Re: Why does OpenSSL own all the prefixes in the world?
On Wed, Sep 10, 2014 at 9:28 AM, Michael Wojcik michael.woj...@microfocus.com wrote: This is not the place to debate the relative merits of C, C++, or the chimerical monstrosity created by pretending the former is the latter. Suffice it to say that there are a number of people who do not agree with the claims you make for treating C as C++, and they are generally people who actually understand the C language. -- Well Michael, you're partly right. This isn't the place to debate the relative merits of C and C++, or any other language. But it smells a bit of extreme arrogance to suggest that those who disagree with you about the relation between C and C++ do not actually understand C. Really? You can't be serious. I have used both for decades. There is no doubt that they are different programming languages (so I don't fully disagree with you, but rather think your position is grossly over-stated). At the same time, they have so much in common that for many software engineers, C can, for practical purposes, be regarded as a useful subset of C++. This is certainly true in the suite of problem domains I usually find myself working on. But, no one would claim C IS C++, because C doesn't have templates, and thus template meta-programming, or classes, c. Even though I have been using C for decades, there are parts of the language I have never used. The same is true for C++. And, for those parts of each language that I do use, C is in fact a subset of C++ and I really do not care about the differences between the two as I do not use those parts of either language anyway. I am too busy getting production code developed, tested and deployed to spend much time worrying about such things: software that generates anywhere from hundreds of thousands of dollars to millions of dollars in revenue for the people for whom I develop the software. I am quite content to let language lawyers in academia argue about the differences between the languages (in the taxonomy of anything - natural and artificial languages, living things, academic taxonomists, there are lumpers who overemphasize similarities and splitters who overemphasize differences, and never will the two camps agree, though they DO tend to produce humorous flame wars that make all involved look foolish), but, being academics, they are not primarily focused on producing production quality software. The original question regarding C++ here involved the observation that use of C++, and specifically it's support for namespaces, may help address some, but not all, of the problems related to naming collisions. That observation is right, but it obviously will carry a cost. Whether that cost is warranted is a matter of opinion. Certainly it ought not be ruled out until all other options for solving the problem at hand have been examined and one, or a small set, of the available options have been demonstrated as providing the best solution and the least cost. It will be interesting to watch how the library evolves over the next decade. Cheers Ted -- R.E.(Ted) Byers, Ph.D.,Ed.D. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Why does OpenSSL own all the prefixes in the world?
On Tue, Sep 9, 2014 at 2:42 PM, Iñaki Baz Castillo i...@aliax.net wrote: The (bad) idea of using C++ namespaces was just targeted for those integrating OpenSSL into their own C++ projects. Now, I would have said that using C++ namespaces was a good idea and perhaps it might be motivation to replace the MACROs by something more useful, El 09/09/2014 20:39, Larry Bugbee bug...@seanet.com escribió: In the FWIW column Please don't mangle names by forcing C++ namespaces. Some us call OpenSSL from Python (and other dynamic languages) and depend on the C naming convention. Adding a OSSL_ prefix is fine; mangling creates huge problems. I use a number of such languages and it isn't all that hard to mix them with C++ (in sme cases, I'd extend them using C++ code, for the sake of performance). In the case of Python, for example, there is a boost library designed specifically for that purpose. From my perspective, that is not a big problem. Rather, it is just one of countless things I routinely have to deal with: just the cost of getting things done. Cheers Ted -- R.E.(Ted) Byers, Ph.D.,Ed.D. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Help diagnosing SSL connection problem needed
Hi Kyle, Thanks See below On Thu, Aug 7, 2014 at 4:47 PM, Kyle Hamilton aerow...@gmail.com wrote: Your client is saying that it's failing the certificate verification of the server certificate. It's probably not using the CAfile that you passed to openssl s_client. -Kyle H Actually, I can confirm that it is using the same CAfile that is used by my call to openssl s_client. But, it doesn't get that far, as it appears the server is not sending it's certificate. I assume Wireshark can be helpful, but I an very new to using it. Can you tell me how to tell it to look at any traffic on port 8443 (or between my workstation and a specific ip address), as well as to let me see the data in plain text rather than hex? Thanks Ted -- R.E.(Ted) Byers, Ph.D.,Ed.D. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Help diagnosing SSL connection problem needed
connect to n.n.n.n:8443 (certificate verify failed) ted@linux-jp04:~/Work/Projects/FirstData The error SSL routines:SSL3_GET_SERVER_CERTIFICATE seems self explanatory, but what I can't figure out is why communication happens properly when I use openssl s_client, with the CA authority cert and the client side cert and key, but I can't successfully get the server cert, even though my perl code provides the same information, ultimately to openssl library code. I can post my Perl code, if there is someone in this forum who knows Perl, and especially the libraries used to handle HTTPS communications (and how to get better debugging information from them - I have IO::SOCKET::SSL DEBUG variable set to 3, which is the highest debug level available, providing the most information, available, according to the docs). I would appreciate advice on the best way of using Wireshark to provide useful, actionable information; or advice on how to provide the Wireshark logs to you in a way that is useful to you in helping me debug this. I have the CA root cert, used to sign both the server's cert and the client cert, and obviously, I have both the client's key and cert, if any of these files can be used to help Wireshark provide more useful information; but I have no idea how to tell Wireshark to use them, if in fact using them would be useful (I started working with Wireshark this past Friday). Thanks Ted -- R.E.(Ted) Byers, Ph.D.,Ed.D. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: comment on donations
On Fri, Apr 11, 2014 at 1:23 PM, Steve Marquess marqu...@opensslfoundation.com wrote: On 04/11/2014 11:57 AM, Lou Picciano wrote: Thanks, Steve, ... for your hard work, and that of the other Team Members. This week's 'excitement' illustrates how important it us to all of us. (would be great to find a way around those 'hefty PayPal fees.) I'm open to suggestions. Not only is PayPal a pain to deal with on the receiving end, but there are restrictions on extracting funds and I've learned that PayPal is not available in some countries. Swift/IBAN electronic bank transfers as done in most of the world are difficult here, with fees. I could set up a charge card (Visa/Mastercard) merchant account, but the recurring fees for that would eat up much of what is typically received in donations (and I don't expect the current volume of donations to continue indefinitely). I am looking into the suggestions for Bitcoin payments. -Steve M. I am not familiar with Bitcoin, but work in the ecommerce industry (particularly in the risk mitigation technology side of things at the application and business logic level). There is a huge variation in the fees charged by processing banks, both between banks and, for any given bank, the risk the bank perceives to be inherent either in the vendor's industry or inherent in the vendor itself. I have seen setup fees as low as a few hundred US$, and higher than US$1,000. There is similar variation in monthly fees. I can't recommend a processing bank with low fees as I am normally working to provide support for high risk merchants (so I normally see the higher end of the range of fees). And, per transaction fees can vary from a few pennies per transaction up to $0.50 or $0.60 per transaction. And on top of that, they take a percentage of the volume (I have seen a range from less than 5% to well over 10%). With an annual volume of about US$2,000, I could see the monthly fees alone taking 50% to 60% of your gross. With such low volume, I wonder if it is worth it, over just asking supporters to send a check or money order. Have you checked out Google and Amazon's payment services? I have heard they exist, but haven't checked them out for cost (I may do so, and soon, as the Canadian bank's support for ecommerce leaves everything to be desired: try finding any documentation for their API, or even if they have such an API, for any of the big 5 in Canada). Cheers Ted Cheers Ted -- R.E.(Ted) Byers, Ph.D.,Ed.D. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: comment on donations
