idnits 2.17.1 draft-moskowitz-ecdsa-pki-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (September 7, 2017) is 2415 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Informational ---------------------------------------------------------------------------- -- Obsolete informational reference (is this intentional?): RFC 2818 (Obsoleted by RFC 9110) Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 wg TBD R. Moskowitz 3 Internet-Draft Huawei 4 Intended status: Informational H. Birkholz 5 Expires: March 11, 2018 Fraunhofer SIT 6 L. Xia 7 Huawei 8 September 7, 2017 10 Guide for building an ECC pki 11 draft-moskowitz-ecdsa-pki-01 13 Abstract 15 This memo provides a guide for building a PKI (Public Key 16 Infrastructure) using openSSL. All certificates in this guide are 17 ECDSA, P-256, with SHA256 certificates. Along with common End Entity 18 certificates, this guide provides instructions for creating IEEE 19 802.1AR iDevID Secure Device certificates. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at http://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on March 11, 2018. 38 Copyright Notice 40 Copyright (c) 2017 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (http://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 56 2. Terms and Definitions . . . . . . . . . . . . . . . . . . . . 3 57 2.1. Requirements Terminology . . . . . . . . . . . . . . . . 3 58 2.2. Notations . . . . . . . . . . . . . . . . . . . . . . . . 3 59 2.3. Definitions . . . . . . . . . . . . . . . . . . . . . . . 3 60 3. The Basic PKI feature set . . . . . . . . . . . . . . . . . . 4 61 4. Getting started and the Root level . . . . . . . . . . . . . 4 62 4.1. Setting up the Environment . . . . . . . . . . . . . . . 5 63 4.2. Create the Root Certificate . . . . . . . . . . . . . . . 6 64 5. The Intermediate level . . . . . . . . . . . . . . . . . . . 7 65 5.1. Setting up the Intermediate Certificate Environment . . . 7 66 5.2. Create the Intermediate Certificate . . . . . . . . . . . 7 67 5.3. Create a Server EE Certificate . . . . . . . . . . . . . 9 68 5.4. Create a Client EE Certificate . . . . . . . . . . . . . 9 69 6. The 802.1AR Intermediate level . . . . . . . . . . . . . . . 10 70 6.1. Setting up the 802.1AR Intermediate Certificate 71 Environment . . . . . . . . . . . . . . . . . . . . . . . 10 72 6.2. Create the 802.1AR Intermediate Certificate . . . . . . . 11 73 6.3. Create an 802.1AR iDevID Certificate . . . . . . . . . . 13 74 7. Setting up a CRL for an Intermediate CA . . . . . . . . . . . 14 75 7.1. Create (or recreate) the CRL . . . . . . . . . . . . . . 14 76 7.2. Revoke a Certificate . . . . . . . . . . . . . . . . . . 14 77 8. Setting up OCSP for an Intermediate CA . . . . . . . . . . . 15 78 8.1. Create the OCSP Certificate . . . . . . . . . . . . . . . 15 79 8.2. Revoke a Certificate . . . . . . . . . . . . . . . . . . 17 80 8.3. Testing OCSP with Openssl . . . . . . . . . . . . . . . . 17 81 9. Footnotes . . . . . . . . . . . . . . . . . . . . . . . . . . 17 82 9.1. Certificate Serial Number . . . . . . . . . . . . . . . . 18 83 9.2. Some OpenSSL config file limitations . . . . . . . . . . 18 84 9.3. subjectAltName support, or lack thereof . . . . . . . . . 19 85 9.4. DER support, or lack thereof . . . . . . . . . . . . . . 19 86 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 20 87 11. Security Considerations . . . . . . . . . . . . . . . . . . . 20 88 11.1. Adequate Randomness . . . . . . . . . . . . . . . . . . 20 89 11.2. Key pair Theft . . . . . . . . . . . . . . . . . . . . . 20 90 12. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 20 91 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 21 92 13.1. Normative References . . . . . . . . . . . . . . . . . . 21 93 13.2. Informative References . . . . . . . . . . . . . . . . . 21 94 Appendix A. OpenSSL config files . . . . . . . . . . . . . . . . 21 95 A.1. OpenSSL Root config file . . . . . . . . . . . . . . . . 21 96 A.2. OpenSSL Intermediate config file . . . . . . . . . . . . 24 97 A.3. OpenSSL 802.1AR Intermediate config file . . . . . . . . 27 98 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 30 100 1. Introduction 102 The IETF has a plethora of security solutions targeted at IoT. Yet 103 all too many IoT products are deployed with no or improperly 104 configured security. In particular resource constrained IoT devices 105 and non-IP IoT networks have not been well served in the IETF. 107 Additionally, more IETF (e.g. DOTS, NETCONF) efforts are requiring 108 secure identities, but are vague on the nature of these identities 109 other than to recommend use of X.509 digital certificates and perhaps 110 TLS. 112 This effort provides the steps, using the openSSL application, to 113 create such a PKI of ECDSA certificates. The goal is that any 114 developer or tester can follow these steps, create the basic objects 115 needed and establish the validity of the standard/program design. 116 This guide can even be used to create a production PKi, though 117 additional steps need to be taken. This could be very useful to a 118 small vendor needing to include 802.1AR [IEEE.802.1AR_2009] iDevIDs 119 in their product. 121 This guide was tested with openSSL 1.1.0f on Fedora 26 and creates 122 PEM-based certificates. DER based certificates fails (see 123 Section 9.4). 125 2. Terms and Definitions 127 2.1. Requirements Terminology 129 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 130 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 131 document are to be interpreted as described in RFC 2119 [RFC2119]. 