it is not needed normally :-)
#1.organizationName = Second Organization Name (eg, company)
#1.organizationName_default = World Wide Web Pty Ltd
organizationalUnitName = Organizational Unit Name (eg, section)
organizationalUnitName_default = Economics
commonName = Common Name (eg, YOUR name)
commonName_max = 64
#serialNumber = Serial Number
emailAddress = Email Address
emailAddress_max = 64
#description = Description
#description_max = 128
#givenName = First Name
#givenName_max = 32
#surname = Last Name
#surname_max = 64
# SET-ex3 = SET extension number 3
#userId = Unix User ID
#userId_min = 1
#userId_max = 5
[ req_attributes ]
#challengePassword = A challenge password
#challengePassword_min = 4
#challengePassword_max = 20
#unstructuredName = An optional company name
[ client_cert ]
# These extensions are added when 'ca' signs a request.
basicConstraints=CA:FALSE
# Here are some examples of the usage of nsCertType. If it is omitted
# the certificate can be used for anything *except* object signing.
# This is OK for an SSL server.
# nsCertType = server
# For an object signing certificate this would be used.
# nsCertType = objsign
# For normal client use this is typical
nsCertType = client, email
# and for everything including object signing:
# nsCertType = client, email, objsign
# This is typical in keyUsage for a client certificate.
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# This will be displayed in Netscape's comment listbox.
nsComment = "There is no conspiracy."
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
# An alternative to produce certificates that aren't
# deprecated according to PKIX.
# subjectAltName=email:move
# Copy subject details
# issuerAltName=issuer:copy
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
#nsBaseUrl
#nsRevocationUrl
#nsRenewalUrl
#nsCaPolicyUrl
#nsSslServerName
[ server_cert ]
# These extensions are added when 'ca' signs a request.
basicConstraints=CA:FALSE
# Here are some examples of the usage of nsCertType. If it is omitted
# the certificate can be used for anything *except* object signing.
# This is OK for an SSL server.
nsCertType = server
# For an object signing certificate this would be used.
# nsCertType = objsign
# For normal client use this is typical
# nsCertType = client, email
# and for everything including object signing:
# nsCertType = client, email, objsign
# This is typical in keyUsage for a client certificate.
#keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# This will be displayed in Netscape's comment listbox.
nsComment = "Trespassers will be shot. Survivors will be
shot again."
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
# An alternative to produce certificates that aren't
# deprecated according to PKIX.
# subjectAltName=email:move
# Copy subject details
# issuerAltName=issuer:copy
#nsCaRevocationUrl = http://www.secret.org/ca-crl.pem
#nsBaseUrl
#nsRevocationUrl
#nsRenewalUrl
#nsCaPolicyUrl
#nsSslServerName
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ v3_ca ]
# Extensions for a typical CA
# PKIX recommendation.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
# This is what PKIX recommends but some broken software chokes on critical
# extensions.
basicConstraints = critical,CA:true,pathlen:1
# So we do this instead.
#basicConstraints = CA:true
# Key usage: this is typical for a CA certificate. However since it will
# prevent it being used as an test self-signed certificate it is best
# left out by default.
keyUsage = cRLSign, keyCertSign
# Some might want this also
nsCertType = sslCA, emailCA
# Include email address in subject alt name: another PKIX recommendation
subjectAltName=email:copy
# Copy issuer details
issuerAltName=issuer:copy
nsComment = "Will sign anything for ice cream."
[ crl_ext ]
# CRL extensions.
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
# issuerAltName=issuer:copy
authorityKeyIdentifier=keyid:always,issuer:always
Certificate Authority
TrustMe CA 01
c...@secret.org
Rapture Citizens
Mr Bubbles
bubb...@creepy.org
Machines
mail.foo.org
ad...@foo.org