On Fri, Apr 11, 2014 at 2:20 PM, Ted Byers r.ted.by...@gmail.com wrote: Have you checked out Google and Amazon's payment services? I have heard they exist, but haven't checked them out for cost (I may do so, and soon, as the Canadian bank's support for ecommerce leaves everything to be desired: try finding any documentation for their API, or even if they have such an API, for any of the big 5 in Canada). Cheers Ted Cheers Ted -- R.E.(Ted) Byers, Ph.D.,Ed.D. My curiosity being piqued, I took a look, and both Google and Amazon have the same transaction fees as Paypal ($0.30 per transaction, and 2.9% of the volume), and, Amazon HAS NO SETUP, MONTHLY, CANCELLATION, or FRAUD PROTECTION FEES. That makes tham a bargain. And guess what I just found. ;-) Amazon has special discounts for icropayments and nonproft organizations. I do not know if you're a 501(c)3 non-profit, but if you are, then your rate would be 2.2%, along with the $0.30 per transaction. Check it out on https://payments.amazon.com/business/pricingPlan, and links on that page. But, if you can live with $0.30 per transaction, and 2.9% volume (or 2.2% if you're a 501(c)3 organization), then Amazon may be an excellent alternative to Paypal. I just learned, to my chagrin, that Google has shut down their checkout service, and passed that business off to Braintree (https:///www.braintreepayments.com/google-checkout?partner_source=google-checkout, whose fees are 2.7% and $0.30 per transaction AND NO OTHER FEES. Braintree may thus also be an excellent alternative to Paypal. I know nothing of Braintree's reputation, but Amazon's reputation is outstanding. Cheers Ted -- R.E.(Ted) Byers, Ph.D.,Ed.D. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: comment on donations
Thanks Jeff, On Fri, Apr 11, 2014 at 4:54 PM, Jeffrey Walton noloa...@gmail.com wrote: On Fri, Apr 11, 2014 at 2:20 PM, Ted Byers r.ted.by...@gmail.com wrote: On Fri, Apr 11, 2014 at 1:23 PM, Steve Marquess marqu...@opensslfoundation.com wrote: ... Have you checked out Google and Amazon's payment services? I have heard they exist, but haven't checked them out for cost (I may do so, and soon, as the Canadian bank's support for ecommerce leaves everything to be desired: try finding any documentation for their API, or even if they have such an API, for any of the big 5 in Canada). Google Wallet (I think that's what it was called) sucked from my past experience. Failed authorizations gave ambiguous or incorrect reasons; and once a transaction was corrected, there was no way to resubmit or re-try the transaction. There were a few times my transaction was blocked due to DLP. Once I called the bank and cleared it, I had to submit a new transaction because the previous could not be re-tried. Then, the new transaction caused the past transaction to be re-tried, so I'd end up with two orders. Then there was no way to contact a real person at Google to fix it (only self-help crap). This is good to know. It is hardly the first transaction processing service that lI have encountered that leaves something to be desired. I wonder, now, if Braintree is better (at least they appear to have real people that can be contacted). Its been my experience that Amazon is better. I've gotten the books and hardware I've purchased through them. But I never experienced Google-like problems with Amazon, so I don't know Amazon reacts to adverse events like stalled transactions (perhaps that speaks volumes in itself). Yes, it does. On the down side, though, as a vendor, the customers from whom you can accept payment are limited to those who have Amazon accounts (unless I misunderstood some of their documentation), but if they have an easy means for your other customers to create Amazon accounts, that may not be a significant gotcha. One of the things I occasionally have to do is connect my systems to processors we haven't dealt with before, and every one of them has an issue or three that, shall we say, makes life interesting. You wouldn't believe the amount of extra code I have had to write to deal properly with deficiencies in the processor's services. :-( Your mileage may vary. Jeff Thanks Ted -- R.E.(Ted) Byers, Ph.D.,Ed.D. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: comment on donations
On Fri, Apr 11, 2014 at 6:50 PM, Geoffrey Coram gjco...@gmail.com wrote: On 04/11/2014 14:46, Ted Byers r.ted.by...@gmail.com wrote: And guess what I just found. ;-) Amazon has special discounts for icropayments and nonproft organizations. I do not know if you're a 501(c)3 non-profit, but if you are, then your rate would be 2.2%, along with the $0.30 per transaction. Check it out on https://payments.amazon.com/business/pricingPlan, and links on that page. PayPal also has a non-profit rate; our parent-teacher organization qualified for it. Same 2.2% + $0.30. Interesting. Are there setup or monthly fees for a vendor to worry about? The prices you mention are certainly competitive. What is your experience with the quality of their service? Are there any gotchas to worry about? What is it about their terms of service that make them less than optimal? Cheers Ted -- R.E.(Ted) Byers, Ph.D.,Ed.D. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL Security Advisory
How do I determine whether or not the web servers I run are affected? They are Apache 2.4, built for 64 bit Windows and downloaded from Apachelounge. I have no idea what version of openssl it was built with. Does anyone here know if the feature that introduces the risk can be turned off, without introducing other risks? If so, how? Also, could the security keys we bought have been compromised? Any advice on how I can protect my servers better would be appreciated. Thanks Ted -- R.E.(Ted) Byers, Ph.D.,Ed.D. On Mon, Apr 7, 2014 at 4:31 PM, OpenSSL open...@openssl.org wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [07 Apr 2014] TLS heartbeat read overrun (CVE-2014-0160) == A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server. Only 1.0.1 and 1.0.2-beta releases of OpenSSL are affected including 1.0.1f and 1.0.2-beta1. Thanks for Neel Mehta of Google Security for discovering this bug and to Adam Langley a...@chromium.org and Bodo Moeller bmoel...@acm.org for preparing the fix. Affected users should upgrade to OpenSSL 1.0.1g. Users unable to immediately upgrade can alternatively recompile OpenSSL with -DOPENSSL_NO_HEARTBEATS. 1.0.2 will be fixed in 1.0.2-beta2. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBCAAGBQJTQt1bAAoJENNXdQf6QOniGhkP/AjjZgV+g7ZyxnxdnvA2+sdV sxNso208Cod8DKnDONtXHuPTkTFfyHl72FM1ea99woe3X6JWj3PyiZGvSfeo4Jj/ QiDJvvcHc5Xq00gAr6MIarhMJbRtYkM+Th6PPXyqODYcb/pDoqy5VWo/R9QkZTPn zaiXPyapJB/qSYo4UqXWerT9YTLdYmiro//kQN0U/SedF/fNz4CEBcMyz6z7YJAC LFoE6Vf54PAkNvxjcX9ugIKluBMk5YONRG8PB0X/UDwf9Kj4L6OTT51x1yeFw3Sg GzTqvKD+2JWzFDCcfJULRCSCEwHhKbjR7n3sI1RPaaEWp5E63+9HSMRYjVOFIwt/ OTrMPbW1BEiX0A7NB7HSrrvddnYd3sz8A44v00oesr+XaW5nyu79IndQwLhPkKYF Dkb67quw/tfV6Y1r4sETqSd2FrM7MpFzltywMKzVKWNpMSwOAWSBGUl7VH0m84Ty zAufUSEnYIA3dMC2DnHie+ot4WnjJlTErBmfUb/QNbNYDt0vjhS60oydP1NJ8AlG aoUK7mslOlVCauAIeGNbi4PzJ+LvWYmyFFGT+M1/UOBZFFvG7jsReBjTIu9dg3Za S7NE7CeMvRRpOEm1+T9L8a26/c6C9dwF7JPQvMpTR3BeT2jjkYe8rdTCkT91g1sd J37YgDNuefzrsA+B5/o7 =szjb -END PGP SIGNATURE- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL Security Advisory
Thanks Rich, I have obtained the new, patched, release of Apache from Apache lounge, and applied the patch to one server, which the online services say fix the problem on it, but your simple way of checking still says heartbeating at the end. Does that mean that the patch didn't truly work? I get the heartbeating message on both unpatched and patched servers. Should that make me worry about the patched machines? Thanks Ted -- R.E.(Ted) Byers, Ph.D.,Ed.D. On Wed, Apr 9, 2014 at 9:54 AM, Salz, Rich rs...@akamai.com wrote: Ø How do I determine whether or not the web servers I run are affected? Here's a simple way: echo B | openssl s_client -connect $HOST:$PORT if you see heartbeating at the end, then $HOST is vulnerable. How can you tell if private keys have been taken? You can't, really. You can estimate the likelihood by looking closely at how OpenSSL_Malloc() return values are used and layed out. The risk is that an allocated ssl-record buffer is right up against a private key being stored. /r$ -- Principal Security Engineer Akamai Technology Cambridge, MA
Re: OpenSSL Security Advisory
Thanks Patrick. Apache lounge already has a patched release released. So, once I deploy that, and get my certificates reissued, I ought to be OK. Thanks Ted -- R.E.(Ted) Byers, Ph.D.,Ed.D. On Wed, Apr 9, 2014 at 8:37 AM, Eisenacher, Patrick patrick.eisenac...@bdr.de wrote: Hi Ted, -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl- How do I determine whether or not the web servers I run are affected? They are Apache 2.4, built for 64 bit Windows and downloaded from Apachelounge. I have no idea what version of openssl it was built with. Does anyone here know if the feature that introduces the risk can be turned off, without introducing other risks? If so, how? you can check for yourself: - http://filippo.io/Heartbleed/ - http://possible.lv/tools/hb/ - https://github.com/noxxi/p5-scripts/blob/master/check-ssl-heartbleed.pl Also, could the security keys we bought have been compromised? Certainly yes. You should replace them. I read today that some CAs offer free replacements. HTH, Patrick Eisenacher
How do RAs fit in with the use of CAs?
