Letsencrypt is fantastic because it lets users generate valid (not self-signed) SSL certificates for free. I'm using bip as an IRC proxy. Bip can use an SSL certificate for encryption, but the documentation is a bit fuzzy on this.
I know how to generate certificates with letsencrypt. I guess I must concatenate some of the letsencrypt generated files, among cert.pem, chain.pem, fullchain.pemandprivkey.pem` to get a valid bip certificate. But which ones?
If you're asking how to configure bip to use the Let's Encrypt certificate so that clients can connect to it via SSL, the documentation provides the following:
client_side_ssl (default: false)
When true, clients will need to connect to BIP using SSL. You'll also need to
generate a SSL cert/key pair in <bipdir>/bip.pem (usually ~/.bip/bip.pem or
/var/lib/bip/bip.pem) or <client_side_ssl_pem> if defined.
client_side_ssl_pem (default: <bipdir>/bip.pem)
Set this to the full path of the cert/key pair bip should use to accept clients
SSL connections
So from that I gather you will need to cat privkey.pem cert.pem > bip.pem and enable client_side_ssl and point client_side_ssl_pem to bip.pem if it's not in one of the specified locations.
I don't believe you'll need to add the CA chain as Let's Encrypt is a trusted CA and the clients should be able to reconstruct the chain themselves. If that's not the case, you can add chain.pem to bip.pem as well.
I also found a handy guide that might be of use here: https://flexion.org/posts/2014-04-bip-irc-proxy/
Related
I've been googling like mad trying to figure this out, but the answer doesn't seem to be clear, or at least, it seems like there are contradictory answers.
I'm tasked with setting up an Apache web server with 2Way SSL authentication. We use verisign to get our certificates, so we have a certificate for the web instance with the correct hostname details, signed by verisign, and an intermediate certificate from verisign. This all works very well.
Now, we need to set up a 2Way SSL connection. The initial expectation is that the client will manage their own certificates, and provide them to us for authentication. More than one client may be connecting, and they should each have access to different resources when they connect.
From what I've read, I'm not sure how this would be done...
This is a pretty good overview, but in this situation, they are using self-signed certificates: https://security.stackexchange.com/questions/34897/configure-ssl-mutual-two-way-authentication
Using these details, it would seem like we would have to make the trusted CA point to the certificate authority that signs the client's certificate.
Is it possible to use the client certificate as the trusted CA (even though it isn't self signed, but signed by a CA) or would we have to put a trusted CA from their signer (and at that point, would a CA bundle that includes all the client certificate authority CAs work?) on the server and then use the SSLRequire statements to limit access to specific details of the certificate?
As a followup, can we use the SSL Certificate that we get from verisign to sign client certificates?
So, after several more hours on google, and some testing, I was able to figure out what I needed to.
If I want to use a certificate signed by verisign or some other public CA, I would have to copy their public intermediate certificate (the one that they use to sign the client certs) to my server and specify it as the SSLCACertificateFile in the configuration. The caveat is that then any cert signed by that CA would be accepted, and that's where the SSLRequire directives can used to narrow that down to specific certificates.
Using the SSLVerifyClient optional_no_ca directive would make it assume that the cert is trusted, even if it isn't, and then I would have to use SSLRequire directives to verify the details are correct, however, anybody could create and sign their own certificate with those details and there would be no way to tell.
Creating my own self signed CA certificate, and then using that to sign the client certificates and issuing them to the clients is the only way to both ensure that the cert isn't a forgery and not requiring SSLRequire directives to ensure that only the people that I specify can connect.
Please comment/correct me if I'm wrong on any of this.
Use:
SSLVerifyClient optional_no_ca
In your Apache config. This will request the client certificate but not validate it against a CA. It will then be up to your local script to examine the resulting environment variables set by Apache such as 'SSL_SERVER_S_DN' and decide whether to allow the request or not.
These mod_ssl environment variables are also what your code needs to look at when determining what resources the client can access.
The full documentation is here mod_ssl although you probably found that already.
A note on client certificates. If you did want to use a CA and leave it to the clients, they may all use different CA's and you would have a job maintaining them all on your server. It would be much better to trust a single CA.
The advantage would be that then you could use the build in SSL support to do all your certificate checks and not write your own solution.
You could enforce a single CA by specifying an on-line provider and using email signing certificates to identify clients. These would work fine, just the Certificate Subject would be an email address instead of a domain name.
Or you could set up your own CA and sign client certificates yourself. This is not too difficult and gives you complete control. Either route would require you to add the CA root certificate (plus intermediates) to a file Apache can read and point 'SSLCACertificateFile' to it.
Cowboy: https://github.com/extend/cowboy
In the ssl example, three files are needed in ssl folder, they are
cowboy-ca.crt, server.crt and server.key.
