ssl - 您如何与您的证书颁发机构签署证书签名请求？

Question

在搜索过程中，我发现了几种签署 SSL 证书签名请求的方法:

使用 x509模块:

openssl x509 -req -days 360 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt

使用 ca模块:

openssl ca -cert ca.crt -keyfile ca.key -in server.csr -out server.crt

注意:我不确定对这个参数使用正确的参数。如果我要使用它，请告知正确的用法。

应该使用什么方式与您的证书颁发机构签署证书请求？
一种方法是否比另一种更好(例如，一种方法已被弃用)？

Answer 1

1. Using the x509 module
openssl x509 ...
...

2 Using the ca module
openssl ca ...
...

您错过了这些命令的前奏。

这是一个两步过程。首先设置 CA，然后签署最终实体证书(即服务器或用户)。这两个命令都将两个步骤合二为一。并且两者都假设您已经为 CA 和服务器(最终实体)证书设置了 OpenSSL 配置文件。

首先，创建一个基本的 configuration file :

$ touch openssl-ca.cnf

然后，在其中添加以下内容:

HOME            = .
RANDFILE        = $ENV::HOME/.rnd

####################################################################
[ ca ]
default_ca    = CA_default      # The default ca section

[ CA_default ]

default_days     = 1000         # How long to certify for
default_crl_days = 30           # How long before next CRL
default_md       = sha256       # Use public key default MD
preserve         = no           # Keep passed DN ordering

x509_extensions = ca_extensions # The extensions to add to the cert

email_in_dn     = no            # Don't concat the email in the DN
copy_extensions = copy          # Required to copy SANs from CSR to cert

####################################################################
[ req ]
default_bits       = 4096
default_keyfile    = cakey.pem
distinguished_name = ca_distinguished_name
x509_extensions    = ca_extensions
string_mask        = utf8only

####################################################################
[ ca_distinguished_name ]
countryName         = Country Name (2 letter code)
countryName_default = US

stateOrProvinceName         = State or Province Name (full name)
stateOrProvinceName_default = Maryland

localityName                = Locality Name (eg, city)
localityName_default        = Baltimore

organizationName            = Organization Name (eg, company)
organizationName_default    = Test CA, Limited

organizationalUnitName         = Organizational Unit (eg, division)
organizationalUnitName_default = Server Research Department

commonName         = Common Name (e.g. server FQDN or YOUR name)
commonName_default = Test CA

emailAddress         = Email Address
emailAddress_default = test@example.com

####################################################################
[ ca_extensions ]

subjectKeyIdentifier   = hash
authorityKeyIdentifier = keyid:always, issuer
basicConstraints       = critical, CA:true
keyUsage               = keyCertSign, cRLSign

以上字段取自更复杂的 openssl.cnf (您可以在 /usr/lib/openssl.cnf 中找到它)，但我认为它们是创建 CA 证书和私钥的必需品。

调整上面的字段以适合您的口味。默认设置可以节省您在试验配置文件和命令选项时输入相同信息的时间。

我省略了 CRL 相关的内容，但您的 CA 操作应该包含它们。见 openssl.cnf及相关 crl_ext节。

然后，执行以下操作。 -nodes省略密码或密码短语，以便您可以检查证书。真的是 坏 省略密码或密码短语的想法。

$ openssl req -x509 -config openssl-ca.cnf -newkey rsa:4096 -sha256 -nodes -out cacert.pem -outform PEM

