Create A Self-Signed
OpenSSL is an excellent open source software that implements
protocols such as SSL v2/v3 and TLS v1 as well as a full-strength
general purpose cryptography library.
et’s begin examining the link beetwen digital be communicated to each potential buyer
certificates and cryptographic algorithms. through a secure channel;
We already know the differences between • Any potential buyer who wants to buy a
the implementation of symmetric key encryption product from this company needs to generate
and asymmetric key encryption but let me briefly a secret key so that before paying, the
explain these differences again because they customer is able to always communicate to
are very important and we need them for the the company through a secure channel.
understanding of the rest of the article.
In symmetric key encryption each pair of Neither of these solutions is feasible for an e-
actors share a common protected key. This commerce site.
key must be protected by the real owners Nor are these solutions scalable. We need
and this secret key must be shared between something that doesn't need order of n^2 secret
the two owners using a secure channel of keys.
communication, To solve these problems we must use
If the key is stolen the encryption is asymmetric key encryption.
compromised and the owners of the key cannot In asymmetric key encryption each actor has
be guaranteed security if they continue to use it. a pair of keys (private and public). The public key
Another symmetric key encryption characteristic must be shared with the rest of the world while the
is the following: if there are n actors that would like private key must be kept secret by the owner.
to communicate with each other in a secret way, How do we make known to the whole world
WHAT YOU WILL they must build ( n*(n-1))/2 keys, ie order of n^2, a our public key? Simply using keyservers.
LEARN... great number if n increases more and more. In asymmetric key encryption, the algorithm
Using OpenSSL you'll learn how Common symmetric algorithms are: DES, for encryption / decryption works with both keys in
to create a self-signed digital 3DES, RC, BLOWFISH, IDEA as well as many the following way: if the message is encrypted with
certificate that you'll use for the
configuration of an Apache web others. the public key it can be decrypted only with the
server. Imagine now a business that wants to private key and vice versa.
distribute their products over the web and wants We also know that the encryption operation
WHAT YOU SHOULD
KNOW... to create a risk-free way for buyers to pay securely. of a message using the sender's private key
There are two possible solutions: guarantees the authenticity of the sender
You should know, at a basic
level, the main concepts of while the encryption operation of a message
public key infrastructure (PKI),
symmetric and asymmetric key
• The company would need to generate a using the recipient's public key guarantees the
cryptography. sufficient number of secret keys that will confidentiality of the contents of the message.
58 HAKIN9 4/2009
DIGITAL CERTIFICATE WITH OPENSSL
The use of the two keys at this point Perfect, the potential buyer can generate this digital certificate has been issued by a
depends on the purpose that we want to a secret key on his pc (we will call it K ). trusted third party (CA).
achieve, confidentiality or authenticity. Now he must share this secret key K A digital certificate is a mechanism that
Moreover if there are n potential actors with the e-commerce site. links the public key with an actor.
that want to communicate with each other He can now use asymmetric Digital certificates contain the public
in a confidential way they can use a total cryptography algorithms encrypting this key along with other identifying information
order of n keys and not an order of n^2 secret key K with the public key of the e- of the individual owner of that key and a
keys. commerce site and send it on the internet. validity period of the key. All this information
The drawback of asymmetric In this way only the e-commerce site is validated by a trusted third party, namely
algorithms is that it needs much more can decrypt the message containing the a CA (Certification Authority) like VeriSign
processing time than symmetric secre key K and continue the commercial Inc. for example.
algorithms. transaction with the buyer using only the The digital certificate is signed by the
How can a company with an e- secure and faster secret key K . CA using the CA private key and naturally
commerce site benefit from both But …. are we sure that the public key the CA public key is available to the whole
approaches for its goals? that was used to encrypt the secret key K world. In this way, in our example, the
The benefit of symmetric key encryption belongs to the e-commerce site? buyer can check the correctness of the e-
is speed while the benefit for asymmetric Someone may have tampered with the commerce digital certificate by decrypting
key encryption is scalability. So we could e-commerce site's public key. The public key it using the CA public key.
use asymmetric key encryption for to that we are using may belong to an attacker. There are different standards for the
create a secure channel where we can Well, we can now introduce digital creation of certificates, currently the most
exchange a key to use for symmetric key certificates. established is defined by the international
encryption of data. A digital certificate assures us that standard X.509.
