[openssl]: Subject alternative names not recognized when signing certificates

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[openssl]: Subject alternative names not recognized when signing certificates

Carsten
Hi list,

this is about setting up a certificate authority to sign incoming
(forgeign) certificate requests.
I have installed
####################################
/var/caintermed # openssl version -a
OpenSSL 1.1.2-dev  xx XXX xxxx
built on: Fri Sep 21 10:19:51 2018 UTC
platform: linux-armv4
options:  bn(64,32) rc4(char) des(long) idea(int) blowfish(ptr)
compiler: gcc -fPIC -pthread  -march=armv7-a -Wa,--noexecstack -Wall -O3
-DOPENSSL_USE_NODELETE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM
-DSHA512_ASM -DKECCAK1600_ASM -DAES_ASM -DBSAES_ASM -DGHASH_ASM
-DECP_NISTZ256_ASM -DPOLY1305_ASM -DNDEBUG
OPENSSLDIR: "/usr/local/ssl"
ENGINESDIR: "/usr/local/lib/engines-1.1"
Seeding source: os-specific
############################################################

My setup is based on this:
https://jamielinux.com/docs/openssl-certificate-authority/create-the-root-pair.html

I can sign certificate requests successfully, BUT....
if the request contains SAN attributs (subjectalternatenames) they are
ignored -not visible in the signed certificate.

I found many exambles how to create a SAN-Certificate using the
selfsigned mechanism, but that is not what I want.

Is there any how-to in the wild, how to set up a fully working CA
including SAN (v3) attributs?

br
Carsten
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: [openssl]: Subject alternative names not recognized when signing certificates

Viktor Dukhovni


> On Sep 22, 2018, at 8:28 AM, Carsten <[hidden email]> wrote:
>
> I can sign certificate requests successfully, BUT....
> if the request contains SAN attributs (subjectalternatenames) they are ignored -not visible in the signed certificate.
>
> I found many exambles how to create a SAN-Certificate using the selfsigned mechanism, but that is not what I want.
>
> Is there any how-to in the wild, how to set up a fully working CA including SAN (v3) attributs?

My approach is generally to dynamically generate a config file with the requisite
extensions, and use that to build the certificate.  It is possible to copy
extensions from the request (CSR) to the certificate, but not always wise
if you've not carefully checked that all the extensions in the CSR are appropriate.

  https://www.openssl.org/docs/man1.1.0/apps/ca.html

  copy_extensions

  determines how extensions in certificate requests should be handled.
  If set to none or this option is not present then extensions are
  ignored and not copied to the certificate. If set to copy then any
  extensions present in the request that are not already present are
  copied to the certificate. If set to copyall then all extensions
  in the request are copied to the certificate: if the extension is
  already present in the certificate it is deleted first. See the
  WARNINGS section before using this option.

  ...

  The copy_extensions option should be used with caution. If care is
  not taken then it can be a security risk. For example if a certificate
  request contains a basicConstraints extension with CA:TRUE and the
  copy_extensions value is set to copyall and the user does not spot
  this when the certificate is displayed then this will hand the
  requester a valid CA certificate.
 
  This situation can be avoided by setting copy_extensions to copy
  and including basicConstraints with CA:FALSE in the configuration
  file. Then if the request contains a basicConstraints extension it
  will be ignored.
 
  It is advisable to also include values for other extensions such
  as keyUsage to prevent a request supplying its own values.
 
  Additional restrictions can be placed on the CA certificate itself.
  For example if the CA certificate has:
 
   basicConstraints = CA:TRUE, pathlen:0
 
  then even if a certificate is issued with CA:TRUE it will not be
  valid.

--
        Viktor.

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users