133 2.2. Notations 135 This section will contain notations 137 2.3. Definitions 139 TBD 141 3. The Basic PKI feature set 143 A basic pki has two levels of hierarchy: Root and Intermediate. The 144 Root level has the greatest risk, and is the least used. It only 145 signs the Intermediate level signing certificate. As such, once the 146 Root level is created and signs the Intermediate level certificate it 147 can be locked up. In fact, the Root level could exist completely on 148 a mSD boot card for an ARM small computer like a RaspberryPi. A copy 149 of this card came be made and securely stored in a different 150 location. 152 The Root level contains the Root certificate private key, a database 153 of all signed certificates, and the public certificate. It can also 154 contain the Intermediate level public certificate and a Root level 155 CRL. 157 The Intermediate level contains the Intermediate certificate private 158 key, the public certificate, a database of all signed certificates, 159 the certificate trust chain, and Intermediate level CRL. It can also 160 contain the End Entity public certificates. The private key file 161 needs to be keep securely. For example as with the Root level, a mSD 162 image for an ARM computer could contain the complete Intermediate 163 level. This image is kept offline. The End Entity CSR is copied to 164 it, signed, and then the signed certificate and updated database are 165 moved to the public image that lacks the private key. 167 For a simple test pki, all files can be kept on a single system that 168 is managed by the tester. 170 End Entities create a key pair and a Certificate Signing Request 171 (CSR). The private key is stored securely. The CSR is delivered to 172 the Intermediate level which uses the CSR to create the End Entity 173 certificate. This certificate, along with the trust chain back to 174 the root, is then returned to the End Entity. 176 There is more to a pki, but this suffices for most development and 177 testing needs. 179 4. Getting started and the Root level 181 This guide was developed on a Fedora 26 armv7hl system (Cubieboard2 182 SoC). It should work on most Linux and similar systems. All work 183 was done in a terminal window with extensive "cutting and pasting" 184 from a draft guide into the terminal window. Users of this guide may 185 find different behaviors based on their system. 187 4.1. Setting up the Environment 189 The first step is to create the pki environment. Modify the 190 variables to suit your needs. 192 export dir=/root/ca 193 export cadir=/root/ca 194 export format=pem 195 mkdir $dir 196 cd $dir 197 mkdir certs crl csr newcerts private 198 chmod 700 private 199 touch index.txt 200 touch serial 201 sn=8 203 countryName="/C=US" 204 stateOrProvinceName="/ST=MI" 205 localityName="/L=Oak Park" 206 organizationName="/O=HTT Consulting" 207 #organizationalUnitName="/OU=" 208 organizationalUnitName= 209 commonName="/CN=Root CA" 210 DN=$countryName$stateOrProvinceName$localityName 211 DN=$DN$organizationName$organizationalUnitName$commonName 212 echo $DN 213 export subjectAltName=email:postmaster@htt-consult.com 215 Where: 217 dir 218 Directory for certificate files 220 cadir 221 Directory for Root certificate files 223 Format 224 File encoding: PEM or DER 225 At this time only PEM works 227 sn 228 Serial Number length in bytes 229 For a public CA the range is 8 to 19 231 The Serial Number length for a public pki ranges from 8 to 19 bytes. 232 The use of 19 rather than 20 is to accommodate the hex representation 233 of the Serial Number. If it has a one in the high order bit, DER 234 encoding rules will place a 0x00 in front. 236 The DN and SAN fields are examples. Change them to appropriate 237 values. If you leave one blank, it will be left out of the 238 Certificate. "OU" above is an example of an empty DN object. 240 Create the file, $dir/openssl-root.cnf from the contents in 241 Appendix A.1. 243 4.2. Create the Root Certificate 245 Next are the openssl commands to create the Root certificate keypair, 246 and the Root certificate. Included are commands to view the file 247 contents. 249 # Create passworded keypair file 251 openssl genpkey -aes256 -algorithm ec\ 252 -pkeyopt ec_paramgen_curve:prime256v1\ 253 -outform $format -pkeyopt ec_param_enc:named_curve\ 254 -out $dir/private/ca.key.$format 255 chmod 400 $dir/private/ca.key.$format 256 openssl pkey -inform $format -in private/ca.key.$format -text -noout 258 # Create Self-signed Root Certificate file 259 # 7300 days = 20 years; Intermediate CA is 10 years. 261 openssl req -config $dir/openssl-root.cnf\ 262 -set_serial 0x$(openssl rand -hex $sn)\ 263 -keyform $format -outform $format\ 264 -key $dir/private/ca.key.$format -subj "$DN"\ 265 -new -x509 -days 7300 -sha256 -extensions v3_ca\ 266 -out $dir/certs/ca.cert.$format 268 # 270 openssl x509 -inform $format -in $dir/certs/ca.cert.$format\ 271 -text -noout 272 openssl x509 -purpose -inform $format\ 273 -in $dir/certs/ca.cert.$format -inform $format 275 5. The Intermediate level 277 5.1. Setting up the Intermediate Certificate Environment 279 The next part is to create the Intermediate pki environment. Modify 280 the variables to suit your needs. In particular, set the variables 281 for CRL and/or OCSP support. 283 export dir=$cadir/intermediate 284 mkdir $dir 285 cd $dir 286 mkdir certs crl csr newcerts private 287 chmod 700 private 288 touch index.txt 289 sn=8 # hex 8 is minimum, 19 is maximum 290 echo 1000 > $dir/crlnumber 292 # cd $dir 293 export crlDP= 294 # For CRL support use uncomment these: 295 #crl=intermediate.crl.pem 296 #crlurl=www.htt-consult.com/pki/$crl 297 #export crlDP="URI:http://$crlurl" 298 export default_crl_days=30 299 export ocspIAI= 300 # For OCSP support use uncomment these: 301 #ocspurl=ocsp.htt-consult.com 302 #export ocspIAI="OCSP;URI:http://$ocspurl" 304 commonName="/CN=Signing CA" 305 DN=$countryName$stateOrProvinceName$localityName$organizationName 306 DN=$DN$organizationalUnitName$commonName 307 echo $DN 309 Create the file, $dir/openssl-intermediate.cnf from the contents in 310 Appendix A.2. 