I have been working through a tutorial that talks about the use of openssl, creating root, intermediate, and signing CAs. While the front page mentions RAs, it says nothing about how they fit, as one is creating CAs, and crts. The only thing that it says is that an RA may be the same as a CA. But what, precisely, does that mean? And, it says nothing about how to proceed if the RA is NOT the same organization as the CA. When actually using openssl to make certificates, and the RA is a different organization from the CA, is the RA functionally just as a signing CA? Please consider the following case. - there is one root CA - there is one RA specializing in server identities - organization A - there are three different RAs specializing in client identities - organizations X, Y, and Z - servers that have used the services of organization A will accept only client side certificates for people whose identities have been verified by organizations X, Y, or Z Am I right in assuming that in this case, organizations A, X, Y, and Z will all function as signing CAs, using certificates signed by the root CA, and that if, say, Apache's web sever has the root CA's CRT, as well as the right server key and crt, that it will then accept connections from clients that have certificates signed by organizations X, Y, or Z? On the question of making client side crtificates, is it possible to make the user using that certificate enter a password the first time the certificate is used in a given session on a given server, or is the requirement for use of decent login credentials a matter of displaying a login page only to those users that present an acceptable certificate, and proper session management after that? Thanks Ted __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
DN attributes questions, and OpenSSL/GnuPG interoperability
I found the following using Google. ===begin quote=== IETF PKIX (latest version RFC 5280) is a well accepted profile for certificates. From section 4.1.2.4, the following fields must be supported (I've added between parenthesis is the OpenSSL long and optional short name): country (countryName, C), organization (organizationName, O), organizational unit (organizationalUnitName, OU), distinguished name qualifier (dnQualifier), state or province name (stateOrProvinceName, ST), common name (commonName, CN) and serial number (serialNumber). There's also a list of element that should be supported: locality (locality, L), title (title), surname (surName, SN), given name (givenName, GN), initials (initials), pseudonym (pseudonym) and generation qualifier (generationQualifier). =end quote=== But in Kleopatra, on OpenSuse 12.3, which I am trying to learn, I see in the DN-Attribute page, items like domain component (DC, I really don't know what this is), EMAIL, MAIL,MOBILE, PC, STREET, TEL, among others. However, when I use openssl to create a CSR, whether for a website or for a client side certificate, I am neveer prompted even for items like SN or GN, let alone STREET. Obviously, for a website, normally associated with a business, GN and SN aren't relevant, but items like STREET, PC, would be, and I am never prompted for those when trying to create a CSR for a website. And for client side certificates, I want the user's first and last names, mailing address, phone, c. in the certificates produced. How do I get tht information into the CSR/CRT files? I note that Kleopatra has a special section for GnuPG, but not one for OpenSSL. I know the two are note the same, but are they interoperable? That is, are GnuPG and OpenSSL client side certificates interchangable, in a single PKI system? Thanks Ted __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
A couple usability questions:
I have been working through the tutorial at http://pki-tutorial.readthedocs.org/en/latest/ There are a number of things that aren't clear. 1) Am I right in assuming that the various commands in that tutorial can be performed as an ordinary user in a working directory in that user's home directory? Or do they have to be done as user root in /etc/ssl? Or does that depend on the command? If the right answer is the latter, can you tell me which can be performed by a mere mortal and which ought to be done as root in /etc/ssl? 2) One frustration is that the sample config files have neither comment nor even a listing of possible valid values to enter, now what the values provided mean. Am I right in guessing, from some of the examples, that the same client side certificate can be used both for email and for client authorization? If the recipient of a client side certificate is not part of an organization (that the CA cares about), can one enter the client's complete mailing address and phone numebrs, and if so how? Also, while I am not interested in code signing, I am interested in document signing, ideally including both server and client signing a given document that has been presented in the client's browser (the client being permitted at that stage only to accept and sign, or to decline, a document already signed by the server. Can both the server's certificate/key, and the client's certificate/key (this is not yet clear in my mind, but I half suspect it must be the key associated with the certificate that must be used for signing, but the certificate to verify identity) serve both the requirement to verify each party's identity and to sign a document (to provide non-repudiation functionality and to assure both parties tht the document has not been altered once each has signed? Some guidance on this, or a web tutorial on this specific topic would be greatly appreciated. 3) A big one for me is that there is brief mention of registration authorities, and that they may be different from the CA or the CA may be the CA, but there is no information provided as to how or where the registration authority information can be included in the certificates. The particular configuration I am looking to try involves a root CA, a non-root CA, and then multiple registration authorities. Part of the idea, here, is that the entities I envision making registration authorities already do the due diligence required to verify the identities of both server entities and client entities, so it ought to be trivial to add the support for server and client certificates on top of that with modest incremental cost (NB: these guys have to verify identities as part of the due diligence they must do anyway in support of their primary business activity). Some guidance on this, or a web tutorial on this specific topic would be greatly appreciated. One thing I am certain of is that there already exists a trust relationship among the entities I hope to make registration authorities, so the identity of the registration authorities ought not impinge on the acceptability of the certificates produced based on the results of the work done by any of them. But how that would work in the context of creating the CAs I need I do not know. Any guidance on these specific questions would be greatly appreciated. Thanks Ted __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Best practices guidance for using OpenSSL to make cetificate authorities
I found a Linux FAQ dealing with this subject, but it is very dated (11.5 years old) and I do not know how much has changed since it was last updated. While I am a programmer, I am looking only to use openssl to make the certificates and keys I need, and not to create new programs using openssl (unless in the course of my studyign the use of openssl, I find I need to write some custom code). Here is what I want to do. I want to create a certificate authority to make certificates for a couple of my web servers, for the purpose of having support for HTTPS, and if possible sign selected documents that are then served to the user's browser (just those I selected, not all by any means); with the ability to let the user download the certificate to let him trust the server afterwards. I also want to support creating client side certificates that support encrypting and signing emails and form data on web pages (to support non-repudiation, with the assurance that the signed document was not altered since it was signed). None of the certificates I need need support for code signing. Do I need both root and non root CAs, or will a root CA suffice by itself. And where should the keys and certificates be placed on Ubuntu and Suse (I have both), and should I do all this as a normal user or as root (NB: I am still trying to learn anough about administering Linux that I can at least deal with the things I need to do on my Linux boxes, so it is OK to be a little pedantic)? I am a bit concerned about usability on the server as the FAQ I have been reading (actually one of the clearest I have seen even though it is old), since it says I should not remove the pass phrase from the certificate, but I would think that would make HTTPS unusable since it would ask the user for a password each time he asks for a resource from the server. At the same time, can I force a requirement that the client side certificates require a password that has a reasonable strength? If so, how? And for all this, will one opeenssl.cnf suffice, or do I have to make several? Finally, is there a good document or example that tells me not only what cofiguration options are available to enter in openssl.cnf, but what values will provide me with the best security for the longest period consistent with what is supported in the most commonly used browsers? Something that says something like 'This is X, and it is for Y, but do not touch it unless you know what you're doing', and yet provides no guidance for further reading so the user can learn what he needs to know about all of it, is not so useful for my purposes. NB: This is primarily for my own education. Thank you for your time. Ted __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
How do I get the .key file, to put on the server (for use by Apache httpd)
I issued the following command (with my own name in place of privkey) openssl genrsa -out privkey.pem 2048 I then made the csr using openssl req -new -key privkey.pem -out cert.csr That is simple enough. But, I need a .key file to deploy on the server beside the crt files. If I understand these commands well enough, privkey.pem ought to contain the private key, but how do I get the right .key file from it. Surely it is not as simple as openssl rsa -in veripay.pem -out gw.veripay.co.uk.key (which makes a file, but since I am not sure of it, I do not want to deploy that file yet, least I make the web server fail to start (and it is in production use, and I do not have a system administrator to ask). And while I am at it, how would I modify the above commands so that I get the .key file right at the start, when I make the key, rather than having to try to recover it from the pem file? Thanks Ted __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
How do I mount a NAS device?
