Creating Your Own CAby Rob Flickenger, author of Linux Server Hacks
Become your own Certificate Authority, and sign your own--or others'--SSL certificates.
Well-known Certificate Authorities (such as Thawte and VeriSign) exist to serve as authoritative, trusted third-parties for authentication. They are in the business of signing SSL certificates that are used on sites that deal with sensitive information (like account numbers or passwords). If a site's SSL certificate is signed by a trusted authority, then presumably it is possible to verify the identity of a server supplying that certificate's credentials. In order to receive a certificate "blessed" by a well-known CA, you have to prove to them beyond a shadow of doubt that not only are you who you claim to be, but that you have the right to use the certificate in the way you intend to.
For example, I may be able to prove to a CA that I am really Rob Flickenger, but they probably won't issue me a signed certificate for Microsoft Corporation, as I have no rights to use that name. (Yes, they probably wouldn't do that. Not again.)
In this article, I'll show how OpenSSL is perfectly capable of generating everything you need to run your own Certificate Authority. The
CA.pl utility makes the process very simple.
In these examples, you'll need to type your information in boldface, and enter passwords wherever appropriate (that don't echo to the screen). To establish your new Certificate Authority:
hagbard@fnord:~/certs$ /usr/local/ssl/misc/CA.pl -newca CA certificate filename (or enter to create) Making CA certificate ... Using configuration from /usr/local/ssl/openssl.cnf Generating a 1024 bit RSA private key ...............++++++ ......................................++++++ writing new private key to './demoCA/private/cakey.pem' Enter PEM pass phrase: Verifying password - Enter PEM pass phrase: ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:US State or Province Name (full name) [Some-State]:California Locality Name (eg, city) :Sebastopol Organization Name (eg, company) [Internet Widgits Pty Ltd]:Illuminatus Enterprises, Ltd Organizational Unit Name (eg, section) :Administration Common Name (eg, YOUR name) :Hagbard Celine Email Address :email@example.com
Congratulations. You're the proud owner of your very own Certificate Authority. Take a look around:
hagbard@fnord:~/certs$ ls demoCA/ hagbard@fnord:~/certs$ cd demoCA/ hagbard@fnord:~/certs/demoCA$ ls -l total 24 -rw-r--r-- 1 rob users 1407 Sep 8 14:12 cacert.pem drwxr-xr-x 2 rob users 4096 Sep 8 14:12 certs/ drwxr-xr-x 2 rob users 4096 Sep 8 14:12 crl/ -rw-r--r-- 1 rob users 0 Sep 8 14:12 index.txt drwxr-xr-x 2 rob users 4096 Sep 8 14:12 newcerts/ drwxr-xr-x 2 rob users 4096 Sep 8 14:12 private/ -rw-r--r-- 1 rob users 3 Sep 8 14:12 serial
The public key for your new Certificate Authority is contained in
cacert.pem, and the private key is in
private/cakey.pem. You can now use this private key to sign other SSL certs.
To use your CA's authority to sign SSL certs, you'll need to make a new cert
that a web server (such as Apache) can use. First, generate a private key and
certificate request (see
man CA.pl or my book, Linux Server Hacks). Now
you can sign the new request with your own CA's key:
hagbard@fnord:~/certs$ openssl ca -policy policy_anything \ -out propaganda.discordia.eris.crt \ -infiles propaganda.discordia.eris.csr Using configuration from /usr/local/ssl/openssl.cnf Enter PEM pass phrase: Check that the request matches the signature Signature ok The Subjects Distinguished Name is as follows countryName :PRINTABLE:'US' stateOrProvinceName :PRINTABLE:'Texas' localityName :PRINTABLE:'Mad Dog' organizationName :PRINTABLE:'Discordia, Inc.' organizationalUnitName:PRINTABLE:'Operations' commonName :PRINTABLE:'propaganda.discordia.eris' emailAddress :IA5STRING:'firstname.lastname@example.org' Certificate is to be certified until Sep 8 22:49:26 2003 GMT (365 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated
Now, to use the
.key with Apache + mod_ssl (or
Apache-ssl), install them as you normally would (perhaps with lines like these):
SSLCertificateFile /usr/local/apache/conf/ssl.crt/propaganda.discordia.eris.crt SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/propaganda.discordia.eris.key
This is all lots of fun, but what happens when a client actually connects to https://propaganda.discordia.eris/? Won't the browser throw an error about not recognizing the Certificate Authority that signed the SSL cert? Naturally. Unless, of course, you've installed your CA's public key to the client browser ahead of time. Check back for my next article (or, if you can't wait that long, check out the book).
Disclaimer: No, I honestly had nothing to do with the "Microsoft Corporation" cert snafu. But it does illustrate one of the fundamental facts of life online: It's difficult to know who to trust.
O'Reilly & Associates recently released (January 2003) Linux Server Hacks.
For more information, or to order the book, click here.
Return to the Linux DevCenter.