312 5.2. Create the Intermediate Certificate 314 Here are the openssl commands to create the Intermediate certificate 315 keypair, Intermediate certificate signed request (CSR), and the 316 Intermediate certificate. Included are commands to view the file 317 contents. 319 # Create passworded keypair file 321 openssl genpkey -aes256 -algorithm ec\ 322 -pkeyopt ec_paramgen_curve:prime256v1 \ 323 -outform $format -pkeyopt ec_param_enc:named_curve\ 324 -out $dir/private/intermediate.key.$format 325 chmod 400 $dir/private/intermediate.key.$format 326 openssl pkey -inform $format\ 327 -in $dir/private/intermediate.key.$format -text -noout 329 # Create the CSR 331 openssl req -config $cadir/openssl-root.cnf\ 332 -key $dir/private/intermediate.key.$format \ 333 -keyform $format -outform $format -subj "$DN" -new -sha256\ 334 -out $dir/csr/intermediate.csr.$format 335 openssl req -text -noout -verify -inform $format\ 336 -in $dir/csr/intermediate.csr.$format 338 # Create Intermediate Certificate file 340 openssl rand -hex $sn > $dir/serial # hex 8 is minimum, 19 is maximum 341 # Note 'openssl ca' does not support DER format 342 openssl ca -config $cadir/openssl-root.cnf -days 3650\ 343 -extensions v3_intermediate_ca -notext -md sha256 \ 344 -in $dir/csr/intermediate.csr.$format\ 345 -out $dir/certs/intermediate.cert.pem 347 chmod 444 $dir/certs/intermediate.cert.$format 349 openssl verify -CAfile $cadir/certs/ca.cert.$format\ 350 $dir/certs/intermediate.cert.$format 352 openssl x509 -noout -text -in $dir/certs/intermediate.cert.$format 354 # Create the certificate chain file 356 cat $dir/certs/intermediate.cert.$format\ 357 $cadir/certs/ca.cert.$format > $dir/certs/ca-chain.cert.$format 358 chmod 444 $dir/certs/ca-chain.cert.$format 360 5.3. Create a Server EE Certificate 362 Here are the openssl commands to create a Server End Entity 363 certificate keypair, Server certificate signed request (CSR), and the 364 Server certificate. Included are commands to view the file contents. 366 commonName= 367 DN=$countryName$stateOrProvinceName$localityName 368 DN=$DN$organizationName$organizationalUnitName$commonName 369 echo $DN 370 serverfqdn=www.example.com 371 emailaddr=postmaster@htt-consult.com 372 export subjectAltName="DNS:$serverfqdn, email:$emailaddr" 373 echo $subjectAltName 374 openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:prime256v1\ 375 -pkeyopt ec_param_enc:named_curve\ 376 -out $dir/private/$serverfqdn.key.$format 377 chmod 400 $dir/private/$serverfqdn.$format 378 openssl pkey -in $dir/private/$serverfqdn.key.$format -text -noout 379 openssl req -config $dir/openssl-intermediate.cnf\ 380 -key $dir/private/$serverfqdn.key.$format \ 381 -subj "$DN" -new -sha256 -out $dir/csr/$serverfqdn.csr.$format 383 openssl req -text -noout -verify -in $dir/csr/$serverfqdn.csr.$format 385 openssl rand -hex $sn > $dir/serial # hex 8 is minimum, 19 is maximum 386 # Note 'openssl ca' does not support DER format 387 openssl ca -config $dir/openssl-intermediate.cnf -days 375\ 388 -extensions server_cert -notext -md sha256 \ 389 -in $dir/csr/$serverfqdn.csr.$format\ 390 -out $dir/certs/$serverfqdn.cert.$format 391 chmod 444 $dir/certs/$serverfqdn.cert.$format 393 openssl verify -CAfile $dir/certs/ca-chain.cert.$format\ 394 $dir/certs/$serverfqdn.cert.$format 395 openssl x509 -noout -text -in $dir/certs/$serverfqdn.cert.$format 397 5.4. Create a Client EE Certificate 399 Here are the openssl commands to create a Client End Entity 400 certificate keypair, Client certificate signed request (CSR), and the 401 Client certificate. Included are commands to view the file contents. 403 commonName= 404 UserID="/UID=rgm" 405 DN=$countryName$stateOrProvinceName$localityName 406 DN=$DN$organizationName$organizationalUnitName$commonName$UserID 407 echo $DN 408 clientemail=rgm@example.com 409 export subjectAltName="email:$clientemail" 410 echo $subjectAltName 411 openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:prime256v1\ 412 -pkeyopt ec_param_enc:named_curve\ 413 -out $dir/private/$clientemail.key.$format 414 chmod 400 $dir/private/$clientemail.$format 415 openssl pkey -in $dir/private/$clientemail.key.$format -text -noout 416 openssl req -config $dir/openssl-intermediate.cnf\ 417 -key $dir/private/$clientemail.key.$format \ 418 -subj "$DN" -new -sha256 -out $dir/csr/$clientemail.csr.$format 420 openssl req -text -noout -verify\ 421 -in $dir/csr/$clientemail.csr.$format 423 openssl rand -hex $sn > $dir/serial # hex 8 is minimum, 19 is maximum 424 # Note 'openssl ca' does not support DER format 425 openssl ca -config $dir/openssl-intermediate.cnf -days 375\ 426 -extensions usr_cert -notext -md sha256 \ 427 -in $dir/csr/$clientemail.csr.$format\ 428 -out $dir/certs/$clientemail.cert.$format 429 chmod 444 $dir/certs/$clientemail.cert.$format 431 openssl verify -CAfile $dir/certs/ca-chain.cert.$format\ 432 $dir/certs/$clientemail.cert.$format 433 openssl x509 -noout -text -in $dir/certs/$clientemail.cert.$format 435 6. The 802.1AR Intermediate level 437 6.1. Setting up the 802.1AR Intermediate Certificate Environment 439 The next part is to create the 802.1AR Intermediate pki environment. 440 This is very similar to the Intermediate pki environment. Modify the 441 variables to suit your needs. 443 export dir=$cadir/8021ARintermediate 444 mkdir $dir 445 cd $dir 446 mkdir certs crl csr newcerts private 447 chmod 700 private 448 touch index.txt 449 sn=8 # hex 8 is minimum, 19 is maximum 450 echo 1000 > $dir/crlnumber 452 # cd $dir 453 export crlDP= 454 # For CRL support use uncomment these: 455 #crl=8021ARintermediate.crl.pem 456 #crlurl=www.htt-consult.com/pki/$crl 457 #export crlDP="URI:http://$crlurl" 458 export default_crl_days=30 459 export ocspIAI= 460 # For OCSP support use uncomment these: 461 #ocspurl=ocsp.htt-consult.com 462 #export ocspIAI="OCSP;URI:http://$ocspurl" 464 countryName="/C=US" 465 stateOrProvinceName="/ST=MI" 466 localityName="/L=Oak Park" 467 organizationName="/O=HTT Consulting" 468 organizationalUnitName="/OU=Devices" 469 #organizationalUnitName= 470 commonName="/CN=802.1AR CA" 471 DN=$countryName$stateOrProvinceName$localityName$organizationName 472 DN=$DN$organizationalUnitName$commonName 473 echo $DN 474 export subjectAltName=email:postmaster@htt-consult.com 475 echo $subjectAltName 477 Create the file, $dir/openssl-8021ARintermediate.cnf from the 478 contents in Appendix A.3. 