OpenSSL command-line tools offer a lot of functionality. OpenSSL can generate private keys and their corresponding public key certificate requests, can sign those certificate requests, publish certificate revocation lists (CRLs), convert between several encoding formats like DER, PEM, PKCS#12, etc.
In this article I will describe how to use OpenSSL to set up a Certificate Authority (CA), how to generate private keys, generate certificate requests and sign them, using OpenSSL and the command-line on a Fedora Core 4 Linux system.
Edit /etc/pki/tls/openssl.cnf and make sure the [ CA_default ] section looks like this:
[ CA_default ] dir = /etc/pki/CA # Where everything is kept certs = $dir/certs # Where the issued certs are kept crl_dir = $dir/crl # Where the issued crl are kept database = $dir/index.txt # database index file. unique_subject = no # Set to 'no' to allow creation of # several ctificates with same subject. new_certs_dir = $dir/newcerts # default place for new certs. certificate = $dir/cacert.pem # The CA certificate serial = $dir/serial # The current serial number #crlnumber = $dir/crlnumber # the current crl number must be # commented out to leave a V1 CRL crl = $dir/crl.pem # The current CRL private_key = $dir/private/cakey.pem# The private key RANDFILE = $dir/private/.rand # private random number file x509_extensions = usr_cert # The extentions to add to the cert # Comment out the following two lines for the "traditional" # (and highly broken) format. name_opt = ca_default # Subject Name options cert_opt = ca_default # Certificate field options # Extension copying option: use with caution. # copy_extensions = copy # Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs # so this is commented out by default to leave a V1 CRL. # crlnumber must also be commented out to leave a V1 CRL. # crl_extensions = crl_ext default_days = 365 # how long to certify for default_crl_days= 30 # how long before next CRL default_md = sha1 # which md to use. preserve = no # keep passed DN ordering # A few difference way of specifying how similar the request should look # For type CA, the listed attributes must be the same, and the optional # and supplied fields are just that. policy = policy_match
Creating the Certificate Authority (CA)
This step will create the CA private key and a self-signed certificate (the CA certificate).
The CA certificate will be stored in /etc/pki/CA/cacert.pem, while the CA private key will be stored in /etc/pki/CA/private/cakey.pem:
openssl req -new -x509 -days 365 -newkey rsa:1024 -keyout /etc/pki/CA/private/cakey.pem -out /etc/pki/CA/cacert.pem chmod 600 /etc/pki/CA/private/cakey.pem
A copy of every signed certificate will be stored into /etc/pki/CA/newcerts, with a name matching the certificate serial number plus the .pem extension:
The /etc/pki/CA/index.txt file holds a log of every signed certificate:
The /etc/pki/CA/serial file holds the next available X.509 serial number:
echo 01 > /etc/pki/CA/serial
Generating a certificate request and its corresponding private key
The following command will generate a random, 1024-bit private RSA key and its corresponding public key will be wrapped into a PEM-encoded certificate. This certificate is still unsigned and will be submitted later to the CA for signing:
openssl req -new -days 365 -newkey rsa:1024 -keyout /etc/pki/CA/sslkey.pem -out /etc/pki/CA/sslcert.pem
The private key will get written to /etc/pki/CA/sslkey.pem while the public key, encoded inside an unsigned certificate, will get written to /etc/pki/CA/sslcert.pem.
The -nodes option can be used to avoid using a pass-phrase to protect the private key. This is optional, but some applications are unable to read the private key if it was protected by a pass-phrase, while others like FreeRADIUS can do so with no problems at all.
Signing a certificate
To sign a certificate stored in /etc/pki/CA/sslcert.pem, use the following command:
openssl ca -in /etc/pki/CA/sslcert.pem -out /etc/pki/CA/cert.pem
The resulting signed certificate will get outputted to /etc/pki/CA/cert.pem. Once the certificate has been signed, the unsigned certificate can be safely deleted.