I obtained a NAS, with a view toward running MySQL on a sever running MS Small Business Server 2003 (yes, I know, it is old, but I don't have authority to upgrade it or wipe it and install Linux on it). Anyway, the latest version of MySQL will not run on that machine. Therefore, I intend to run MySQL on the latest Suse (12.3) on a much newer server that I have almost fixed (this machine will have a 256 GB SSD). So, unless I can mount the NAS in such a way that MySQL on Suse can find it, the 4 TB NAS goes to waste (even though all machines on my LAN can see it and browse to it, which is fine if I only want to use Windows Explorer, or it's Linux equivalents, to copy files to it - but even on Windows, MySQL doesn't seem to see it unless I have mapped a specific MAS folder to a local drive letter, so I assume something similar is true on Linux). Hence my question. NB: I am a programmer, not a system administrator, so I am at a loss as to how to do this. NB: I did a Google search, which resulted in a very poor signal to noise ratio, but ended up confused by the different instructions given for the different distributions. And, worse, a lot of the pages I found were as old as that ancient SBS machine I can't use for this purpose. Obviously, things have changes a lot since then. So, then, how do I do this on the latest Suse releases (12.x)? Thanks Ted __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
How to debug notifications about failed authentication
I installed the 64 bit Opensuse 12.3 (with KDE) on a small, entry level server. Things generally went flawlessly, with one minor annoyance. I get a 'Notification' every few minutes that says, Authorization failed on one line, and Failed to obtain authentication on the next. It gives me only the option to dismiss the nitification by clicking the little 'x' at the top left of the notification window. It does not seem to be causing any harm, as the apps I usually use seem to work as expected. But what is really annoying is that this notification tells me precisely nothing about what program is producing the notifications or what service it is failing to get authorization for. I want notifications, when there are updates available for the system, and would like to be able to resolve problems that arise that cause notifications as they arise. As I am a programmer, and not a system administrator, and with limite experience with Linux anyway, I have no idea even where to look to find out what is happening. So, where do I start? I'll appreciate any information I receive. Thanks Ted __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Reg: The private key installation on the client side
Hi Jakob On Fri, May 24, 2013 at 11:57 AM, Jakob Bohm jb-open...@wisemo.com wrote: On 5/24/2013 9:47 AM, keshava jm wrote: [snip] The intended and proper way to do things is: 1. The CA creates its own private key, which is kept in a very secure place (like a computer with no network connections, rigged with dynamite to self-destruct if tampered with and placed in a deep underground bunker surrounded by armed guards instructed to let no one (not even each other) inside except for the designated CA head signers, who must enter together to watch each other behaving properly. This is what VeriSign Inc (now part of Symantec) and GlobalSign Inc. did years ago, including the live explosives! For a private company CA, less extreme measures will do. 2. The CA (as the only person) uses its private key to create a self-signed certificate with the CA:TRUE attribute etc. This certificate will have a very long lifetime (decades usually). 3. The CA publishes, in some very hard to falsify place, like a huge stone monument, this certificate, or at least its strong check sum (SHA-256 or stronger). In the real world, a copy is hand carried to specific offices at Microsoft, Google and Mozilla who put the CA certificate into their next software updates. For a private company CA, the CA certificate is just installed on all the computers by the head sysadmin, using his boss privileges. 4. Each client creates his own private key, which he tries to keep secure as best he can. Then uses it to sign a request (e.g. with openssl req -new) specifying what he wants his certificate to say his name etc. is. 5. The client sends this request to the CA front office. Clerks at the CA front office then performs various checks to make sure the client really is whom he claims (in the request) to be, and that it is really him that requested this. If all is OK, they hand the request over to the CA head signers. For a private company CA, the clerks are just the regular IT or HR staff, who know all the employees and servers personally. 6. The CA head signers carry a pile of already proven requests they got from the clerks into the bunker and use commands such as openssl ca to create matching certificates signed by the CA's private key and listing the name of the CA's own certificate as the issuer, each certificate will also have a unique serial number. While they are there, they also sign a long list of all the certificates that have been cancelled until to date (a CRL). 7. The CA clerks send the signed certificates back to the clients. They also publish the list of cancelled certificates on their web site in a file format called a CRL. 8. The client now uses his certificate with his secret private key to sign stuff such as e-mails and checks, each signature includes a copy of his certificate. 9. Each person receiving the signed stuff has previously gone to the big stone monument and copied the genuine CA certificate into his computer. Once a day or so, they also download the latest list of cancelled certificates and checks that it was signed by the CA, and is dated today. When they receive the signed stuff, they check that it was signed in a way that matches the public key in the certificate, that the certificate itself was signed in a way that matches the public key in the CA's certificate and that the clients certificate is not on the cancelled list (there are other checks too, but the computer does all the work). If all is well, they believe that the stuff really came from the client and that the client is who the certificate says he is (because they trust the CA clerks to do this right). 10. If the clients private key is ever stolen, the client is required (by contract and/or law) to tell the CA clerks, who will add the certificate to the list of cancelled certificates so no one will believe signatures made by the thief. The same is done if the client loses his right to the certificate in some other way, e.g. a company employee being fired from the job position listed in the certificate, or a server being uninstalled. This is without question the best and clearest exlanation of all this. Thank you. Do you know of a web resource that explains this just as clearly and which adds information, such as what software is involved in each stage, and how it is used (yes, I have seen the Apache documentation for configuration to use client side certificates, but a reference manual is not the same as a textbook or tutorial). For example, I have seen, and am still investigating, the use of JavaScript in a client's browser to distribute client side certificates (obviously, involving a connection over HTTPS, to a site that requires single use credentials, issued by a RA, along with a series of challenge/responds question and answes to verify user
Re: how to STORE encrypted string in database
There is greater need for precision in what is desired. Doing a base64 encoding and storing encrypted data are two entirely different matters, required sometimes in quite different circumstances. I generally do not bother with encoding as that is not normally needed in what I do, but a 30 second search using google found this somewhat dated note: http://www.ioncannon.net/programming/34/howto-base64-encode-with-cc-and-openssl/ Perhaps someone who knows openssl much better than I can tell us if the information contained in it is still accurate. My experience with openssl is primarily in using it to create and manage certificates. Any handling of encrypting and storing data, I typically divide between whatever RDBMS I am using for a given task and perl. That said, if the only real requirement is to store encrypted data in a database, the task is dirt simple (or perhaps simpler, as a soil scientist would probably tell us that dirt isn't so simple). First, one must recognize that the encrypted data is binary data, not plain text (i.e., for the OP, what blowfish returned to you wasn't a string at all, but rather binary data, and it is a mistake to try to treat it like a string). Once you know that, then the task becomes as trivially simple as to define the field in the table that is to hold that data to be of type varbinary, with a suitable maximum length. That is fairly standard across RDBMS. It is available in all the RDBMS I have worked with (MS SQL Server, MySQL, PostgreSQL), and has been for a rather long time.The connector library documentation you use to connect to whatever database you're using ought to have sufficient documentation on how to handle varbinary data. And, of course, if you're storing encrypted data in your database, you must ensure that you are storing everything you need to be able to decrypt it (and there is little point in storing it encrypted if the key used is stored in the same database, as any bad guy who gains access to your DB has thus access to both the encrypted data and the key needed to decrypt it, but that gets to an issue in the architecture of the software system you're building, and I am sure you don't wwant me to talk about use of multiple servers on multiple subnets each separated from the others by firewalls using a blend of techniques such as IP filtering - my enthusiasm for paranoia might just get the best of me if I do ). Cheers Ted __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
I need a little guidance on openssl.cnf contents
I am afraid I have not found adequate documentation that I can use to guide me in editing the contents of openssl.cnf. The comments within the file do not tell me enough about good values to use for the different options that are available. Here are my objectives: 1) A single certificate authority, used by multiple registration authorities. 2) Support for generating client side certificates, in response to a request made by a client through a form that contains the keygen HTML tag (and after a series of challenges and responses to verify identity), with the following properties: a) requires a password every time the client uses it b) supports, with the corresponding private key, encryption and signing of the contents of the fields of the form which is accessable only by using the certificate, (to support non-repudiation). c) a client may have multiple certificates permitted by multiple registation authorities, with different IDs (for access to different accounts, so a client may have multiple IDs even from the same registration authority, but for access to different accounts), and the question becomes how to ensure the client uses the right certificate for each account. But at the same time, few of the clients in question are part of any particular organization. And related questions: 1) Given that I'd like to store a copy of the certificates' public key, in a table which maps the certificate to the user's IDs, a) what data type would be most appropriate, and b) if I have a web page into which the user can enter the client's ID and paste the contents of a file that has allegedly been encrypted and signed by the client, how do I verify whether or not it was, in fact, signed by the client and, if so, that the document has not been altered? 2) I was reading, in various places, that when the keygen tag is used, the user is presented a dialog that lets him select the strength of the key, so how can I ensure that the client's use only the strongest level of encryption available? Can anyone either tell me how best to do this, or point me to an online resource that explains how to do this, and more? Thanks Ted __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Need guidance, and examples, of using HTML5's keygen c., with cgi program
My searches using Google have resulted in an abysmal signal to noise ratio, and everything I have found so far covers one part of the architecture needed to the complete exclusion of all else. For example, I found JavaScript to manipulate the client side controls so that the form would function in both MS IE and Firefox, but nothing about what ought to happen server side. Similarly, I have found openssl info about making certificate requests, keys and certificates, but nothing about how to plug it into either a web server, such as Apache's httpd server, or how to invoke it from a cgi (or, better, fastcgi or mod_perl script). And again, I found info about setting up my own ca authority to generate server and client certificates (but the pages for that say nothing about anything else that might be required), as well as pages that deal solely with configuring Apache's httpd server to use server and client certificates. I can put those peices together, but there is a major missing piece of information that I havenot been able to find. I can easily make a form, on a server that accepts only https connections, and put on it any kind of control. But it is not clear to me what information I have to ensure I collect on that form. I can also invoke programs from cgi programs, but it is not clear to me what information collected would need to be passed to openssl to make the desired certificates and what would need to be stored in an RDBMS (or how to connect that info to the certificate). Here is what I am aiming for. 1) A registration page that is used ONLY by my registration authority, to collect a person's contact information (including a valid phone number and email address), as well as several challenge/response questions and answers. Once that data is entered, the page would return single use credentials. 2) The person so registered, logs into a separate page using the single use credentials. The page then uses the challenge questions and answers provided to more strongly verify the identity of the user(in case the credentials are misappropriated by someone). 3) Once the identity of the person has been verified, he is prompted for a password (that must pass some test for quality - URLS pointing to a good perl or Javascript package that aplies such a test, or a good regex, would be appreciated), and when this data is submitted, the server creates a client side certificate that requires the user to enter the password the user has entered, and returns it to the client. This certificate ought to be useful for non-repudiation, encryption and signing electronic documents, but not, of course, creating other certificates. The question I guess is, first can I force a client certificate to require the user to enter his password, the first time (and only the first time) it is used in a given session (so I can get a two factor authorization: what the user has, the certificate, and what he knows, his password), second, what data needs to be in the form that submits the certificate request (e.g. which contains the HTML5 keygen element), third, what goes into the call to make the certificate and what goes into the RDBMS, and finally, how is the certificate returned to the client in a way that would ensure that the browser used by the client would install the certificate generated in the right place. Does anyone know of a resource on the web that talks about all aspects of creating such a system as well as providing links to documents describing best practices (what to do and what to avoid in order to minimize vulnerabilities that can arise in creating such a system)? I am hoping someone out there can provide info that would spare me further God knows how many weeks or months of frustratingly fruitless searching using Google. Thanks. Ted -- R.E.(Ted) Byers, Ph.D.,Ed.D. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Feedback Please: New OpenSSL PKI Tutorial
This tutorial is a very good start, however, I have a couple suggestions. 1) Add more verbiage in the configuration files. I suggest pretending you're talking to a bright undergraduate student who knows nothing of either PKI or Openssl. That is, be a bit more pedantic in the presention of the material, and more exhaustive in the coverage of the material of interest. You have, after all, assumed the role of an educator, and that involves a different style of presentation from what you'd produce for an old pro. 2) Openssl is rarely used in a vacuum. Somehow, a user's email software has to be told about the user's email certificate. Similarly, a client side certificate for TLS has to be used within the user's browser, and the server has to both ask for it, and determine whether or not the certificate received is acceptable. And then there is the question of distributing certificates. For example, one use case will be to support requesting a clint side certificate over the web, with forms presenting a series of challenges and taking responses (and/or single use passwords), to create the request within the user's browser, and then the server has to take that request and produce and return the certificate. Such an example would need a number of CGI scripts, perhaps written in Perl, that check the data received and, depending on whether or not there is a problem, create the certificate and send it back. There woud also likely be a need to deal with the configuration, for example, of Apache's httpd server (or MS' IIS). Back when I was teaching, e.g. C++, I'd present the idea of functional requirements early, and always relate the code thestudents were learning to write back to functional requirements. So, in addition to the details of C++ syntax, the students would also learn something of UML modelling, requirements engineering, and a few common functional requirements either in scientific applications or business applications. As a former educator, I'd suggest it is just as important to treat why you do what you do, and how your work fits with the rest of your organizations needs as it is to show what to do. Keep up the good work. Cheers Ted On Mon, Dec 17, 2012 at 9:23 AM, Stefan H. Holek ste...@epy.co.at wrote: Hi All! I have been working on an OpenSSL PKI tutorial, and the time has come where I would like to solicit feedback from the community. The tutorial takes a somewhat novel approach without ever referring to openssl.cnf or CA.pl (yuck). You can find it here: https://pki-tutorial.readthedocs.org/ I am particularily interested in three things: a) Is there anything blatantly wrong? b) What do you think about the configuration files? c) Would you like to see more examples added? Feel free to open tickets in the issue tracker [1] or just reply to the list. Thank you, Stefan [1] https://bitbucket.org/stefanholek/pki-tutorial/issues -- Stefan H. Holek ste...@epy.co.at __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- R.E.(Ted) Byers, Ph.D.,Ed.D. t...@merchantservicecorp.com CTO Merchant Services Corp. 17665 Leslie st., unit 30 Newmarket , Ontario L3Y 3E3
Re: How do I tell openssl where its configuration file is, without a commandline argument?