480 6.2. Create the 802.1AR Intermediate Certificate 482 Here are the openssl commands to create the 802.1AR Intermediate 483 certificate keypair, 802.1AR Intermediate certificate signed request 484 (CSR), and the 802.1AR Intermediate certificate. Included are 485 commands to view the file contents. 487 # Create passworded keypair file 489 openssl genpkey -aes256 -algorithm ec\ 490 -pkeyopt ec_paramgen_curve:prime256v1 \ 491 -outform $format -pkeyopt ec_param_enc:named_curve\ 492 -out $dir/private/8021ARintermediate.key.$format 493 chmod 400 $dir/private/8021ARintermediate.key.$format 494 openssl pkey -inform $format\ 495 -in $dir/private/8021ARintermediate.key.$format -text -noout 497 # Create the CSR 499 openssl req -config $cadir/openssl-root.cnf\ 500 -key $dir/private/8021ARintermediate.key.$format \ 501 -keyform $format -outform $format -subj "$DN" -new -sha256\ 502 -out $dir/csr/8021ARintermediate.csr.$format 503 openssl req -text -noout -verify -inform $format\ 504 -in $dir/csr/8021ARintermediate.csr.$format 506 # Create 802.1AR Intermediate Certificate file 507 # The following does NOT work for DER 509 openssl rand -hex $sn > $dir/serial # hex 8 is minimum, 19 is maximum 510 # Note 'openssl ca' does not support DER format 511 openssl ca -config $cadir/openssl-root.cnf -days 3650\ 512 -extensions v3_intermediate_ca -notext -md sha256\ 513 -in $dir/csr/8021ARintermediate.csr.$format\ 514 -out $dir/certs/8021ARintermediate.cert.pem 516 chmod 444 $dir/certs/8021ARintermediate.cert.$format 518 openssl verify -CAfile $cadir/certs/ca.cert.$format\ 519 $dir/certs/8021ARintermediate.cert.$format 521 openssl x509 -noout -text\ 522 -in $dir/certs/8021ARintermediate.cert.$format 524 # Create the certificate chain file 526 cat $dir/certs/8021ARintermediate.cert.$format\ 527 $cadir/certs/ca.cert.$format > $dir/certs/ca-chain.cert.$format 528 chmod 444 $dir/certs/ca-chain.cert.$format 530 6.3. Create an 802.1AR iDevID Certificate 532 Here are the openssl commands to create a 802.1AR iDevID certificate 533 keypair, iDevID certificate signed request (CSR), and the iDevID 534 certificate. Included are commands to view the file contents. 536 DevID=Wt1234 537 countryName= 538 stateOrProvinceName= 539 localityName= 540 organizationName="/O=HTT Consulting" 541 organizationalUnitName="/OU=Devices" 542 commonName= 543 serialNumber="/serialNumber=$DevID" 544 DN=$countryName$stateOrProvinceName$localityName 545 DN=$DN$organizationName$organizationalUnitName$commonName 546 DN=$DN$serialNumber 547 echo $DN 549 # hwType is OID for HTT Consulting, devices, sensor widgets 550 export hwType=1.3.6.1.4.1.6715.10.1 551 export hwSerialNum=01020304 # Some hex 552 export subjectAltName="otherName:1.3.6.1.5.5.7.8.4;SEQ:hmodname" 553 echo $hwType - $hwSerialNum 555 openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:prime256v1\ 556 -pkeyopt ec_param_enc:named_curve\ 557 -out $dir/private/$DevID.key.$format 558 chmod 400 $dir/private/$DevID.$format 559 openssl pkey -in $dir/private/$DevID.key.$format -text -noout 560 openssl req -config $dir/openssl-8021ARintermediate.cnf\ 561 -key $dir/private/$DevID.key.$format \ 562 -subj "$DN" -new -sha256 -out $dir/csr/$DevID.csr.$format 564 openssl req -text -noout -verify\ 565 -in $dir/csr/$DevID.csr.$format 566 openssl asn1parse -i -in $dir/csr/$DevID.csr.pem 567 # offset of start of hardwareModuleName and use that in place of 189 568 openssl asn1parse -i -strparse 189 -in $dir/csr/$DevID.csr.pem 570 openssl rand -hex $sn > $dir/serial # hex 8 is minimum, 19 is maximum 571 # Note 'openssl ca' does not support DER format 572 openssl ca -config $dir/openssl-8021ARintermediate.cnf -days 375\ 573 -extensions 8021ar_idevid -notext -md sha256 \ 574 -in $dir/csr/$DevID.csr.$format\ 575 -out $dir/certs/$DevID.cert.$format 576 chmod 444 $dir/certs/$DevID.cert.$format 577 openssl verify -CAfile $dir/certs/ca-chain.cert.$format\ 578 $dir/certs/$DevID.cert.$format 579 openssl x509 -noout -text -in $dir/certs/$DevID.cert.$format 580 openssl asn1parse -i -in $dir/certs/$DevID.cert.pem 582 # offset of start of hardwareModuleName and use that in place of 493 583 openssl asn1parse -i -strparse 493 -in $dir/certs/$DevID.cert.pem 585 7. Setting up a CRL for an Intermediate CA 587 This part provides CRL support to an Intermediate CA. In this memo 588 it applies to both Intermediate CAs. Set the crlDistributionPoints 589 as provided via the environment variables. 591 7.1. Create (or recreate) the CRL 593 It is simple to create the CRL. The CRL consists of the certificates 594 flagged with an R (Revoked) in index.txt: 596 # Select which Intermediate level 597 intermediate=intermediate 598 #intermediate=8021ARintermediate 600 # Create CRL file 601 openssl ca -config $dir/openssl-$intermediate.cnf \ 602 -gencrl -out $dir/crl/$crl 603 chmod 444 $dir/crl/$crl 605 openssl crl -in $dir/crl/$crl -noout -text 607 7.2. Revoke a Certificate 609 Revoking a certificate is a two step process. First identify the 610 target certificate. Revoke it then publish a new CRL. 612 targetcert=fqdn 613 #targetcert=clientemail 614 #targetcert=DevID 616 openssl ca -config $dir/openssl-$intermediate.cnf\ 617 -revoke $dir/certs/$targetcert.cert.$format 619 Recreate the CRL using Section 7.1. 621 8. Setting up OCSP for an Intermediate CA 623 This part provides OCSP support to an Intermediate CA. In this memo 624 it applies to both Intermediate CAs. Set the authorityInfoAccess as 625 provided via the environment variables. 