The e-commerce company must have the public key came from the person or An X.509 certificate contains a lot of
a public key and a private key. company we expected. This is true only if information, some of which is Table 1.
Naturally its public key must be visible
to the whole world. Table 1. Some information contained in an X.509 digital certificate
A potential buyer that wants to Version V3
communicate secretly with the e-
Serial number 7654 ZU76 ….
commerce site during the payment
process, must encrypt the information Signature algorithm Md5 with RSA encryption
traveling on the internet but what kind of key Valid from Monday, June 4, 2007
must he use? Valid to Monday, June 2, 2008
He could use the e-commerce public
Subject E-commerce company name
key but every time the buyer must encrypt
the information, additional processing Public key Encrypted value of the key
time is required. The best solution is to (digital) Signature algorithm Md5 with RSA encryption
use a symmetric algorithm that uses less
Signature The signature of the certificate
Figure 1. OpenSSL setup in Windows platform Figure 2. OpenSSL packages to install in Cygwin setup
4/2009 HAKIN9 59
This is good so far. What if we want An Example of SSL Man In Some other fields are changed, for
to play a bit with these certificates? What The Middle Attack example the issuer DN (Distinguished
should we do? Must we buy one from a Suppose you work in a big company where Name) that is now set to the name of the
CA? No, for now we will build one on our there is a SSL proxy running between your SSL proxy's self-signed digital certificate
behalf using the OpenSSL tool. These private network, where your computer is and what is very important is that the
certificates are signed and certified by the located, and the internet. SSL proxy public/private keys are used
same owner of the public key. So with this scenario if you want to in creating this faked self-signed digital
Thus, they are called self-signed contact a web server using HTTPS protocol certificate.
certificates. you must run through a SSL proxy. The web In this way the client (for example a web
They are no longer considered trusted. browser must be configured to use SSL browser) considers this fake self-signed
Remember once again that CAs were proxy. digital certificate as the original digital
created within PKI to solve the problem of A SSL proxy is plugged into the certificate of the remote web server.
verifying the validity of the crypto keys we connection between the two end-points SSL proxy is able in this way to read
are using and to ensure that they have (client and server). all the data flowing between the two end-
not been switched by an attacker. See Naturally we are assuming that points (client web browser and remote web
later example of SSL Man In The Middle someone has changed the correct server).
attack. behaviour of the SSL proxy with a
Self-signed certificates cannot be malicious behaviour. Procedure for Installing
revoked while CAs on the other hand have The SSL proxy intercepts all the HTTPS OpenSSL
the possibility to revoke a compromised connections, terminates them and resends OpenSSL is available for both the Windows
certificate, which prevents its further use. them to the remote web server. and Linux platforms.
Self-signed certificates can be used for There are two connections: one For the Windows platform we can
testing a web-server for example. between client and SSL proxy and the choose between a binary file and a cygwin
If we have created a website that we other between SSL proxy and the remote environment. For the Linux platform we
want to test over an HTTPS connection, we web sever. can also choose between a binary file and
don't have to pay for a signed certificate. But what a SSL proxy sends to the source files.
