How to Use OpenSSL to create an X.509 Certificate and Its Precautions

How to Use the OpenSSL tool to generate the root certificate and application certificate I. Steps

// Generate the Public Key Certificate and private key file of the top-level CA, valid for 10 years (RSA 1024 bits, default) openssl req-new-x509-days 3650-keyout CARoot1024.key-out CARoot1024.crt // remove the protection password for Private Key Files of top-level CAS openssl rsa-in CARoot1024.key-out CARoot1024.key // public Key Certificate and private key file, validity Period: 15 years (RSA 2048 bits, specified) openssl req-newkey rsa: 2048-x509-days 5480-keyout CARoot2048.key-out CARoot2048.crt // remove the protection password openssl rsa-in CARoot2048.key-out CARoot2048.key for the application certificate/intermediate Certificate generate the private key file openssl genrsa-out app. key 2048 // generate the csr file (certificate request file) openssl req-new-key app for the application certificate/intermediate certificate based on the private key file. key-out app. csr // use the CA Public/private key file to sign the csr file and generate an application certificate. The validity period is 5 years. csr-out app. crt-cert CARoot1024.crt-keyfile CARoot1024.key-days 1826-policy policy_anything // use the CA Public/private key file to sign the csr file and generate an intermediate certificate, valid for 5 years: openssl ca-extensions v3_ca-in app. csr-out app. crt-cert CARoot1024.crt-keyfile CARoot1024.key-days 1826-policy policy_anything

The above are all the commands used in the process of generating the root certificate and applying the certificate, which are divided into three groups according to the generation target. The first two groups are used to generate self-Signed top-level CA (the difference is that the key length is different). In actual application, you only need to select one group as needed.

The last set is used to generate non-self-signed certificates, including intermediate certificates and application certificates. The so-called intermediate certificate is a sub-CA with the permission to continue issuing the lower-level certificate. The application certificate mentioned in this article cannot be used to issue the lower-level certificate, but can only be used to prove the individual identity. The top-level CA issues only one-extensions v3_ca option when issuing the two, which gives the issued certificate the power to continue issuing the lower-level certificate.

Ii. Detailed explanation in each step 2.1 generate self-Signed root certificate (that is, top-level CA)

Typical examples: Openssl reqNew-x509-days5480-KeyoutCA. key-OutCA. crt

[1] explanation of Command Options and Parameters

In the example, the meaning of each option (and parameter) is as follows:

Req use the req sub-command of openssl-new to generate a new certificate request-x509 to generate a self-signed certificate-days 5480 the validity period of the Self-signed certificate is 5480 days (15 years) [valid only when the-x509 option is used]-keyout CA. key Private key File Name is specified as CA. key [if it is an existing private key file before running and its original name is not CA. key, then renamed as CA. key; otherwise, the new private key file is named CA. key]-out CA. crt specifies to output the information of the Self-signed certificate generated to the file, and the file name is CA. crt [do not omit]

Here, the-days and-keyout options can be omitted. If this option is omitted, the default value is used. The validity period is 30 days by default. It is specified during variable initialization in the program and has nothing to do with the configuration file ], the default value of the private key file name is the configuration file openssl. specify related entries in cnf. If it is not changed, it is privkey. pem.

If option-out is omitted, openssl does not output the generated Certificate/certificate request in the form of a file, but directly prints the file information to the screen by default. In most cases, it does not meet our requirements. Therefore, we recommend that you do not omit this option!

The req sub-command can use the-key option to specify an existing private key file for the certificate request. In the example, the-new and-x509 options are used, but the-key option is not used, the req subcommand automatically generates an RSA private key for the Self-signed certificate. The default length of the key is determined by the configuration file openssl. the related entries in cnf are specified. If no change is made, the value is 1024 bits.

[2] specifying the encryption password for Private Key Files

The system prompts you to enter the encryption password as follows:

writing new private key to 'CA.key'Enter PEM pass phrase:Verifying - Enter PEM pass phrase:

This password is used to encrypt the private key information in the private key file CA. key. If you do not want to enter the encryption password during running, you can use the option-passout to specify it directly in the command. Option-passout is used as follows:

-PassoutArg

Arg is the parameter of Option-passout, which has multiple formats. For details, refer to "PASS_PHRASE_ARGUMENTS" in OpenSSL official documentation.

The commands in the typical example in this section can be transformed as follows using option-passout:

Openssl req-new-x509-days5480-keyoutCA. key-out CA. crt-PassoutPass: 1314

In Linux, you can use the history command to view historical Command records. Therefore, for security considerations, it is generally not recommended to directly specify a password in the Command unless necessary. This is consistent with the reason why the mysql logon password is not directly specified in the-p option.