627 8.1. Create the OCSP Certificate 629 OCSP needs a signing certificate. This certificate must be signed by 630 the CA that signed the certificate being checked. The steps to 631 create this certificate is the similar to a Server certificate for 632 the CA: 634 # Select which Intermediate level 635 intermediate=intermediate 636 #intermediate=8021AR 637 # Optionally, password encrypt key pair 638 encryptkey= 639 #encryptkey=-aes256 641 # Create the key pair in Intermediate level $intermediate 642 cd $dir 643 openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:prime256v1\ 644 $encryptkey -pkeyopt ec_param_enc:named_curve\ 645 -out $dir/private/$ocspurl.key.$format 646 chmod 400 $dir/private/$ocspurl.$format 647 openssl pkey -in $dir/private/$ocspurl.key.$format -text -noout 649 # Create CSR 650 commonName= 651 DN=$countryName$stateOrProvinceName$localityName 652 DN=$DN$organizationName$organizationalUnitName$commonName 653 echo $DN 654 emailaddr=postmaster@htt-consult.com 655 export subjectAltName="DNS:$ocspurl, email:$emailaddr" 656 echo $subjectAltName 657 openssl req -config $dir/openssl-$intermediate.cnf\ 658 -key $dir/private/$ocspurl.key.$format \ 659 -subj "$DN" -new -sha256 -out $dir/csr/$ocspurl.csr.$format 661 openssl req -text -noout -verify -in $dir/csr/$ocspurl.csr.$format 663 # Create Certificate 665 openssl rand -hex $sn > $dir/serial # hex 8 is minimum, 19 is maximum 666 # Note 'openssl ca' does not support DER format 667 openssl ca -config $dir/openssl-$intermediate.cnf -days 375\ 668 -extensions ocsp -notext -md sha256 \ 669 -in $dir/csr/$ocspurl.csr.$format\ 670 -out $dir/certs/$ocspurl.cert.$format 671 chmod 444 $dir/certs/$ocspurl.cert.$format 673 openssl verify -CAfile $dir/certs/ca-chain.cert.$format\ 674 $dir/certs/$ocspurl.cert.$format 675 openssl x509 -noout -text -in $dir/certs/$ocspurl.cert.$format 677 8.2. Revoke a Certificate 679 Revoke the certificate as in Section 7.2. The OCSP responder SHOULD 680 detect the flag change in index.txt and, when queried respond 681 appropriately. 683 8.3. Testing OCSP with Openssl 685 OpenSSL provides a simple OCSP service that can be used to test the 686 OCSP certificate and revocation process (Note that this only reads 687 the index.txt to get the certificate status at startup). 689 In a terminal window run: 691 openssl ocsp -port 2560 -text -rmd sha256\ 692 -index $dir/index.txt \ 693 -CA $dir/certs/ca-chain.cert.pem \ 694 -rkey $dir/private/$ocspurl.key.pem \ 695 -rsigner $dir/certs/$ocspurl.cert.pem \ 696 -nrequest 1 698 In another window, test out a certificate status with: 700 targetcert=fqdn 701 #targetcert=clientemail 702 #targetcert=DevID 704 openssl ocsp -CAfile $dir/certs/ca-chain.cert.pem \ 705 -url http://127.0.0.1:2560 -resp_text \ 706 -issuer $dir/certs/$intermediate.cert.pem \ 707 -cert $dir/certs/$targetcert.cert.pem 709 Revoke the certificate, Section 7.2, restart the test Responder again 710 as above, then check the certificate status. 712 9. Footnotes 714 Creating this document was a real education in the state of openSSL, 715 X.509 certificate guidance, and just general level of certificate 716 awareness. Here are a few short notes. 718 9.1. Certificate Serial Number 720 The certificate serial number's role is to provide yet another way to 721 maintain uniqueness of certificates within a pki as well as a way to 722 index them in a data store. It has taken on other roles, most 723 notably as a defense. 725 The CABForum guideline for a public CA is for the serial number to be 726 a random number at least 8 octets long and no longer than 20 bytes. 727 By default, openssl makes self-signed certificates with 8 octet 728 serial numbers. This guide uses openssl's RAND function to generate 729 the random value and pipe it into the -set_serial option. This 730 number MAY have the first bit as a ONE; the DER encoding rules 731 prepend such numbers with 0x00. Thus the limit of '19' for the 732 variable 'ns'. 734 A private CA need not follow the CABForum rules and can use anything 735 number for the serial number. For example, the root CA (which has no 736 security risks mitigated by using a random value) could use '1' as 737 its serial number. Intermediate and End Entity certificate serial 738 numbers can also be of any value if a strong hash, like SHA256 used 739 here. A value of 4 for ns would provide a sufficient population so 740 that a CA of 10,000 EE certificates will have only a 1.2% probability 741 of a collision. For only 1,000 certificates the probability drops to 742 0.012%. 744 The following was proposed on the openssl-user list as an alternative 745 to using the RAND function: 747 Keep k bits (k/8 octets) long serial numbers for all your 748 certificates, chose a block cipher operating on blocks of k bits, and 749 operate this block cipher in CTR mode, with a proper secret key and 750 secret starting counter. That way, no collision detection is 751 necessary, you'll be able to generate 2^(k/2) unique k bits longs 752 serial numbers (in fact, you can generate 2^k unique serial numbers, 753 but after 2^(k/2) you lose some security guarantees). 755 With 3DES, k=64, and with AES, k=128. 