Remember that while a CA tells us that client isn't the correct digital certificate For example, there exist binary files for
the information contained in the certificate requested by the client to the remote Debian, Fedora, Red Hat and for all the
has been verified by a trusted source., the web server but a fake self-signed digital main Linux distributions.
self-signed certificate doesn't tell us the certificate generated and signed by the So we can download the OpenSSL
same thing. SSL proxy using the fields contained in the package in the form we want from the
Moreover when a web browser gets correct digital certificate received by the OpenSSL site and from all the main Linux
a digital certificate it checks that it is remote web server. distribution repository (YaST for SuSe,
signed by a recognized CA. If the digital This fake self-signed digital certificate Synaptic for Ubuntu, Yum, Apt, Portage …
certificate is self-signed, it will be labeled preserves from the original digital and so on).
as potentially risky and an error message certificates fields as the subject DN For the Linux platform, in this article we
will pop up telling us to not trust the site (Distinguished Name), the validity dates, focus on source files installation that i think
(see Figure 6). and the extensions for example. is the more difficult than the others.
Figure 3. Default configuration in Cygwin setup Figure 4. Output of OpenSSL req command
60 HAKIN9 4/2009
DIGITAL CERTIFICATE WITH OPENSSL
Windows Platform – Binary from the official Cygwin website. Run the After installing Cygwin we have to make
The installation on Windows is easy. setup.exe file, choose the root directory changes to the environment variables. The
Simply download the binary file and run where it will be installed (usually c: \ changes are:
the installation program, choosing Full cygwin ), finally choose an FTP or HTTP
installation (see Figure 1). server where we can download the • Add the path of the root directory selected
packages. during the installation process by adding
Windows Platform – Cygwin Now choose the configuration of the suffix \bin (for example c:\cygwin\
We can also install OpenSSL using the installation, the default configuration bin ) to the PATH environment variable.
Cygwin. Cygwin is a Linux-like (see Figure 3). Check that the OpenSSL • Create a new environment variable
environment for Windows. First of all package is actually selected in the sub- called cygwin with the following value
we have to download the file setup.exe section net (see Figure 2). binmode tty ntsec
Listing 1. An example of openssl.cnf
# countryName = optional
# SSLeay example configuration file. stateOrProvinceName = optional
# This is mostly being used for generation of certificate localityName = optional
requests. organizationName = optional
# organizationalUnitName = optional
RANDFILE = .rnd commonName = supplied
############################################################### emailAddress = optional
[ ca ] ##############################################################
default_ca = CA_default # The default ca section [ req ]
############################################################### default_bits = 1024
[ CA_default ] default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
dir = demoCA # Where everything is kept attributes = req_attributes
certs = $dir\certs # Where the issued certs are kept
crl_dir = $dir\crl # Where the issued crl are kept [ req_distinguished_name ]
database = $dir\index.txt # database index file. countryName = Country Name (2 letter code)
new_certs_dir = $dir\newcerts # default place for new countryName_min = 2
certs. countryName_max = 2
certificate = $dir\cacert.pem # The CA certificate stateOrProvinceName = State or Province Name (full name)
serial = $dir\serial # The current serial
number localityName = Locality Name (eg, city)
crl = $dir\crl.pem # The current CRL
private_key = $dir\private\cakey.pem # The private key 0.organizationName = Organization Name (eg, company)
RANDFILE = $dir\private\private.rnd # private random number
file organizationalUnitName = Organizational Unit Name (eg,
x509_extensions = x509v3_extensions # The extentions to section)
add to the cert commonName = Common Name (eg, your website's domain
default_days = 365 # how long to certify for name)
default_crl_days= 30 # how long before next CRL commonName_max = 64
default_md = md5 # which md to use.
preserve = no # keep passed DN ordering emailAddress = Email Address
emailAddress_max = 40
# A few difference way of specifying how similar the request
should look [ req_attributes ]
# For type CA, the listed attributes must be the same, and the challengePassword = A challenge password
optional challengePassword_min = 4
# and supplied fields are just that :-) challengePassword_max = 20
policy = policy_match
[ x509v3_extensions ]
# For the CA policy
[ policy_match ] # under ASN.1, the 0 bit would be encoded as 80
countryName = optional nsCertType = 0x40
stateOrProvinceName = optional
organizationName = optional #nsBaseUrl
organizationalUnitName = optional #nsRevocationUrl
commonName = supplied #nsRenewalUrl
emailAddress = optional #nsCaPolicyUrl
# For the 'anything' policy #nsCertSequence
# At this point in time, you must list all acceptable 'object' #nsCertExt
# types. #nsDataType
[ policy_anything ]
4/2009 HAKIN9 61
These last two changes must be done • Change to the directory where successful, it will display the openssl>
using the form shown following this path: the file was just downloaded from prompt from which you can type various
Start=>Control panel=>System=>Advanced the OpenSSL site (eg openssl- OpenSSL commands.