命令执行后， cacert.pem将是您的 CA 操作证书，和 cakey.pem将是私钥。回想一下，私钥没有密码或密码短语。

您可以使用以下命令转储证书。

$ openssl x509 -in cacert.pem -text -noout
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11485830970703032316 (0x9f65de69ceef2ffc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=MD, L=Baltimore, CN=Test CA/emailAddress=test@example.com
        Validity
            Not Before: Jan 24 14:24:11 2014 GMT
            Not After : Feb 23 14:24:11 2014 GMT
        Subject: C=US, ST=MD, L=Baltimore, CN=Test CA/emailAddress=test@example.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (4096 bit)
                Modulus:
                    00:b1:7f:29:be:78:02:b8:56:54:2d:2c:ec:ff:6d:
                    ...
                    39:f9:1e:52:cb:8e:bf:8b:9e:a6:93:e1:22:09:8b:
                    59:05:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:9A:F3:10:9E:D7:CF:54:79:DE:46:75:7A:B0:D0:C1:0F:CF:C1:8A
            X509v3 Authority Key Identifier:
                keyid:4A:9A:F3:10:9E:D7:CF:54:79:DE:46:75:7A:B0:D0:C1:0F:CF:C1:8A

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage:
                Certificate Sign, CRL Sign
    Signature Algorithm: sha256WithRSAEncryption
         4a:6f:1f:ac:fd:fb:1e:a4:6d:08:eb:f5:af:f6:1e:48:a5:c7:
         ...
         cd:c6:ac:30:f9:15:83:41:c1:d1:20:fa:85:e7:4f:35:8f:b5:
         38:ff:fd:55:68:2c:3e:37

并使用以下内容测试其目的(不要担心 Any Purpose: Yes ；参见 "critical,CA:FALSE" but "Any Purpose CA : Yes" )。

$ openssl x509 -purpose -in cacert.pem -inform PEM
Certificate purposes:
SSL client : No
SSL client CA : Yes
SSL server : No
SSL server CA : Yes
Netscape SSL server : No
Netscape SSL server CA : Yes
S/MIME signing : No
S/MIME signing CA : Yes
S/MIME encryption : No
S/MIME encryption CA : Yes
CRL signing : Yes
CRL signing CA : Yes
Any Purpose : Yes
Any Purpose CA : Yes
OCSP helper : Yes
OCSP helper CA : Yes
Time Stamp signing : No
Time Stamp signing CA : Yes
-----BEGIN CERTIFICATE-----
MIIFpTCCA42gAwIBAgIJAJ9l3mnO7y/8MA0GCSqGSIb3DQEBCwUAMGExCzAJBgNV
...
aQUtFrV4hpmJUaQZ7ySr/RjCb4KYkQpTkOtKJOU1Ic3GrDD5FYNBwdEg+oXnTzWP
tTj//VVoLD43
-----END CERTIFICATE-----

对于第二部分，我将创建另一个易于理解的配置文件。一、 touch openssl-server.cnf (您也可以为用户证书制作其中之一)。

$ touch openssl-server.cnf

然后打开它，并添加以下内容。

HOME            = .
RANDFILE        = $ENV::HOME/.rnd

####################################################################
[ req ]
default_bits       = 2048
default_keyfile    = serverkey.pem
distinguished_name = server_distinguished_name
req_extensions     = server_req_extensions
string_mask        = utf8only

####################################################################
[ server_distinguished_name ]
countryName         = Country Name (2 letter code)
countryName_default = US

stateOrProvinceName         = State or Province Name (full name)
stateOrProvinceName_default = MD

localityName         = Locality Name (eg, city)
localityName_default = Baltimore

organizationName            = Organization Name (eg, company)
organizationName_default    = Test Server, Limited

commonName           = Common Name (e.g. server FQDN or YOUR name)
commonName_default   = Test Server

emailAddress         = Email Address
emailAddress_default = test@example.com

####################################################################
[ server_req_extensions ]

subjectKeyIdentifier = hash
basicConstraints     = CA:FALSE
keyUsage             = digitalSignature, keyEncipherment
subjectAltName       = @alternate_names
nsComment            = "OpenSSL Generated Certificate"

####################################################################
[ alternate_names ]

DNS.1  = example.com
DNS.2  = www.example.com
DNS.3  = mail.example.com
DNS.4  = ftp.example.com

如果您正在开发并需要将您的工作站用作服务器，那么您可能需要为 Chrome 执行以下操作。否则 Chrome may complain a Common Name is invalid ( ERR_CERT_COMMON_NAME_INVALID ) .在这种情况下，我不确定 SAN 中的 IP 地址和 CN 之间的关系。

# IPv4 localhost
IP.1     = 127.0.0.1

# IPv6 localhost
IP.2     = ::1

然后，创建服务器证书请求。一定要省略 -x509 *.添加 -x509将创建证书，而不是请求。

$ openssl req -config openssl-server.cnf -newkey rsa:2048 -sha256 -nodes -out servercert.csr -outform PEM

此命令执行后，您将在 servercert.csr 中收到请求和 serverkey.pem 中的私钥.