I am applying for a free ssl in startssl, and found there are only
server.crt and server.key generated.
What is cowboy-ca.crt used for?
My question is that 'is cowboy-ca.crt needed for me'?
Thanks in advance
SSL is built on the principle of a chain of trust. The reason why you are using StartSSL (or any other certificate provider) is that you are asking them to sign your certificate and create such a chain of trust for you. If clients trust StartSSL they will trust your server's certificate.
Sometimes, clients do not have all the previous elements of the chain. This is the case in Cowboy example where clients probably do not know the sample root certificate, cowboy-ca.crt. For this reason, during SSL handshake, servers can send part of this chain. This does not create trust, unless clients aldready trusted the root or the prefix of the chain.
In your case, the chain actually contains three elements with an intermediate certificate. This is what you should use here as clients trust the root only and might not know the intermediate certificate. If you are using a free certificate from StartSSL, it is sub.class1.server.ca.pem. You can download it here.
I have a question about certificate files with Apache + OpenSSL.
I have generated the following basic certificate files from the server:
/usr/share/ssl/csr/mydomain.csr.pem
/usr/share/ssl/private/mydomain.key.pem
I have sent the mydomain.csr.pem to the CA authority after purchasing Comodo's Positive SSL at
http://www.namecheap.com/ssl-certificates/comodo.aspx
It's approved and got three *.crt files, which are:
AddTrustExternalCARoot.crt
PositiveSSLCA2.crt
mydomain_com.crt
Based on the Apache tutor at
http://www.apache.com/resources/how-to-setup-an-ssl-certificate-on-apache/
looks like I only need to use mydomain_com.crt and put it in
/usr/share/ssl/certs/mydomain_com.crt
My question is, what do I have to do with these two files?
AddTrustExternalCARoot.crt
PositiveSSLCA2.crt
Looks like it's not necessary, then what are these files given to us? If they are used, then when and how?
You may need to specify the PositiveSSLCA2.crt in the Apache configuration. If the HTTP client trusts Comodo, they should already have the root certificate.
I found instructions on this page for configuring the intermediate certificate. Basically, you would specify the PositiveSSLCA2.crt in your Apache configuraiton as the SSLCertificateChainFile. Your client may trust the root CA, but it probably does not know about the intermediate certificate, therefore could not establish trust without it.
The root CA is probably just for your information, but it might be needed if you ever use an HTTP client that requires you to specify it directly, for trust purposes.
According to https://wiki.jasig.org/display/CASUM/X.509+Certificates,
After the Server sends the certificate that identifies itself, it then can then send a list of names of Certificate Authorities from which it is willing to accept certificates.
I am wondering how to determine what this list is, and how to modify it.
The reason I am asking is that I am getting an infinite redirect between my server and my client after successful validation (i.e., the ticket stage), and I think it has to do with the CAS server not recognizing the CAS client's certificate (the client's certificate is self-signed).
If you want to see what this list is, you can use OpenSSL:
echo "" | openssl s_client -connect your.server:port
This will show various messages regarding the handshake, including the certificates and the list of CAs in the CertificateRequest message.
Ultimately, it's determined by the active X509TrustManager's getAcceptedIssuers() method. By default, this will be the list of Subject DNs of all your trust anchors (that is, the Subject DNs of all the certificates in your trust store).
Your client certificate will have to be verified by the server. This is normally done during the handshake by the trust manager, which (unless tweaked) will build a chain to a known CA (or at least known cert if it's the user cert itself) in the trust store.
Adding your self-signed certificate to your trust store should be sufficient. It doesn't have to be the cacerts file bundled with the JVM, you could make a copy of it and use the trust store settings of Apache Tomcat's connector to set it up.
I have a server with an SSL certificate and clients with SSL cetificates, all are signed by the same CA, and the CA is trusted on the server and clients as a root authority.
However none of the clients I have tried (iphone, chrome, explorer) will send the client certificate when the server requests it, even though they all verify the server certificate fine. They all claim not to have the certificate.
When I look at the client certificate in the certificate/profile/store they all claim it is verified and legit, and all the certificates verify fine using openssl etc.
Does an SSL client certificate need a specific name or other details so that client browsers will know when to use it? Kinda of like how a server certificate has to specify the exact domain as the name on the certificate?
The server is an apache2.2 server, but I don't think its a problem on the servers end.
Client certificates must have appropriate Key Usage and Extended Key Usage extensions set. What is "appropriate" in your case, I don't know for sure but the number of variants in Key Usage is small and you can check various values yourself.
You surely haven't forgot about the private key which should be accessible on the client side, have you?
There's a summary of the key usage and extended key usage extensions to use in this document:
http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html
(Although it is for NSS, it should apply to other products.)
You could also check whether the list of accepted CAs sent by the server is configured properly. This can be seen using openssl s_client -connect the.host.name:443, for example.