[3] about the DN field in the certificate request file

During running, you will be prompted to enter some Distinguished Name fields, that is, the certificate recognition Name field, short for DN field, as shown below:

You are about to be asked to enter information that will be incorporated into your certificate request.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter '.', the field will be left blank.-----Country Name (2 letter code) [GB]:USState or Province Name (full name) [Berkshire]:CaliforniaLocality Name (eg, city) [Newbury]:Organization Name (eg, company) [My Company Ltd]:GeoAuth Inc.Organizational Unit Name (eg, section) []:.Common Name (eg, your name or your server's hostname) []:Authentication Global RootEmail Address []:.

Most of these DN fields have default values. The default values are specified by related entries in the openssl. cnf configuration file. To use the default value in a DN field, click"Enter"Key; if the value of a certain DN field needs to be set to null, enter'.'And then click"Enter"Key.

These DN fields are used to identify the certificate holder. The following table lists their abbreviations, descriptions, and instructions. [This part refers to the SSL entries in interactive encyclopedia]

DN field name	Abbreviations	Description	Requirements
Country Name	C	Country of the certificate holder	Enter the country code, which must contain 2 letters
State or Province Name	ST	The state or province in which the certificate holder is located	Enter the full name.
Locality Name	L	City where the certificate holder is located	Can be omitted.
Organization Name	O	Organization or company to which the certificate holder belongs	You 'd better fill it out.
Organizational Unit Name	OU	Department of the certificate holder	Can be omitted.
Common Name	CN	General name of the certificate holder	Required. Non-application certificates should be unique to some extent; For an application certificate, enter a server domain name or a wildcard domain name.
Email Address		Email Address of the certificate holder	Can be omitted.

Table 2-1 DN field description

Note: When the certificate is not applied to the certificate, the general name of the certificate owner must be "unique ", it means that the common name should not be the same as the common trust certificate list on the general host or the certificate in the revocation certificate list.

If you do not want to enter the values of these DN fields one by one during running, you can use the-subj option to specify them directly in the command. Option-subj is used as follows:

-SubjArg

Here, arg is the parameter of Option-subj. Its format is similar to:/type0 = value0/type1 = value1/type2 =. Each unit in the form of/type = value corresponds to a complete DN field. Where,

/Is the start sign of each DN field; type0, type1, etc., is the abbreviation of the DN field name mentioned in Table 2-1; = is the delimiter between the name and value of the DN field;
Value0, value1, and so on are the values of the DN fields that you entered one by one during running.

If you want to leave the value blank, you can skip this field. The commands in the typical example in this section can be modified using the-subj option as follows [two DN fields, L and OU, are omitted ]:

Openssl req-new-x509-days5480-Subj/C = US/ST = California/O = GeoAuth \ Inc./CN = Authentication \ Global \ Root-keyout CA. key-out CA. crt

Note that if the value of the DN field you set exists with some special characters (such as (Space), (left square brackets),) (right square brackets) ......], It must be escaped by a backslash. In the preceding example, space escape is provided.

[4] How to specify the key length and type of the Self-signed certificate

As mentioned above, only RSA public/private key pairs with a key length of BITs can be generated. If you want to generate an RSA public/private key pair whose key length is not bits, or other types of public/private key pairs such as DSA and EC, you must use option-newkey instead of-new. Option-newkey usage is complex. For more information, see the related pages of OpenSSL official documentation. The commands in this example are equivalent to the following commands:

Openssl req-Newkeyrsa:1024-X509-days5480-KeyoutCA. key-OutCA. crt

To generate an RSA public/private key pair whose key length is 2048bits, run the following command:

Openssl req-Newkeyrsa:2048-X509-days5480-KeyoutCA2048.key-OutCA2048.crt

2.2 remove encryption protection for private key files of top-level CAs as mentioned above, the Private Key Files of top-level CAs are encrypted and will be read every time. when entering the private key information in the key file, you must enter the decryption password. This method is suitable for security scenarios, but you can remove this password if it is inconvenient.

Typical examples: Openssl rsa-InCA. key-OutCA. key

[1] explanation of Command Options and Parameters

In the example, the meanings of each option/parameter are as follows:

Rsa uses the rsa sub-command of openssl-in CA. key encrypted private key file-out CA. key unencrypted private key file [renamed]

[2] specifying the password for private key file decryption

The system prompts you to enter the decryption password as follows :,

Enter pass phrase for CA.key:writing RSA key

If you do not want to enter a decryption password during running, you can use option-passin to specify the password directly in the command. Option-passin is used as follows:

-PassinArg

Arg is the parameter of Option-passin, which is in the same format as the parameter of Option-passout. For details, refer to "PASS_PHRASE_ARGUMENTS" in OpenSSL official documentation.

The commands in the typical example in this section can be transformed as follows using option-passin:

Openssl rsa-inCA. key-out CA. key-PassinPass: 1314

We do not recommend that you directly specify the decryption password in the Command based on the considerations of the same option-passout.

[3] actual features of rsa subcommands

The rsa sub-command function should be the management of RSA keys. In addition to the encryption protection used here, it can also be used to change the encryption and decryption password and the encryption and decryption algorithm [DES, Triple DES, IDEA (as mentioned in the official documentation, however, some versions do not seem to be supported, such as those I installed), AES (not mentioned in the official documentation, I installed version Support)], and changing the key file encoding method.