您可以再次检查它。

$ openssl req -text -noout -verify -in servercert.csr
Certificate:
    verify OK
    Certificate Request:
        Version: 0 (0x0)
        Subject: C=US, ST=MD, L=Baltimore, CN=Test Server/emailAddress=test@example.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ce:3d:58:7f:a0:59:92:aa:7c:a0:82:dc:c9:6d:
                    ...
                    f9:5e:0c:ba:84:eb:27:0d:d9:e7:22:5d:fe:e5:51:
                    86:e1
                Exponent: 65537 (0x10001)
        Attributes:
        Requested Extensions:
            X509v3 Subject Key Identifier:
                1F:09:EF:79:9A:73:36:C1:80:52:60:2D:03:53:C7:B6:BD:63:3B:61
            X509v3 Basic Constraints:
                CA:FALSE
            X509v3 Key Usage:
                Digital Signature, Key Encipherment
            X509v3 Subject Alternative Name:
                DNS:example.com, DNS:www.example.com, DNS:mail.example.com, DNS:ftp.example.com
            Netscape Comment:
                OpenSSL Generated Certificate
    Signature Algorithm: sha256WithRSAEncryption
         6d:e8:d3:85:b3:88:d4:1a:80:9e:67:0d:37:46:db:4d:9a:81:
         ...
         76:6a:22:0a:41:45:1f:e2:d6:e4:8f:a1:ca:de:e5:69:98:88:
         a9:63:d0:a7

接下来，您必须使用您的 CA 对其进行签名。

您几乎已准备好由您的 CA 签署服务器的证书。 CA openssl-ca.cnf在发出命令之前还需要两个部分。

一、开通 openssl-ca.cnf并添加以下两个部分。

####################################################################
[ signing_policy ]
countryName            = optional
stateOrProvinceName    = optional
localityName           = optional
organizationName       = optional
organizationalUnitName = optional
commonName             = supplied
emailAddress           = optional

####################################################################
[ signing_req ]
subjectKeyIdentifier   = hash
authorityKeyIdentifier = keyid,issuer
basicConstraints       = CA:FALSE
keyUsage               = digitalSignature, keyEncipherment

其次，将以下内容添加到 [ CA_default ] openssl-ca.cnf的部分.我早些时候把它们排除在外，因为它们会使事情复杂化(当时它们未被使用)。现在您将看到它们是如何使用的，因此希望它们有意义。

base_dir      = .
certificate   = $base_dir/cacert.pem   # The CA certifcate
private_key   = $base_dir/cakey.pem    # The CA private key
new_certs_dir = $base_dir              # Location for new certs after signing
database      = $base_dir/index.txt    # Database index file
serial        = $base_dir/serial.txt   # The current serial number

unique_subject = no  # Set to 'no' to allow creation of
                     # several certificates with same subject.

三、触摸 index.txt和 serial.txt :

$ touch index.txt
$ echo '01' > serial.txt

然后，执行以下操作:

$ openssl ca -config openssl-ca.cnf -policy signing_policy -extensions signing_req -out servercert.pem -infiles servercert.csr

您应该会看到类似以下内容:

Using configuration from openssl-ca.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName           :PRINTABLE:'US'
stateOrProvinceName   :ASN.1 12:'MD'
localityName          :ASN.1 12:'Baltimore'
commonName            :ASN.1 12:'Test CA'
emailAddress          :IA5STRING:'test@example.com'
Certificate is to be certified until Oct 20 16:12:39 2016 GMT (1000 days)
Sign the certificate? [y/n]:Y

1 out of 1 certificate requests certified, commit? [y/n]Y
Write out database with 1 new entries
Data Base Updated

命令执行后，您将在 servercert.pem 中拥有一个新生成的服务器证书。 .私钥是较早创建的，可在 serverkey.pem 中获得。 .