On Wed, Nov 28, 2012 at 3:54 PM, Wim Lewis w...@omnigroup.com wrote: On 28 Nov 2012, at 12:31 PM, Ted Byers wrote: Is it possible to tell openssl where the configuration file is, e.g. by setting an environment variable, without passing a commandline argument? If I remember correctly, you can set the OPENSSL_CONF environment variable to the path of the config file you want. The SSL_CERT_DIR and SSL_CERT_FILE environment variables might also be helpful (depending on what you need). Thanks. that is helpful Cheers Ted __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
What is Secure Renegotiation and why is it used, and how to have the client adapt to it?
Please consider the following output: C:\Workopenssl s_client -connect secure.theserver.com:443 Loading 'screen' into random state - done CONNECTED(00F0) write:errno=10054 --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 321 bytes --- New, (NONE), Cipher is (NONE) *Secure Renegotiation IS NOT supported* Compression: NONE Expansion: NONE --- The same command, getting Google's home page over SSL produces the following: C:\Workopenssl s_client -connect www.google.com:443 Loading 'screen' into random state - done CONNECTED(00F0) depth=1 C = ZA, O = Thawte Consulting (Pty) Ltd., CN = Thawte SGC CA verify error:num=20:unable to get local issuer certificate verify return:0 --- Certificate chain 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com i:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA 1 s:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority --- Server certificate -BEGIN CERTIFICATE- MIIDITCCAoqgAwIBAgIQT52W2WawmStUwpV8tBV9TTANBgkqhkiG9w0BAQUFADBM MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0xMTEwMjYwMDAwMDBaFw0x MzA5MzAyMzU5NTlaMGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh MRYwFAYDVQQHFA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKFApHb29nbGUgSW5jMRcw FQYDVQQDFA53d3cuZ29vZ2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEA3rcmQ6aZhc04pxUJuc8PycNVjIjujI0oJyRLKl6g2Bb6YRhLz21ggNM1QDJy wI8S2OVOj7my9tkVXlqGMaO6hqpryNlxjMzNJxMenUJdOPanrO/6YvMYgdQkRn8B d3zGKokUmbuYOR2oGfs5AER9G5RqeC1prcB6LPrQ2iASmNMCAwEAAaOB5zCB5DAM BgNVHRMBAf8EAjAAMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwudGhhd3Rl LmNvbS9UaGF3dGVTR0NDQS5jcmwwKAYDVR0lBCEwHwYIKwYBBQUHAwEGCCsGAQUF BwMCBglghkgBhvhCBAEwcgYIKwYBBQUHAQEEZjBkMCIGCCsGAQUFBzABhhZodHRw Oi8vb2NzcC50aGF3dGUuY29tMD4GCCsGAQUFBzAChjJodHRwOi8vd3d3LnRoYXd0 ZS5jb20vcmVwb3NpdG9yeS9UaGF3dGVfU0dDX0NBLmNydDANBgkqhkiG9w0BAQUF AAOBgQAhrNWuyjSJWsKrUtKyNGadeqvu5nzVfsJcKLt0AMkQH0IT/GmKHiSgAgDp ulvKGQSy068Bsn5fFNum21K5mvMSf3yinDtvmX3qUA12IxL/92ZzKbeVCq3Yi7Le IOkKcGQRCMha8X2e7GmlpdWC1ycenlbN0nbVeSv3JUMcafC4+Q== -END CERTIFICATE- subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com issuer=/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA --- No client certificate CA names sent --- SSL handshake has read 2130 bytes and written 443 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-RC4-SHA Server public key is 1024 bit *Secure Renegotiation IS supported* Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1.2 Cipher: ECDHE-RSA-RC4-SHA Session-ID: 5930A80165EBF4CDA0199A366CB1232C54B4F70B3CEE0690561A9514AB8A27EB Session-ID-ctx: Master-Key: A107E655BBC4DC3E28B81CA9986414F2D56E942590F794822EC435D3F907C45C7E93D866DF3D082DBE3573278899648D Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 100800 (seconds) TLS session ticket: - c5 c4 5c ba a7 ff ca 4c-59 f9 5e 08 80 e6 76 3c ..\LY.^...v 0010 - e8 13 92 e8 96 2d 91 fd-e2 ad ff 33 fe ab 16 6d .-.3...m 0020 - 18 15 77 3d f1 d4 b8 24-fe 19 ac 46 b9 69 52 1a ..w=...$...F.iR. 0030 - ac db e2 2c 92 33 6c a8-8e 69 f6 3a 65 6d 29 91 ...,.3l..i.:em). 0040 - a3 d3 08 6e a7 da 64 f0-88 c7 d4 e3 b4 29 ba 20 ...n..d..). 0050 - a6 31 52 e5 c0 0b 42 b5-da 9c 6d 43 59 17 1e dd .1R...B...mCY... 0060 - 8a 09 0c ee 03 9b 6a a7-87 23 ef d6 2d 61 23 d0 ..j..#..-a#. 0070 - 0c 16 c4 69 8c 42 d4 35-00 ae a1 c7 e6 c9 75 2d ...i.B.5..u- 0080 - e2 f7 be 82 93 c2 2c ba-35 67 89 98 c5 8f 47 cb ..,.5gG. 0090 - b4 75 9f c2 .u.. Start Time: 1354196309 Timeout : 300 (sec) Verify return code: 20 (unable to get local issuer certificate) --- read:errno=0 I need to know, first, what Secure Renegotiation is, and then, if it is a legitimate way to configure a secure server, why it is used. Finally, I need to know what needs to be done to have a client application adapt to it. Firefox seems to have no problem with it, but my Perl programs that actually use the server in question do appear to have a problem with it. But it now occurs to me that Secure Renegotiation might not be the problem. After all, the output related to it when accessing Google comes after the server certificate is received, and no certificate is received from this problem server. And it isn't feasible for me to muck around with the server because I do not have that kind of access (it is owned/managed by another company). Therefore, I have another question, which is, how to I determine and verify the real cause of the problem, and then, how do I fix it? Thanks Ted
How do I tell openssl where its configuration file is, without a commandline argument?