757 9.2. Some OpenSSL config file limitations 759 There is a bit of inconsistency in how different parts and fields in 760 the config file are used. Environment variables can only be used as 761 values. Some fields can have null values, others cannot. The lack 762 of allowing null fields means a script cannot feed in an environment 763 variable with value null. In such a case, the field has to be 764 removed from the config file. 766 The expectation is each CA within a PKI has its own config file, 767 customized to the certificates supported by that CA. 769 9.3. subjectAltName support, or lack thereof 771 There is no direct openssl command line option to provide a 772 subjectAltName for a certificate. This is a serious limitation. Per 773 RFC 2818 [RFC2818] SAN is the object for providing email addresses 774 and DNS addresses (FQDN), yet the common practice has been to use the 775 commonName object within the distinguishedName object. How much of 776 this is due to the difficulty in creating certificates with a SAN? 778 Thus the only way to provide a SAN is through the config file. And 779 there are two approaches. This document uses an environment variable 780 to provide the SAN value into the config file. Another approach is 781 to use piping as in: 783 openssl req -new -sha256 -key domain.key\ 784 -subj "/C=US/ST=CA/O=Acme, Inc./CN=foo.com" -reqexts SAN\ 785 -config <(cat /etc/ssl/openssl.cnf\ 786 <(printf "[SAN]\nsubjectAltName=DNS:foo.com,DNS:www.foo.com"))\ 787 -out domain.csr 789 9.4. DER support, or lack thereof 791 The long, hard-fought battle with openssl to create a full DER pki 792 failed. The is no facility to create a DER certificate from a DER 793 CSR. It just is not there in the 'openssl ca' command. Even the 794 'openssl x509 -req' command cannot do this for a simple certificate. 796 Further, there is no 'hack' for making a certificate chain as there 797 is with PEM. With PEM a simple concatenation of the certificates 798 create a usable certificate chain. For DER, some recommend using 799 PKCS#7 [RFC2315], where others point out that this format is poorly 800 support 'in the field', whereas PKCS#12 [RFC7292] works for them. 802 Finally, openssl does supports converting a PEM certificate to DER: 804 openssl x509 -outform der -in certificate.pem -out certificate.der 806 This should also work for the keypair. However, in a highly 807 constrained device it may make more sense to just store the raw 808 keypair in the device's very limited secure storage. 810 10. IANA Considerations 812 TBD. May be nothing for IANA. 814 11. Security Considerations 816 11.1. Adequate Randomness 818 Creating certificates takes a lot of random numbers. A good source 819 of random numbers is critical. Studies [WeakKeys] have found 820 excessive amount of certificates, all with the same keys due to bad 821 randomness on the generating systems. The amount of entropy 822 available for these random numbers can be tested. On Fedora/Centos 823 use: 825 cat /proc/sys/kernel/random/entropy_avail 827 If the value is low (below 1000) check your system's randomness 828 source. Is rng-tools installed? Consider adding an entropy 829 collection service like haveged from issihosts.com/haveged. 831 11.2. Key pair Theft 833 During the certificate creation, particularly during keypair 834 generation, the files are vulnerable to theft. This can be mitigate 835 using umask. Before using openssl, set umask: 837 restore_mask=$(umask -p) 838 umask 077 840 Afterwards, restore it with: 842 $restore_mask 844 12. Acknowledgments 846 This work was jump started by the excellent RSA pki guide by Jamie 847 Nguyen. The openssl-user mailing list, with its many supportive 848 experts; in particular: Rich Salz, Jakob Bolm, Viktor Dukhovni, and 849 Erwann Abalea, was of immense help as was the openssl man pages 850 website. 852 Finally, "Professor Google" was always ready to point to answers to 853 questions like: "openssl subjectAltName on the command line". And 854 the Professor, it seems, never tires of answering even trivial 855 questions. 857 13. References 859 13.1. Normative References 861 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 862 Requirement Levels", BCP 14, RFC 2119, 863 DOI 10.17487/RFC2119, March 1997, . 866 13.2. Informative References 868 [IEEE.802.1AR_2009] 869 IEEE, "IEEE Standard for Local and metropolitan area 870 networks - Secure Device Identity", IEEE 802.1AR-2009, 871 DOI 10.1109/ieeestd.2009.5367679, December 2009, 872 . 875 [RFC2315] Kaliski, B., "PKCS #7: Cryptographic Message Syntax 876 Version 1.5", RFC 2315, DOI 10.17487/RFC2315, March 1998, 877 . 879 [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, 880 DOI 10.17487/RFC2818, May 2000, . 883 [RFC7292] Moriarty, K., Ed., Nystrom, M., Parkinson, S., Rusch, A., 884 and M. Scott, "PKCS #12: Personal Information Exchange 885 Syntax v1.1", RFC 7292, DOI 10.17487/RFC7292, July 2014, 886 . 888 [WeakKeys] 889 Heninger, N., Durumeric, Z., Wustrow, E., and J. 890 Halderman, "Detection of Widespread Weak Keys in Network 891 Devices", July 2011, 892 . 895 Appendix A. OpenSSL config files 897 A.1. OpenSSL Root config file 899 The following is the openssl-root.cnf file contents 901 # OpenSSL root CA configuration file. 902 # Copy to `$dir/openssl.cnf`. 904 [ ca ] 905 # `man ca` 906 default_ca = CA_default 908 [ CA_default ] 909 # Directory and file locations. 910 dir = $ENV::dir 911 cadir = $ENV::cadir 912 format = $ENV::format 914 certs = $dir/certs 915 crl_dir = $dir/crl 916 new_certs_dir = $dir/newcerts 917 database = $dir/index.txt 918 serial = $dir/serial 919 RANDFILE = $dir/private/.rand 921 # The root key and root certificate. 922 private_key = $cadir/private/ca.key.$format 923 certificate = $cadir/certs/ca.cert.$format 925 # For certificate revocation lists. 926 crlnumber = $dir/crlnumber 927 crl = $dir/crl/ca.crl.pem 928 crl_extensions = crl_ext 929 default_crl_days = 30 931 # SHA-1 is deprecated, so use SHA-2 instead. 932 default_md = sha256 934 name_opt = ca_default 935 cert_opt = ca_default 936 default_days = 375 937 preserve = no 938 policy = policy_strict 939 copy_extensions = copy 941 [ policy_strict ] 942 # The root CA should only sign intermediate certificates that match. 943 # See the POLICY FORMAT section of `man ca`. 944 countryName = match 945 stateOrProvinceName = match 946 organizationName = match 947 organizationalUnitName = optional 948 commonName = optional 950 [ policy_loose ] 951 # Allow the intermediate CA to sign a more 952 # diverse range of certificates. 953 # See the POLICY FORMAT section of the `ca` man page. 954 countryName = optional 955 stateOrProvinceName = optional 956 localityName = optional 957 organizationName = optional 958 organizationalUnitName = optional 959 commonName = optional 961 [ req ] 962 # Options for the `req` tool (`man req`). 