最后，您可以使用以下内容检查您新类型转换的证书:

$ openssl x509 -in servercert.pem -text -noout
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9 (0x9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=MD, L=Baltimore, CN=Test CA/emailAddress=test@example.com
        Validity
            Not Before: Jan 24 19:07:36 2014 GMT
            Not After : Oct 20 19:07:36 2016 GMT
        Subject: C=US, ST=MD, L=Baltimore, CN=Test Server
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ce:3d:58:7f:a0:59:92:aa:7c:a0:82:dc:c9:6d:
                    ...
                    f9:5e:0c:ba:84:eb:27:0d:d9:e7:22:5d:fe:e5:51:
                    86:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:09:EF:79:9A:73:36:C1:80:52:60:2D:03:53:C7:B6:BD:63:3B:61
            X509v3 Authority Key Identifier:
                keyid:42:15:F2:CA:9C:B1:BB:F5:4C:2C:66:27:DA:6D:2E:5F:BA:0F:C5:9E

            X509v3 Basic Constraints:
                CA:FALSE
            X509v3 Key Usage:
                Digital Signature, Key Encipherment
            X509v3 Subject Alternative Name:
                DNS:example.com, DNS:www.example.com, DNS:mail.example.com, DNS:ftp.example.com
            Netscape Comment:
                OpenSSL Generated Certificate
    Signature Algorithm: sha256WithRSAEncryption
         b1:40:f6:34:f4:38:c8:57:d4:b6:08:f7:e2:71:12:6b:0e:4a:
         ...
         45:71:06:a9:86:b6:0f:6d:8d:e1:c5:97:8d:fd:59:43:e9:3c:
         56:a5:eb:c8:7e:9f:6b:7a

早些时候，您将以下内容添加到 CA_default : copy_extensions = copy .此副本由提出请求的人提供。

如果省略 copy_extensions = copy ，那么您的服务器证书将缺少主题备用名称 (SAN)，例如 www.example.com和 mail.example.com .

如果您使用 copy_extensions = copy ，但不要查看请求，然后请求者可能会欺骗您签署类似从属根(而不是服务器或用户证书)的内容。这意味着他/她将能够创建链接回您受信任根的证书。请务必使用 openssl req -verify 验证请求在签署之前。

如果省略 unique_subject或将其设置为 yes ，那么您将只被允许创建 一 主题的专有名称下的证书。

unique_subject = yes            # Set to 'no' to allow creation of
                                # several ctificates with same subject.

在使用 CA 的私钥签署服务器证书时，尝试在试验时创建第二个证书将导致以下结果:

Sign the certificate? [y/n]:Y
failed to update database
TXT_DB error number 2

所以 unique_subject = no非常适合测试。

如果要确保自签名 CA、从属 CA 和最终实体证书之间的组织名称一致，请将以下内容添加到 CA 配置文件中:

[ policy_match ]
organizationName = match

如果要允许更改组织名称，请使用:

[ policy_match ]
organizationName = supplied

关于 X.509/PKIX 证书中 DNS 名称的处理还有其他规则。有关规则，请参阅这些文件:

RFC 5280，Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile

RFC 6125，Representation and Verification of Domain-Based Application Service Identity within Internet Public Key Infrastructure Using X.509 (PKIX) Certificates in the Context of Transport Layer Security (TLS)

RFC 6797，附录 A，HTTP Strict Transport Security (HSTS)

RFC 7469，Public Key Pinning Extension for HTTP

CA/浏览器论坛Baseline Requirements

CA/浏览器论坛Extended Validation Guidelines

列出了 RFC 6797 和 RFC 7469，因为它们比其他 RFC 和 CA/B 文档更具限制性。 RFC 的 6797 和 7469 也不允许使用 IP 地址。