The simpler variant of this question, vis how to tell openssl where the configuration file is, is a FAQ, and I have seen it countless times over the past few years, as a result of my searches using Google. However, my present situation is a bit different. I am developing perl programs that must make SSL connections to secure servers, and some of my programs that do this have been working fine for as much as five years. However, a couple of them have started to fail with a handful of secure sites that have new 'extended validation' certificates. This is the only consistent difference between those sites that I can still connect to and those that I can't. For those who don't know, web programming using Perl involves a number of complicated packages, most of which are written in perl, and unfortunately, the perl package that is responsible for SSL/TLS connections is buried deep in the bowels of the most complex of these, and it requires that openssl is installed. I do have openssl installed (this is on Windows (several varieties including WXP, Windows 7 and Windows Server 2008, both 32 bit and 64 bit), but I have not added it's bin directory to the system path (to date, I haven't had to). I know I can ensure my perl programs can find it by adding that path to the system path, but there remains the problem that every time I start openssl from a commandline without passing the path to the configuration file as a commandline argument, it complains that the file couldn't be found is some Unix path I can't remember (but beginning with '/usr').. Hence the question: Is it possible to tell openssl where the configuration file is, e.g. by setting an environment variable, without passing a commandline argument? Thanks Ted __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: I can't believe how much this sucks
On Mon, Nov 19, 2012 at 9:45 AM, John Zavgren j...@zavgren.com wrote: Thomas: You make very good suggestions. Of them all (aside from the use of tact in approaching the developers :-) ), I think that easy-to-follow code examples would improve the openSSL experience more than anything else you identify. These examples could even provide a natural context for the cookbook usage examples, and then we'd achieve two of your objectives. I can recall situations where I had to incorporate a cartographic calculation in code I was writing, e.g., compute a signature, and was unable to find any examples, and the man pages were a poor starting point. They are good for learning the individual library procedures, but they aren't good for pulling them together to create a working software module. (In fact, when I needed to learn how to compute a signature, I downloaded the openVPN source code and read it.) So, what is a list of easy-to-follow code examples? Here are some suggestions: 1.) read private key and a message from a file: encrypt message with private key, write encrypted buffer to (another) file. 2.) read cert and private key, read file, compute signature, etc. 3.) read file, read signature, read ca certs, validate signature. 4.) Example 3 + check CRL. 5.) Example 3 + check with OCSP responder. ??? I'm sure there are a LOT of CA related examples that would help, because I find the creation of a CA to be one of the more painful exercises. I concur. But I'd take it a step further. To take C/C++ programming, as an example. It is one thing to learn to write decent code, but quite another to write 'secure' code. I have several references that assume a better than average knowledge of C and C++, and focusses on good and bad coding practices that relate to writing secure code. All of the code, good and bad, in these rferences is legal C or C++, but some of it represents an opportunity for bad guys to hack the application for whatever purpose. Similarly, I would suggest that your easy to follow examples include several variants of each use case, and followed by illustrations of coding practice that are possible withthe library but ill advised because they compromise security acompanied by examples of how to support the same requirement without compromising security. I would suggest that this is especially important for a library like openssl since it will only be used in applications in which one of the main requirements is security, and using it badly seems likely to make the application using it less secure than it would be without use of a library like it. Cheers Ted
Re: I can't believe how much this sucks
On Tue, Nov 13, 2012 at 2:02 PM, Lee Fisher blib...@gmail.com wrote: For things that the peer support forum and the existing documentation don't cover, you have the source code, which is definitive. Additionally, there are professional OpenSSL consultants you can use for help. It would be more productive to submit bugs and patches, instead of a litany :-) Even so, some of those closely involved in the project ought to be doing a better job of documenting the product. Telling people to hire consultants is even worse than telling people to read the code. I develop software for a living, and I would be ashamed of any attempt to release even one of my products without a proper reference manual, complete design documentation, including a reasonable suite of UML documents (in the case of an open source product since good coders benefit from good design documentation - which, admittedly, I have not produced) and a thorough tutorial. I have had feedback on some of my products that the end users found my interface so intuitive that they did not look at the documentation I'd provided even once, but I do not see that as an excuse for not producing proper documentation. In my view, the documentation for a product is as much a part of the product as the code in the product. The product is not ready for release until the documentation is as complete and polished as is the code. Peer support is hardly a good, or cost effective, substitute for good documentation; and contrary to what some coders I have met, and worked with, have claimed, the source code is often not adequate documentation. Yes, you see what the code is doing, but tracing execution paths through it can be a tedious nightmare; especially if the coder that produced it wrote the code as a candidate for an obfuscated coding contest (something, BTW, I would regard as grounds for dismissal if obfuscation is the only justification the code can offer for it). In my own coding, the only libraries I use often are those that are well documented. Life is just too short to waste on libraries that are poorly documented (unless someone wants to pay me to do so - but they'd be paying a significant premium for such a tedious, and usually frustrating, task). I am not criticising the documentation for openssl, and will not; but I would encourage those who are responsible for maintaining and improving openssl to not neglect the documentation. It would be a mistake to leave that for someone else to do, for when that happens, it is certain that the documentation will suffer. just my $0.02, as a coder with decades of coding experience. Cheers Ted
Re: I can't believe how much this sucks
On Tue, Nov 13, 2012 at 3:18 PM, alan buxey a.l.m.bu...@lboro.ac.uk wrote: Hi, I am not criticising the documentation for openssl, and will not; but I would encourage those who are responsible for maintaining and improving openssl to not neglect the documentation. It would be a mistake to leave it is an Open Source project - thus there is also an onus on the USERS who use the code to also provide something into the mix - commonly that is for documentation - as users are often not the ones maintaining or improving the codebase...but are people USING the API and software (usually for their own purposes and financial gain) - so ideal for being people to offer something back in the way of , eg, better documentation. Nonsense. The most the users can be expected to contribute is their questions. That is where the fodder for FAQs comes from. From the perspective of a library writer, they also show what you've missed. I am CTO in my company, and when I direct a junior or intermediate programmer to use library X (which may well be one I have developed over the decades), I do not tell them to study the code to figure out how to use it. In many cases, the library details involve aspects of the problem at hand that are well beyond their experience. However, when I give them direction to use the library, I also point them to good quality user documentation: documentation that clearly llustrates how the library is properly used, and it is at a level that they can understand. in this way, I can educate them, or introduce them, to technologies that are new to them at a pace they can handle, and that without wasting time examining the details fo the library implementation code which, as I said, is often well beyond what their experience can handle. I'd cite a use example - eg Cisco use OpenSSL for their AnyConnect SSL client - they are using quite a few of the APIs and functions in their commercial product(s) - a proper symbiotic relationship would be for their expertise to be fed back in the way of bug fixes and documentation. coders are often NOT the best documentation writers ;-) Nonsense. No-one knows better how the code ought to be working than the folk who developed it. I begin with the assumption that all my coders are functionally literate. I expect them to document their own code as part of the duties for their position. Of course, the senior staff will review, and require edits, as part of the routine code reviews; and, on a large project, there may be a professional educator who takes responsibility for the final drafts of the user documentation. But there is no excuse for a coder not to document his own code. And that a given product is open source, or free, is not an excuse for library developers doing a poor job documenting their product. Take a look at the boost documentation. Some of that is great; and some not so much. But the boost library documentation is gnerally more than enough for a capable programmer to make good use of most of those libraries. Granted, though, some of those libraries are sufficiently advanced that I would only ask senior members of my team to make use of them. And there are other open source products that do have adequate to good documentation; at least if you look carefully. Cheers Ted
Re: I can't believe how much this sucks
On Tue, Nov 13, 2012 at 4:38 PM, alan buxey a.l.m.bu...@lboro.ac.uk wrote: Hi, Nonsense. No-one knows better how the code ought to be working than the folk who developed it. I begin with the assumption that all my coders are i'd cite the cathedral and the bazaar ...or the 'many eyes make all bugs shallow' views - if you are given the API and the documents, you use the code without seeing what its doing. by looking at each library you can see what it does and how it does it but most importantly, you can see the bugs/issues/problems. You neglect context. My junior staff generally don't see the library implementations, even when we own the code. To ask them to study that code pushes them way too far much too fast. I want junior staff to develop at a reasonable pace; but at their own pace. I will not assign them tasks that they haven't a hope of completing in a reasonable timeframe. That is just plain cruel! It is madness to expect a junior coder to have all the expertise of a senior software engineer. To do so is a recipe for disaster, and for rapid burnout of your junior staff. Your cathedral and bazaar metaphore therefore does not apply in most cases. Your metaphore only applies in the case of senior programmers interacting with other senior programmers. And, when it comes to security, you want as many senior programmers' eyes on the code as is possible. And I would be concerned about using a library that my senior staff have trouble figuring out. But even this does not excuse the senior programmers responsible for developing the code from documenting it. There is no-one better to do it, especially if they put themselves in the place of the junior programmers they are responsible for training. with the closed source proprietary software you expect to get 100% perfect docs because you cannot see the source code - you are told how it works and what to feed it. thats that. That's just plain wishful thinking! The perfect product does not exist, closed source or otherwise! We know software engineers are human, and thus error is always certain in any document. It is, though, to be expected that closed source software and its documentation goes through a QU process to ensure that error is at a minimum, and also that their support staff are sufficiently senior that when a user encounters a problem, they are competent enough to jointly test the nature of each complaint and correctly distinguish between a bug in their own product and user error. In a product that is acceptable for production use, from an acceptable supplier, it is never a case of that's that. Failure on either count above guarantees that the library in question will not be used, at least in any product I am responsible for. yes, one can complain until you are blue abotu documentation - and a few comments in this thread have certainly alerted me to some of OpenSSLs other issues - enough perhaps to look at GNUTLS or some alternative'ReallyOpenSSL' anyone? ;-) It is always a question of examining whichof the available products/libraries to use, vs writing your own code. In every such case, it is a question of having (only) your senior staff invest a bit of time to evaluate the options. This includes applying tests to determine the adequacy and reliability, and limit s of application, of the product in question. I will not waste time on complaining about documentation for one library or another. Instead, I will examine the product, including its documentation. I will then make a judgement as to whether or not it will be used, and by which of my staff. We might even decide to use multiple compeeting products for different tasks, perhaps with our own 'abstraction layer' to ensure that what we have our junior people coding to is of sufficient quality and that we do not get hurt by deficiencies in each of the products we're using. I set the coding standard for me staff, as well as the criteria that must be met by any library, or other tool, we will use; along with any conditions for their use. And nne of that is static. Some of the senior staff are responsible for reviewing available libraries, with a view toward adding or removing products from teh mix, based on deficiencies and improvements that appear in each as they develop. Cheers Ted
