Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I have created a privatekey.key during SSL creation for CSR certificate creation for getting SSL certificate. I have purchased the certificate and configured SSL in my Apache server, after that when I restart the server it stops working, for make it working I have used the following command as follows:
C:\Apache24\bin> openssl rsa -in privatekey.key -out privatekey.key
After that when I restarted my Apache it is working fine. But now it is showing me that 128 bit encryption, but I had created the key for 2048 bit encryption. How can I make it 2048 bit encryption?
Please check the following image:
You have got to be aware that SSL/TLS uses hybrid encryption: During the handshake it uses asymmetric encrytpion like RSA to exchange a key for some symmetric encryption-algorithm like AES that is then used to encrypt the traffic. The reason is that asymmetric encrpytion is rather slow compared to symmetric algos, so you use those on the bulk data to get better performance and reduce server-load.
Also take care that asymmetric algorithms require significantly longer keys for the same "strength". While 256-bit AES might sound less secure than 4096-bit RSA they might actually be quite similar from the offered protection.
So while you are using 2048-bit RSA for the key-exchange, 128-bit-AES is used to encrypt the payload.
P.S.: the cipher used during the session is negotiated between client and server from a list of ciphers each support during the SSL-handshake.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
We have a p12 (PKCS#12) <my_ssl_key_file.p12> file for SSL Certificate Key file requiring a passphrase. However, referencing it in the apache directive like so does not work:
<VirtualHost *:443>
...
...
SSLCertificateKeyFile /path/to/my_ssl_key_file.p12
...
</VirtualHost>
I can get around by converting the p12 file using openssl pkcs12 with the passphrase like so:
$openssl pkcs12 -in my_ssl_key_file.p12 -out my_ssl_key_file.key
and changing the directive to reference the new my_ssl_key_file.key
but this seems counterintuitive to strip the P12 encryption. Is there a way to directly reference the P12 file instead? Perhaps my approach is the wrong approach?
PKCS12 is not supported by SSLCertificateKeyFile.
From the doc, PEM is the required format. And the private key should be protected by a passphrase.
Note that the PKCS12 is used to hold the certificate and the certificate chain and the private key as well.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
what is different between 2 command in open ssl tools?
openssl genrsa -des3 -out privkey.pem 2048 and openssl genrsa -out privkey.pem 2048?
thanks
The -des3 option specifies how the private key is encrypted with a password. Without a cipher option, the private key is not encrypted, and no password is required.
Password encryption can protect the private key even when file-system–based access control is circumvented.
According to the docs:
-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea
These options encrypt the private key with specified cipher before
outputting it. If none of these options is specified no encryption is
used. If encryption is used a pass phrase is prompted for if it is not
supplied via the -passout argument.
DES is an encryption method and DES3 (also called triple DES) is the same method that is ran 3 times in a row to make the encryption stronger.
DES3 is a standard that is being heavily used (-des3), for example, when your browser is being redirected to port 443 (SSL), after the RSA key exchange, DES3 is being used (with the RSA key) for the rest of the session.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I've just bought comodo essential wildcard certificate, they asked me to generate csr to activate it.
As i understood, i need to:
Generate RSA 2048bit private key
Generate CSR based on it
As i see, openssl genrsa command accepts different encryption params:
-des encrypt the generated key with DES in cbc mode -des3 encrypt the generated key with DES in ede cbc mode (168 bit key)
-aes128,
-aes192,
-aes256
What should i use?
The encryption param of openssl genrsa command is used to specify which algorithm to use for encrypting your private key (using the password you specify).
CSR (Certificate Signing Request) includes your public key and some additional public information to be included into certificate. CSR never includes a private key.
So, choice of algorithm for encrypting the private key is completely unrelated to CSR. Choose whatever you prefer. AES variants and Triple-DES (-des3) should be preferred; plain DES is usually considered not secure these days. Also see why AES is more secure than DES. But I think algorithm choice in this particular case is not as important as using a strong password and protecting it.
Note: remember that if you protect your private key with a password, you will be prompted to enter the password every time you want to access the private key, such as when starting your web server. If you forget the password, your private key is effectively lost and you must generate a new key and request a new certificate. You could generate a private key without encryption (without password): openssl genrsa -out filename.key 2048. It is also possible to remove the password (effectively, store it unencrypted) at any time using command like this: openssl rsa -in encrypted.key -out unencrypted.key. You’ll need the password for that (you will be prompted to enter it).
Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 months ago.
The community reviewed whether to reopen this question 4 months ago and left it closed:
Original close reason(s) were not resolved
Improve this question
I'm trying to set up SSL on Nginx. It doesn't work, and I am getting the following error in the error log, which is getting passed up from the OpenSSL library which nginx was compiled with. I don't know what that library is, but it's version 0.8.54 of nginx, and I installed it using apt-get on Ubuntu Linux.
2012/02/21 07:06:33 [emerg] 4071#0:
SSL_CTX_use_PrivateKey_file("/exequias/certs/exequias.com.key") failed (SSL:
error:0906406D:PEM routines:PEM_def_callback:problems getting password error:
0906A068:PEM routines:PEM_do_header:bad password read error:140B0009:SSL routines:
SSL_CTX_use_PrivateKey_file:PEM lib)
I have ensured that the file permissions on the private key file are not stopping nginx from reading it. It is an RSA private key, generated with openssl rsa.
Any ideas what might be causing this?
Remove the key pass phrase:
openssl rsa -in key.pem -out newkey.pem
If the certificate and the key are together:
openssl rsa -in mycert.pem -out newcert.pem
openssl x509 -in mycert.pem >>newcert.pem
Source: http://www.madboa.com/geek/openssl/#key-removepass
I got it... the private key file used with nginx must not have a passphrase. I removed the passphrase and it worked.
Because you generate the .crt file with a passphrase, so you need to specify the same passphrase for your .key and .crt file in Nginx conf like this
server {
ssl_password_file /path-to-your-passphrase/ssl.pass;
}
See Nginx Doc
Or if you don't need the passphrase for your cert file, just use ssh-keygen tool to generate the file as following:
ssh-keygen -t rsa
The question is a bit old now, and nginx actually supports passphrase asking at startup since at least version 1.2. But the issue is still relevant because this capability has been removed from debian in the latest release, version 8 with nginx 1.6. The reason is that passphrase input hasn't been implemented in the systemd script for nginx, while it has been for apache. Launching nginx manually simply works, and it's not too a problem since manual intervention is required anyway, there's no use of systemd here.
Reference: https://forum.nginx.org/read.php?2,262900,262931#msg-262931
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
How to generate CSR for mult-domain.
I found that generating CSR for single domain is as below:
openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr
But how do I generate CSR multi-domain
For an X.509 certificate to support multiple domains, it must use multiple Subject Alternative Name DNS entries, according to RFC 2818 (HTTP over TLS) (or RFC 6125):
If a subjectAltName extension of type dNSName is present, that MUST
be used as the identity. Otherwise, the (most specific) Common Name
field in the Subject field of the certificate MUST be used. Although
the use of the Common Name is existing practice, it is deprecated and
Certification Authorities are encouraged to use the dNSName instead.
Matching is performed using the matching rules specified by
[RFC2459]. If more than one identity of a given type is present in
the certificate (e.g., more than one dNSName name, a match in any one
of the set is considered acceptable.)
As described in this document (except I would use -des3 too for the genrsa command, to protect the private key):
Make a copy your initial openssl.cnf file (the original is probably somewhere under /etc on Linux).
Edit it to add req_extensions = v3_req in the [ req ] section.
Edit it to add subjectAltName=DNS:www.example.com,DNS:www.other-example.com (one DNS: entry per host name you require) in the [ v3_req ] section.
Make OpenSSL use that configuration file. Call it with OPENSSL_CONF=/path/to/your/openssl.cnf openssl req ...
This being said, I wouldn't worry too much about setting any extension in the CSR. Any good CA should ignore whatever you've set in the CSR and only set whatever they have actually verified when issuing the actual certificate. They'll happily replace any RDN in your Subject DN (e.g. Country, Organization, ...) as well as any extension (SAN or Key Usage). Firstly, if they let any extension as requested in the CSR by the applicant, this would be a security risk, since some applicants could really get anything. Secondly, that's how they make extra money, by charging you for setting a few bits here and there (e.g. code signing extension): they'll make sure that you only get what you've paid for in your certificate. I understand, though, that you may want to put all the names you request in your CSR, just to be sure.