963 default_bits = 2048 964 distinguished_name = req_distinguished_name 965 string_mask = utf8only 966 req_extensions = req_ext 968 # SHA-1 is deprecated, so use SHA-2 instead. 969 default_md = sha256 971 # Extension to add when the -x509 option is used. 972 x509_extensions = v3_ca 974 [ req_distinguished_name ] 975 # See . 976 countryName = Country Name (2 letter code) 977 stateOrProvinceName = State or Province Name 978 localityName = Locality Name 979 0.organizationName = Organization Name 980 organizationalUnitName = Organizational Unit Name 981 commonName = Common Name 983 # Optionally, specify some defaults. 984 # countryName_default = US 985 # stateOrProvinceName_default = MI 986 # localityName_default = Oak Park 987 # 0.organizationName_default = HTT Consulting 988 # organizationalUnitName_default = 990 [ req_ext ] 991 subjectAltName = $ENV::subjectAltName 993 [ v3_ca ] 994 # Extensions for a typical CA (`man x509v3_config`). 995 subjectKeyIdentifier = hash 996 authorityKeyIdentifier = keyid:always,issuer 997 basicConstraints = critical, CA:true 998 # keyUsage = critical, digitalSignature, cRLSign, keyCertSign 999 keyUsage = critical, cRLSign, keyCertSign 1000 subjectAltName = $ENV::subjectAltName 1002 [ v3_intermediate_ca ] 1003 # Extensions for a typical intermediate CA (`man x509v3_config`). 1004 subjectKeyIdentifier = hash 1005 authorityKeyIdentifier = keyid:always,issuer 1006 basicConstraints = critical, CA:true, pathlen:0 1007 # keyUsage = critical, digitalSignature, cRLSign, keyCertSign 1008 keyUsage = critical, cRLSign, keyCertSign 1010 [ crl_ext ] 1011 # Extension for CRLs (`man x509v3_config`). 1012 authorityKeyIdentifier=keyid:always 1014 [ ocsp ] 1015 # Extension for OCSP signing certificates (`man ocsp`). 1016 basicConstraints = CA:FALSE 1017 subjectKeyIdentifier = hash 1018 authorityKeyIdentifier = keyid,issuer 1019 keyUsage = critical, digitalSignature 1020 extendedKeyUsage = critical, OCSPSigning 1022 A.2. OpenSSL Intermediate config file 1024 The following is the openssl-intermediate.cnf file contents. 1026 Remove the crlDistributionPoints to drop CRL support and 1027 authorityInfoAccess to drop OCSP support. 1029 # OpenSSL intermediate CA configuration file. 1030 # Copy to `$dir/intermediate/openssl.cnf`. 1032 [ ca ] 1033 # `man ca` 1034 default_ca = CA_default 1036 [ CA_default ] 1037 # Directory and file locations. 1038 dir = $ENV::dir 1039 cadir = $ENV::cadir 1040 format = $ENV::format 1042 certs = $dir/certs 1043 crl_dir = $dir/crl 1044 new_certs_dir = $dir/newcerts 1045 database = $dir/index.txt 1046 serial = $dir/serial 1047 RANDFILE = $dir/private/.rand 1049 # The Intermediate key and Intermediate certificate. 1050 private_key = $dir/private/intermediate.key.$format 1051 certificate = $dir/certs/intermediate.cert.$format 1053 # For certificate revocation lists. 1054 crlnumber = $dir/crlnumber 1055 crl = $dir/crl/intermediate.crl.pem 1056 crl_extensions = crl_ext 1057 default_crl_days = $ENV::default_crl_days 1059 # SHA-1 is deprecated, so use SHA-2 instead. 1060 default_md = sha256 1062 name_opt = ca_default 1063 cert_opt = ca_default 1064 default_days = 375 1065 preserve = no 1066 policy = policy_loose 1067 copy_extensions = copy 1069 [ policy_strict ] 1070 # The root CA should only sign intermediate certificates that match. 1071 # See the POLICY FORMAT section of `man ca`. 1072 countryName = match 1073 stateOrProvinceName = match 1074 organizationName = match 1075 organizationalUnitName = optional 1076 commonName = optional 1078 [ policy_loose ] 1079 # Allow the intermediate CA to sign a more 1080 # diverse range of certificates. 1081 # See the POLICY FORMAT section of the `ca` man page. 1082 countryName = optional 1083 stateOrProvinceName = optional 1084 localityName = optional 1085 organizationName = optional 1086 organizationalUnitName = optional 1087 commonName = optional 1088 UID = optional 1090 [ req ] 1091 # Options for the `req` tool (`man req`). 1092 default_bits = 2048 1093 distinguished_name = req_distinguished_name 1094 string_mask = utf8only 1095 req_extensions = req_ext 1097 # SHA-1 is deprecated, so use SHA-2 instead. 1098 default_md = sha256 1100 # Extension to add when the -x509 option is used. 1101 x509_extensions = v3_ca 1103 [ req_distinguished_name ] 1104 # See . 1105 countryName = Country Name (2 letter code) 1106 stateOrProvinceName = State or Province Name 1107 localityName = Locality Name 1108 0.organizationName = Organization Name 1109 organizationalUnitName = Organizational Unit Name 1110 commonName = Common Name 1111 UID = User ID 1113 # Optionally, specify some defaults. 1114 # countryName_default = US 1115 # stateOrProvinceName_default = MI 1116 # localityName_default = Oak Park 1117 # 0.organizationName_default = HTT Consulting 1118 # organizationalUnitName_default = 1120 [ req_ext ] 1121 subjectAltName = $ENV::subjectAltName 1123 [ v3_ca ] 1124 # Extensions for a typical CA (`man x509v3_config`). 1125 subjectKeyIdentifier = hash 1126 authorityKeyIdentifier = keyid:always,issuer 1127 basicConstraints = critical, CA:true 1128 # keyUsage = critical, digitalSignature, cRLSign, keyCertSign 1129 keyUsage = critical, cRLSign, keyCertSign 1131 [ v3_intermediate_ca ] 1132 # Extensions for a typical intermediate CA (`man x509v3_config`). 1133 subjectKeyIdentifier = hash 1134 authorityKeyIdentifier = keyid:always,issuer 1135 basicConstraints = critical, CA:true, pathlen:0 1136 # keyUsage = critical, digitalSignature, cRLSign, keyCertSign 1137 keyUsage = critical, cRLSign, keyCertSign 1139 [ usr_cert ] 1140 # Extensions for client certificates (`man x509v3_config`). 