Re: Find the difference in (milli|micro)seconds between two ASN1_TIME values
On Wed, Nov 7, 2012 at 9:20 AM, Graham Leggett minf...@sharp.fm wrote: What I'm after is the difference between the given date and now so that I can construct a max-age value for Cache-Control. At this stage, there doesn't seem to be a way to do this in openssl. Regards, Graham -- Why does it need to be something in openssl? I don't know openssl well enough to know if it has this capability, but my first instinct would be to use something I know well, such as one of the Boost libraries that seems relevant. That strikes me as much easier and simpler than delving into the bowels of a library I am using (I almost never look at the boost code, I just use the libraries). Thus, if you're using C++, why not use the relevant boost library? http://www.boost.org/doc/libs/1_51_0/doc/html/date_time/posix_time.html One of the countless things it lets you do is compute the difference between two timestamps. Cheers Ted __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: https server using openssl
On Thu, Nov 1, 2012 at 1:47 PM, Indtiny s indt...@gmail.com wrote: Hi, Thanks for the information , actually I need to write simple webserver for the android (in the ndk level for some requirement) . I have added some new CIPHER suite to the openssl as per our requirement . now I need to write simple webeserver which uses that modified-openssl , hence I planned to use the code which is there in the link(http://www.rtfm.com/openssl-examples/) compiled with new openssl .. so now will it be okay to go with this code ..? Bear in mind the caveats on that page. The code is ancient. Look for copyright information - who owns the copy right for that page/code, and what license did they apply. The anwsers you want, regarding permission to use it are in that documentation, if it exists. If the code is correctly perceived to be open source, then you can do what you like with it. But, even if you can, that is not the same thing as you should. Remember, the age of that code. Revising it may be more trouble than it is worth. incase if it is not good to use the above approach , then is boost library available for android to use the Mr.Ted approach ..? The boost library is a C++ library, and thus an be used on any platform for which there is a standards compliant C++ compiler. Therefore, if you have a C++ compiler for Android, then you can use boost libraries. The short answer, is yes, there is a C++ compiler on Android and thus you can use boost. BTW: The boost asio library does use openssl for it's security functionality. Therefore, it ought to be very easy for you to extend to include your new cipher, or anything else that you may want. Cheers Ted __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: https server using openssl
On Wed, Oct 31, 2012 at 12:31 PM, Indtiny s indt...@gmail.com wrote: Hi, Thanks for the suggestion , while browsing about openssl I came across this site http://www.rtfm.com/openssl-examples/ which has code for server which is based on the openssl . Can I use that server code for my simple webserver application ..? Rgds Indra I don't know how or if Boost's asio library interacts with openssl, but if you want to develop your own server, you probably ought to begin with Boost's asio library. If I where going to write my own server, that is what I would do (if I were writing it in C++ rather than Perl). http://www.boost.org/doc/libs/1_51_0/doc/html/boost_asio.html The site you referenced provides an example that is over a decade old. The link I provide above it this year, with current examples for both http servers and clients with and without using SSL. Being a Boost C++ library, it provides a solid base on which to build. The license basically lets you use all that code for whatever purpose you wish. And, I am sure, once yu have studied it, and openssl, you'll be able to extend it to use openssl if it does not presently use it, to add capabilities that openssl provides that are not presently available in asio (provided you have a good grasp of C++ templates and inheritance). Cheers Ted __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: openssl on a home LAN
On Tue, Sep 11, 2012 at 12:36 PM, John A. Wallace jw72...@verizon.netwrote: ** I am trying to figure out whether there is any point in using openssl on a home LAN between two computers. Would that improve on security in any way? Would I be limited in the types of OS connections? I mean, could Iconnect Windows with Linux? Also, if I want to make such a connection between two OS running in virtual machines, could that be done too? Thanks. openssl, almost certainly not. That is, unless you're planning on doing some web development and/or hosting a website on your home LAN. In that case, you'd use openssl to make the certificates and keys necessary to support HTTPS on your web server or application server, as well as to create the CSR when it comes time to buy your domain name and then a more useful certificate signed by one fo the commercial CAs. But, if you use wireless connections between your computers and your router/modem (whatever your ISP provided), then it is sufficient to secure that connection, which is itself just a matter of properly configuring your router and computers. Your router probably came with instructions that tell you how to secure wireless connections between your computers and the router; possibly for Windows only, and possibly for Windows, and Linux, depending on the quality of your ISP. If all your computers can browse the web using your modem, it is possible to get them to connect to each other also; but that falls into the realm of knowing how to use your computers; especially how to configure them to work together. For information about that, Google is your friend, and apart from that, your best line of support will be the support provided by whoever distributes your OS (usually mail lists supported by whichever Linux distribution you're using, and their FAQs). Unless you're a web application programmer, you really don't need anything other than the services of the operating systems you're using. Cheers Ted
RE: client server management of client SSL certificates
-Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl- us...@openssl.org] On Behalf Of yyy Sent: July-29-12 10:09 AM To: openssl-users@openssl.org Subject: Re: client server management of client SSL certificates On 2012.07.29. 8:52, Sanford Staab wrote: Good questions and similar to what is on my mind. Please let me know if you get any good answers to these questions. * There is SPKAC, which generates rsa key pairs in browser (firefox, chrome, opera)(ie not supported) and sends certificate request to server. Some CA uses that (comodo free email CA). * Thanks Are you talking about an object available in the browser object and accessible via JavaScript, or a JavaScript file I'd include in my web page? Can you provide an URL to a resource where I can learn more about it? Thanks again Ted __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: client server management of client SSL certificates
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Jason Goldberg Sent: July-29-12 9:43 AM To: openssl-users@openssl.org Subject: Re: client server management of client SSL certificates Thanks Jason, There are Javascript libraries which range from generating key pairs to creating x509 certificates. So you could generate a keypair in the browser, then generate a certificate signing request, send the CSR to a remote API along with a challenge response, and then get back a signed x509 certificate from your RA -- all in the browser using XHR. Can you point me to some of these? Or at least give me the names of these libraries so I can Google for them? My efforts using Google have generated much more noise than signal. :-( Perhaps the names of the libraries will change that. However, you can't get anything out of the browser without a local application. You'd need some combination of the HTML5 FileWriter API and an application registered to a URL protocol which could be triggered by the browser to read your certificates and install them. I make no comment on the security of that scheme, but it definitely seems possible. Something more to think about. Thanks again. Ted __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: client server management of client SSL certificates
-Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl- us...@openssl.org] On Behalf Of yyy Sent: July-29-12 11:18 AM To: openssl-users@openssl.org Subject: Re: client server management of client SSL certificates On 2012.07.29. 17:49, Ted Byers wrote: Thanks Are you talking about an object available in the browser object and accessible via JavaScript, or a JavaScript file I'd include in my web page? Can you provide an URL to a resource where I can learn more about it? It is a html form element. It is not related to javascript (I tried to use it with javascript, but did not succeed). https://en.wikipedia.org/wiki/spkac http://www.w3schools.com/html5/tag_keygen.asp Sample form, which generates SPKAC request: form action=something.php method=post Key params: keygen name=reqdata challenge=something / input type=submit //form At other end, POST variable reqdata will contain SPKAC request, private key will remain in browser. In firefox and chrome this presents dropdown choice between 1024 and 2048 bit rsa (normal and high), in opera, this presents a longer dropdown list ranging from ~1000 to 3000 or 4000 bit rsa. Great. Thanks. I'll do a bit of HTML5 coding, then. But since it doesn't appear to be supported in MS IE, I will have to have a form like that as a secondary page, with a similar page for MS IE users, and JavaScript to direct the user to the one or the other based on the browser the user is using. Thanks again Ted __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: how to setup my now CA and where to find an easy to understand guide about PKI (was Re: empty subject)
On Thu, Jul 26, 2012 at 7:20 AM, Florian Rüchel florian.ruec...@ruhr-uni-bochum.de wrote: On 26.07.2012 12:57, Tom Browder wrote: On Thu, Jul 26, 2012 at 3:45 AM, Marco Molteni (mmolteni) mmolt...@cisco.com wrote: Hi, there are two open source CA systems I am aware of, although I haven't tried them out. Also make sure to check out OpenXPKI (http://www.openxpki.org/) Thanks. I'll take a look at this too. Thanks Ted
Re: how to setup my now CA and where to find an easy to understand guide about PKI (was Re: empty subject)