2.3 generate a private key file for the application certificate/intermediate Certificate

Typical examples: Openssl genrsa-OutApp. key2048

[1] explanation of Command Options and Parameters

In the example, the meanings of each option/parameter are as follows:

Genrsa uses the openssl genrsa sub-command-out app. key indicates that the generated private key information is output to the file, and the file name is app. key [do not omit] 2048 specify the bit length of the generated private key [Be sure to put it in the last one]

If option-out is omitted, openssl does not output the generated private key information in the form of a file, but directly prints the private key information to the screen by default, this does not meet our requirements. Therefore, we recommend that you do not omit this option!

The genrsa sub-command can also have other options and parameters. However, no matter how many options are available, you must put the parameter with the specified private key length at the end. [If the length of the specified private key is not the last one, the subsequent parameter may be discarded .]

[2] encryption and Protection of Private Key Files

The commands provided in the typical examples in this section generate private key files without any encryption. This method is convenient to use, but is very insecure. If you want to add encryption protection to the private key file, there are two methods:

A. Use an encryption algorithm to encrypt and protect the output when generating A private key file;

B. Generate a plaintext private key file and use the rsa sub-command to append the encryption protection of an encryption algorithm.

The openssl version installed on my computer supports these encryption algorithm options in two ways:-des,-des3,-aes128,-aes192,-aes256. Take the 192-bit AES algorithm for encryption as an example. The command is as follows:

// When generating the private key file, specify the 192-bit AES algorithm before output to protect openssl genrsa-aes192-out app. key 1024 // generate the private key file in plaintext, and use the rsa sub-command to append the 192-bit AES algorithm for encryption to protect openssl rsa-aes192-in app. key-out app. key

The two commands in the preceding example require that you enter the encryption password during running. Similarly, though not recommended, openssl supports specifying an encryption password using option-passout in the command. For the usage of Option-passout, see section 2.1. The only note is that for the genrsa sub-command, option-passout should be placed before the parameter of the specified key length. 2.4 generate the csr file [certificate request file] For the application certificate/intermediate Certificate]

Typical examples: Openssl req-KeyApp. key-OutApp. csr

[1] explanation of Command Options and Parameters

In the example, the meanings of each option/parameter are as follows:

Req uses the req sub-command of openssl-new to generate a new certificate request-key app. key is specified as app. the private key in the key file generates the certificate request-out app. csr specifies to output the information of the generated certificate request to the file, and the file name is app. csr

This is the same as the sub-command of openssl used in section 2.1. Therefore, parameters have many common meanings. Some DN field values are required during command execution. For more information, see section 2.1 [3. Similarly, you can use the-subj option to directly specify the values of these DN fields in the command. 2.5 sign the csr file to generate an application certificate/intermediate Certificate

Typical examples: Openssl ca-InApp. csr-OutApp. crt-CertCA. crt-KeyfileCA. key-Days1826-PolicyPolicy_anything

[1] explanation of Command Options and Parameters

In the example, the meanings of each option/parameter are as follows:

Ca uses the ca sub-command-in app of openssl. csr specifies the CSR file of the certificate to be issued as app. csr-out app. crt specifies to output the information of the issued certificate to the file, and the file name is app. crt [do not omit]-cert CA. crt specifies that the CA's public key certificate signed by the application/intermediate certificate is CA. crt [information of the holder who uses the CA certificate]-keyfile CA. key is the private key file of the CA signed by the application/intermediate certificate. key [use the CA private key to actually execute the signature]-days 1826 specifies that the certificate to be issued is valid for 1826 days (5 years)-policy policy_anything specifies that the issuance policy is policy_anything [that is, no matching policy is allowed between the registrant information of the issued certificate and the issuer information]

If option-out is omitted, openssl does not output the generated application certificate/intermediate certificate information in the form of a file, but directly prints the certificate information to the screen by default, this generally does not meet our requirements. Therefore, we recommend that you do not omit this option! [2] issuing policies

Wait for the next Supplement. See this article first, http://hi.baidu.com/mars208/item/3b3022ec95a9d704570f1d49

[3] about issuing intermediate certificates (level 2/Level 3 CA, sub CA)

Wait for the next Supplement. See this article first, http://blog.chinaunix.net/uid-311680-id-2973653.html

Iii. FAQs and Solutions

Wait for the next Supplement.

Iv. Main references

The main sources of information are as follows:

OpenSSL programming (by Zhao chunping) [A rare Chinese document, not published]

OpenSSL official document --- OpenSSL command

Interactive encyclopedia --- SSL

Some previous blog posts have also helped me quickly locate problems, as shown below:

Kubernetes-rusty, CA summary on using Openssl, describes how to create directories and files in advance to successfully run the preceding commands.

Baidu space-mars208, "using openssl to create CA", mentioned the issue of issuing policies

ChinaUnix-ehyyngp, using openssl to issue certificates, mentioned the issue of issuing intermediate certificates