1141 basicConstraints = CA:FALSE 1142 nsCertType = client, email 1143 nsComment = "OpenSSL Generated Client Certificate" 1144 subjectKeyIdentifier = hash 1145 authorityKeyIdentifier = keyid,issuer 1146 keyUsage = critical,nonRepudiation,digitalSignature,keyEncipherment 1147 extendedKeyUsage = clientAuth, emailProtection 1148 crlDistributionPoints = $ENV::crlDP 1149 authorityInfoAccess = $ENV::ocspIAI 1151 [ server_cert ] 1152 # Extensions for server certificates (`man x509v3_config`). 1153 basicConstraints = CA:FALSE 1154 nsCertType = server 1155 nsComment = "OpenSSL Generated Server Certificate" 1156 subjectKeyIdentifier = hash 1157 authorityKeyIdentifier = keyid,issuer:always 1158 keyUsage = critical, digitalSignature, keyEncipherment 1159 extendedKeyUsage = serverAuth 1160 crlDistributionPoints = $ENV::crlDP 1161 authorityInfoAccess = $ENV::ocspIAI 1163 [ crl_ext ] 1164 # Extension for CRLs (`man x509v3_config`). 1165 authorityKeyIdentifier=keyid:always 1167 [ ocsp ] 1168 # Extension for OCSP signing certificates (`man ocsp`). 1169 basicConstraints = CA:FALSE 1170 subjectKeyIdentifier = hash 1171 authorityKeyIdentifier = keyid,issuer 1172 keyUsage = critical, digitalSignature 1173 extendedKeyUsage = critical, OCSPSigning 1175 A.3. OpenSSL 802.1AR Intermediate config file 1177 The following is the openssl-8021ARintermediate.cnf file contents. 1179 Remove the crlDistributionPoints to drop CRL support and 1180 authorityInfoAccess to drop OCSP support. 1182 # OpenSSL 8021ARintermediate CA configuration file. 1183 # Copy to `$dir/8021ARintermediate/openssl_8021ARintermediate.cnf`. 1185 [ ca ] 1186 # `man ca` 1187 default_ca = CA_default 1189 [ CA_default ] 1190 # Directory and file locations. 1191 # dir = /root/ca/8021ARintermediate 1192 dir = $ENV::dir 1193 cadir = $ENV::cadir 1194 format = $ENV::format 1196 certs = $dir/certs 1197 crl_dir = $dir/crl 1198 new_certs_dir = $dir/newcerts 1199 database = $dir/index.txt 1200 serial = $dir/serial 1201 RANDFILE = $dir/private/.rand 1203 # The root key and root certificate. 1204 private_key = $dir/private/8021ARintermediate.key.$format 1205 certificate = $dir/certs/8021ARintermediate.cert.$format 1207 # For certificate revocation lists. 1208 crlnumber = $dir/crlnumber 1209 crl = $dir/crl/ca.crl.pem 1210 crl_extensions = crl_ext 1211 default_crl_days = $ENV::default_crl_days 1213 # SHA-1 is deprecated, so use SHA-2 instead. 1214 default_md = sha256 1216 name_opt = ca_default 1217 cert_opt = ca_default 1218 default_enddate = 99991231235959Z # per IEEE 802.1AR 1219 preserve = no 1220 policy = policy_loose 1221 copy_extensions = copy 1223 [ policy_strict ] 1224 # The root CA should only sign 8021ARintermediate 1225 # certificates that match. 1226 # See the POLICY FORMAT section of `man ca`. 1227 countryName = match 1228 stateOrProvinceName = match 1229 organizationName = match 1230 organizationalUnitName = optional 1231 commonName = optional 1233 [ policy_loose ] 1234 # Allow the 8021ARintermediate CA to sign 1235 # a more diverse range of certificates. 1236 # See the POLICY FORMAT section of the `ca` man page. 1238 countryName = optional 1239 stateOrProvinceName = optional 1240 localityName = optional 1241 organizationName = optional 1242 organizationalUnitName = optional 1243 commonName = optional 1244 serialNumber = optional 1246 [ req ] 1247 # Options for the `req` tool (`man req`). 1248 default_bits = 2048 1249 distinguished_name = req_distinguished_name 1250 string_mask = utf8only 1251 req_extensions = req_ext 1253 # SHA-1 is deprecated, so use SHA-2 instead. 1254 default_md = sha256 1256 # Extension to add when the -x509 option is used. 1257 x509_extensions = v3_ca 1259 [ req_distinguished_name ] 1260 # See . 1261 countryName = Country Name (2 letter code) 1262 stateOrProvinceName = State or Province Name 1263 localityName = Locality Name 1264 0.organizationName = Organization Name 1265 organizationalUnitName = Organizational Unit Name 1266 commonName = Common Name 1267 serialNumber = Device Serial Number 1269 # Optionally, specify some defaults. 1270 0.organizationName_default = HTT Consulting 1271 organizationalUnitName_default = Devices 1273 [ req_ext ] 1274 subjectAltName = $ENV::subjectAltName 1276 [ hmodname ] 1277 hwType = OID:$ENV::hwType 1278 hwSerialNum = FORMAT:HEX,OCT:$ENV::hwSerialNum 1280 [ v3_ca ] 1281 # Extensions for a typical CA (`man x509v3_config`). 1282 subjectKeyIdentifier = hash 1283 authorityKeyIdentifier = keyid:always,issuer 1284 basicConstraints = critical, CA:true 1285 keyUsage = critical, digitalSignature, cRLSign, keyCertSign 1287 [ v3_8021ARintermediate_ca ] 1288 # Extensions for a typical 1289 # 8021ARintermediate CA (`man x509v3_config`). 1290 subjectKeyIdentifier = hash 1291 authorityKeyIdentifier = keyid:always,issuer 1292 basicConstraints = critical, CA:true, pathlen:0 1293 # keyUsage = critical, digitalSignature, cRLSign, keyCertSign 1294 keyUsage = critical, cRLSign, keyCertSign 1296 [ 8021ar_idevid ] 1297 # Extensions for IEEE 802.1AR iDevID 1298 # certificates (`man x509v3_config`). 1299 basicConstraints = CA:FALSE 1300 authorityKeyIdentifier = keyid,issuer:always 1301 keyUsage = critical, digitalSignature, keyEncipherment 1302 crlDistributionPoints = $ENV::crlDP 1303 authorityInfoAccess = $ENV::ocspIAI 1305 [ crl_ext ] 1306 # Extension for CRLs (`man x509v3_config`). 1307 authorityKeyIdentifier=keyid:always 1309 [ ocsp ] 1310 # Extension for OCSP signing certificates (`man ocsp`). 1311 basicConstraints = CA:FALSE 1312 subjectKeyIdentifier = hash 1313 authorityKeyIdentifier = keyid,issuer 1314 keyUsage = critical, digitalSignature 1315 extendedKeyUsage = critical, OCSPSigning 1317 Authors' Addresses 1319 Robert Moskowitz 1320 Huawei 1321 Oak Park, MI 48237 1323 Email: rgm@labs.htt-consult.com 1325 Henk Birkholz 1326 Fraunhofer SIT 1327 Rheinstrasse 75 1328 Darmstadt 64295 1329 Germany 1331 Email: henk.birkholz@sit.fraunhofer.de 1332 Liang Xia 1333 Huawei 1334 No. 101, Software Avenue, Yuhuatai District 1335 Nanjing 1336 China 1338 Email: Frank.xialiang@huawei.com