On Thu, Jul 26, 2012 at 4:45 AM, Marco Molteni (mmolteni) mmolt...@cisco.com wrote: Hi, there are two open source CA systems I am aware of, although I haven't tried them out. I think they can be a good starting point instead of doing everything from scratch :-) http://pki.fedoraproject.org/wiki/PKI_Main_Page http://openca.org/projects.shtml marco PS: Adding a Subject line helps... Thanks. That was a case of a click finger that was too fast. I hadn't realized I' sent it without a subject until I started getting replies. I'll take a look at these sites and see how far they get me. Thanks Ted On Jul 25, 2012, at 19:49 , Ted Byers wrote: Hi All I just subscribed to this list. I have some familiarity with openssl having used it to generate self signed keys for testing secured web applications (on Apache 2.2), prior to deployment, at which time my colleagues would buy a server certificate from one of the usual CAs, such as GoDaddy. Now, I am looking to do something a little different. First, I set up several Linux virtual machines using Oracle's VirtualBox (nice product BTW)., and installed Suse on some and Ubuntu on others. On all, I made sure that openssl was installed and up to date (at least as far as the repositories for Suse and Ubuntu are concerned). I then went exploring, and in /etc/ssl/ I found a configuration file for openssl. I tried reading it, but the comments relied heavily on jargon that most of you take for granted. But since I am just beginning to study this, it might as well have been in Swahili for allt he good it did me; and the available documentation is a bit too terse for me to be able to use it to fill in the gaps. I am hoping that one of you kind souls would direct me to a few good web resources on which all your jargon is explained/defined, ideally in standard English. I am also hoping that in describing what I want to do, one or more of you would point me to good documentation on how to get it done. Note, Ialthough I am a programmer (using C++, Perl and Javascript - mostly Peerl and C++), I am content to use openssl as installed on the Linux distros, and don't really want to recompile it unless absolutely necessary. Here is the objective (mostly dealing with client certificates). As I understand it, one can have a CA that handles issuing certificates and a RA, or registration authority, that is responsible for verifying the identity of the person or corporation that is receiving a certificate; and I understand that most commercial 'CA's combine the two functions into a single corporate entity. But, I want to set up a CA for a company, and then set up an RA for each department (so that the department managers can worry about verifying the identities of their own staff, perhaps in collaboration with their human resources department, and selected outsiders (such as preferred customers, contractors, suppliers, c.). I want to set up a simple, secure website that users (intended recipients) access using ccredentials I provide, including a single user password. After login, the user would be presented with a series of challenges and the responses would be checked against what the user had presented to the RA that passed the credials I created to the user (each RA would access the DB containing user data through a separate website, in order to enter the required data for each person to whom he wants a client certificate issued). Once the identity of the user is verified, the web site would take the user through the process of creating the client certificate and key. I am unclear as to how this can happen on the client side and the resulting certificate still be signed on the servr by my CA. Also, it is unclear to me how I can configure these certificates so that they can a) authenticate the user to a secure server, b) encrypt documents passed between the client and server, and c) sign encrypted documents. Also, I understand that the different browsers support different methods for creating client certificates, so I'd appreciate a pointer to Javascript code that automagically uses the right procedure for whatever browser the client is using. I do not want to be dictating to the user where or when he gets his client certificate or what browser he should use. If there is a repository of javascript code that can run once the certificate has been created and installed inthe browser that handles installing it also in whatever email client the user is using, as well as making a proper backup (e.g. to a USB memory stick, so that if anything happens to his computer, he can restore it all once his computer issues are resolved. In breif, I want to make things as easy as possible for the end users. Now, I envision a website for each department, to which only those users who have certificates authorized by the RA
[no subject]
Hi All I just subscribed to this list. I have some familiarity with openssl having used it to generate self signed keys for testing secured web applications (on Apache 2.2), prior to deployment, at which time my colleagues would buy a server certificate from one of the usual CAs, such as GoDaddy. Now, I am looking to do something a little different. First, I set up several Linux virtual machines using Oracle's VirtualBox (nice product BTW)., and installed Suse on some and Ubuntu on others. On all, I made sure that openssl was installed and up to date (at least as far as the repositories for Suse and Ubuntu are concerned). I then went exploring, and in /etc/ssl/ I found a configuration file for openssl. I tried reading it, but the comments relied heavily on jargon that most of you take for granted. But since I am just beginning to study this, it might as well have been in Swahili for allt he good it did me; and the available documentation is a bit too terse for me to be able to use it to fill in the gaps. I am hoping that one of you kind souls would direct me to a few good web resources on which all your jargon is explained/defined, ideally in standard English. I am also hoping that in describing what I want to do, one or more of you would point me to good documentation on how to get it done. Note, Ialthough I am a programmer (using C++, Perl and Javascript - mostly Peerl and C++), I am content to use openssl as installed on the Linux distros, and don't really want to recompile it unless absolutely necessary. Here is the objective (mostly dealing with client certificates). As I understand it, one can have a CA that handles issuing certificates and a RA, or registration authority, that is responsible for verifying the identity of the person or corporation that is receiving a certificate; and I understand that most commercial 'CA's combine the two functions into a single corporate entity. But, I want to set up a CA for a company, and then set up an RA for each department (so that the department managers can worry about verifying the identities of their own staff, perhaps in collaboration with their human resources department, and selected outsiders (such as preferred customers, contractors, suppliers, c.). I want to set up a simple, secure website that users (intended recipients) access using ccredentials I provide, including a single user password. After login, the user would be presented with a series of challenges and the responses would be checked against what the user had presented to the RA that passed the credials I created to the user (each RA would access the DB containing user data through a separate website, in order to enter the required data for each person to whom he wants a client certificate issued). Once the identity of the user is verified, the web site would take the user through the process of creating the client certificate and key. I am unclear as to how this can happen on the client side and the resulting certificate still be signed on the servr by my CA. Also, it is unclear to me how I can configure these certificates so that they can a) authenticate the user to a secure server, b) encrypt documents passed between the client and server, and c) sign encrypted documents. Also, I understand that the different browsers support different methods for creating client certificates, so I'd appreciate a pointer to Javascript code that automagically uses the right procedure for whatever browser the client is using. I do not want to be dictating to the user where or when he gets his client certificate or what browser he should use. If there is a repository of javascript code that can run once the certificate has been created and installed inthe browser that handles installing it also in whatever email client the user is using, as well as making a proper backup (e.g. to a USB memory stick, so that if anything happens to his computer, he can restore it all once his computer issues are resolved. In breif, I want to make things as easy as possible for the end users. Now, I envision a website for each department, to which only those users who have certificates authorized by the RA in that department can access, and another that provides access as long as he, or raher his browser, presents a certificate authorized by any of the RAs iin the company (i.e. a company wide site along with departmental sites). Having worked with Apache 2.2 for quite a while, and on quite a number of secure websites, I am reasonably familiar with configuring Apache to use server certificates, but I am a little unclear on how to tell it to require certificates from a given pair of CA and RA, or a given CA in conjunction with any of a given set of RAs. I am sure there must be lots of companies that have done something like this. What I need is a pointer to documentation on how to do it, along with any accounts of the experiences of those who have done it and what gotchas to watch out for. I have been
Re: (no subject): SSL Configuration
On Wed, Jul 25, 2012 at 4:03 PM, Tom Browder tom.brow...@gmail.com wrote: On Wed, Jul 25, 2012 at 12:49 PM, Ted Byers r.ted.by...@gmail.com wrote: Hi All Hi, Ted. I, too, have been looking for something like you have. I am in the process of creating a Perl program that may be able to help you (for at least part of your requirements), but I first can point you to one of the most current references I can find for openssl configuration: http://www.phildev.net/ssl/ Hi Tom, and thanks. Sorry, I didn't realize I had sent my original message without a subject. I am an old hand at perl programming, and almost all of it is focussed on CGI programming in the context of secure web applications. But, to date, that security has been focussed on a) the server side certificates, and b) and most importantly, untainting and validating data (so a bad boy can't enter a SQL statement into a text field and blow away my DB - the infamous SQL injection attack). It's a little outdated in that the following openssl conf object names are no longer valid (at least as of the latest stable release: openssl-1.0.1c): # challengePassword_max # challengePassword_min # commonName_max # countryName_max # countryName_min # emailAddress_max Thanks. I have my homework for tonight. ;-) I plan to release my program on git-hub when I have it working. It is designed for my work flow: + multiple virtual hosts on a single Apache server + one private CA for each vhost + all users requiring access to the private area for a vhost must have an SSL client certificate generated and signed by that vhost's CA (and I control the entire CA process as well as the server) I'd love to take a look. I will provide the user passwords for the client certs. to my intermediate helpers via the USPO and the individual client certificates via e-mail. The users have to get their passwords from the helpers via telephone. The passwords are similar to Microsoft client keys but are case sensitive. USPO? You mean the postal service inthe US? Doesn't distribution of certificates via email create a vulnerability? I would have expected that using email, a) gives a bad guy a chance to steal/copy the certificate, and b) requires the use of yet another server to secure. From what I have been reading, distribution of the keys is always one of the biggest headaches in the design of a secure system. I was thinking of something more like giving your helpers login credentials (with cryptographically sercur random user IDs and passwords) that can be used only once. They connect over the strongest SSL/TLS connection Apache supports, from whatever machine they will be using, so that the certificate can be created, signed, and installed over an encrypted channel in 'effectively' an instant. Making these things easy and intuitive for the end user, without compromising security, is a top criterion for me. I will use known email addresses as user names and require the users to enter it when logging onto the site. Apache will reject them if their ssl cert and email don't match. I will rely on my web of trust through my intermediate helpers (all of whom I know) to verify their assigned users (whom they know) and their emails. Thanks. Let me know when I can take a look at yor script. I'd also like to hear about how you harden your servers. Cheers Ted