Renewing certificates - without revoking?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Renewing certificates - without revoking?

Brian Candler
Using openssl as a CA, I'm wondering what the best way is to renew a
certificate without first revoking the previous one. Revoking the previous
one would leave a window of vulnerability where a machine may be trying to
use the old certificate, as it hasn't yet downloaded the new one, but other
machines who have picked up the latest CRL will refuse to communicate with
it.

To demonstrate:

    $ ./CA.sh -newca
    $ openssl genrsa -des3 -out server.key 1024
    $ openssl req -new -key server.key -out server.csr
    $ openssl ca -policy policy_anything -out server.crt -infiles server.csr
    ...
    Certificate Details:
            Serial Number: 1 (0x1)
            Validity
                Not Before: Mar  2 12:51:16 2006 GMT
                Not After : Mar  2 12:51:16 2007 GMT
    ...
    Sign the certificate? [y/n]:y
    1 out of 1 certificate requests certified, commit? [y/n]y
    Write out database with 1 new entries
    Data Base Updated

All very well so far. Now I want to refresh the certificate, issuing a new
one with a later expiry date. Nothing in the CSR will have changed (in
particular I'm assuming the endpoint will be using the same private key), so
I just try to re-sign the same CSR:

    $ openssl ca -policy policy_anything -out server.crt -infiles server.csr
    Certificate Details:
            Serial Number: 2 (0x2)
            Validity
                Not Before: Mar  2 12:52:17 2006 GMT
                Not After : Mar  2 12:52:17 2007 GMT
    ...
    Sign the certificate? [y/n]:y
    failed to update database

Now, I notice the constraint in index.txt.attr:

    unique_subject = yes

If I set this to 'no', I can have both certificates active at once. Is this
the recommended way to allow for certificate renewal (in which case, why
isn't it the default)? Or is there something else I'm missing?
index.txt.attr is not mentioned in the ca manpage AFAICS.

index.txt doesn't seem to include the public key, so I imagine it's unable
to distinguish between "re-issuing a certificate to the same endpoint" (OK)
and "issuing a certificate to a different endpoint but with a conflicting
subject" (not OK)

Thanks,

Brian.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Renewing certificates - without revoking?

Kyle Hamilton
The best way is to have the unique_subject = no, and then allow for
the download and installation of the new cert.  Once that's done,
revoke the old one.

As for why it's not the default, it's because there are other
applications besides just web server certification that require
additional security measures, and it's better for the default to err
on the side of caution than unwittingly open windows of vulnerability.

-Kyle H

On 3/2/06, Brian Candler <[hidden email]> wrote:

> Using openssl as a CA, I'm wondering what the best way is to renew a
> certificate without first revoking the previous one. Revoking the previous
> one would leave a window of vulnerability where a machine may be trying to
> use the old certificate, as it hasn't yet downloaded the new one, but other
> machines who have picked up the latest CRL will refuse to communicate with
> it.
>
> To demonstrate:
>
>     $ ./CA.sh -newca
>     $ openssl genrsa -des3 -out server.key 1024
>     $ openssl req -new -key server.key -out server.csr
>     $ openssl ca -policy policy_anything -out server.crt -infiles server.csr
>     ...
>     Certificate Details:
>             Serial Number: 1 (0x1)
>             Validity
>                 Not Before: Mar  2 12:51:16 2006 GMT
>                 Not After : Mar  2 12:51:16 2007 GMT
>     ...
>     Sign the certificate? [y/n]:y
>     1 out of 1 certificate requests certified, commit? [y/n]y
>     Write out database with 1 new entries
>     Data Base Updated
>
> All very well so far. Now I want to refresh the certificate, issuing a new
> one with a later expiry date. Nothing in the CSR will have changed (in
> particular I'm assuming the endpoint will be using the same private key), so
> I just try to re-sign the same CSR:
>
>     $ openssl ca -policy policy_anything -out server.crt -infiles server.csr
>     Certificate Details:
>             Serial Number: 2 (0x2)
>             Validity
>                 Not Before: Mar  2 12:52:17 2006 GMT
>                 Not After : Mar  2 12:52:17 2007 GMT
>     ...
>     Sign the certificate? [y/n]:y
>     failed to update database
>
> Now, I notice the constraint in index.txt.attr:
>
>     unique_subject = yes
>
> If I set this to 'no', I can have both certificates active at once. Is this
> the recommended way to allow for certificate renewal (in which case, why
> isn't it the default)? Or is there something else I'm missing?
> index.txt.attr is not mentioned in the ca manpage AFAICS.
>
> index.txt doesn't seem to include the public key, so I imagine it's unable
> to distinguish between "re-issuing a certificate to the same endpoint" (OK)
> and "issuing a certificate to a different endpoint but with a conflicting
> subject" (not OK)
>
> Thanks,
>
> Brian.
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]