tab=>Environment variables button. 0.9.8j.tar.gz ) If you encounter problems during
Finally we can open the cygwin terminal • tar xvzf openssl-0.9.8j.tar.gz the installation run the command make
and type at the command prompt the • cd openssl-0.9.8j/ clean, make the right changes through the
string openssl to verify that the installation • ./config config command and try the remaining
has been successfully completed. • make commands again (point 5 and 6).
• make install (as root) Remember that the command make
Linux Platform clean doesn't fix missing dependencies.
If you have downloaded OpenSSL for Linux To verify that OpenSSL has been installed There is an OpenSSL mailing list where
in the form of source code, then, follow correctly, in a shell terminal type the you can request more information.
these simple instructions: string openssl and if the installation is
OpenSSL Configuration File for
Windows and Linux
On the 'Net After having completed the installation,
• http://www.openssl.org/ we must create a configuration file called
• http://gnuwin32.sourceforge.net/packages/openssl.htm openssl.cnf .
• http://www.cygwin.com/ This file must be placed under the
• http://httpd.apache.org/ OpenSSL directory (eg c: \Program
• http://keyserver.linux.it/ Files\OpenSSL\bin for Windows platform
and /etc/ssl/ for Linux platform).
An example of this file can be
downloaded from the Internet, a classic
configuration file that can be used without
further changes. An example is illustrated
in Listing 1.
Create a Digital Certificate
Assuming that we are using a machine
with the Windows operating system and
that we have installed OpenSSL using the
Open a DOS prompt and type the
following string (see Figure 4):
openssl req –config openssl.cnf –new
Figure 5. Apache Service Monitor The req command creates certificates in a
certification request standard mode. It can
additionally creates self signed certificates.
In the above command we have not
used the parameter -key so a new RSA
key has also been generated.
When you run the command you will
be asked for some information necessary
for the creation of the certificate and the
private key. This includes information such
as country name, state or province name,
locality name, organization name, common
name and email address.
An additional password is also required
Figure 6. An example of warning reported by a web browser receiving a self-signed to be used in the challenge process, in order
digital certificate to exchange digital certificates between two
62 HAKIN9 4/2009
parties in a communication via the Internet. Add the following directive:
We can leave this password blank to avoid
complicating the configuration. Also from <VirtualHost server_name:443>
the command line at the DOS prompt type: SSLEngine on
openssl rsa –in privkey.pem –out SSLCertificateKeyFile conf/ssl/my-
SSLProtocol -all +SSLv3 +TLSv1
The rsa command processes RSA keys. SSLCipherSuite SSLv3:+HIGH:-MEDIUM:-LOW
These RSA keys can be converted between </VirtualHost>
The parameter -in indicates the RSA The directives SSLProtocol and
key to use. This key has been generated at SSLCipherSuite are recommended to limit
the previous step. the web server to only use SSLv3 or TLS.
This command will read the private We have to create the ssl directory
key from the input file ( -in privkey.pem ) under the conf directory of Apache.
and will write an output file ( -out my- We have to copy the files of the
server.key ) using the RSA algorithm. certificate generated by OpenSSL ( .cert
Finally, from the DOS prompt type: and .key ) under the directory conf/ssl .
Finally we have to create a SSL
openssl x509 –in my-server.csr –out configuration file called ssl.conf under the conf
my-server.cert –req –signkey directory of Apache. On the Internet we can
my-server.key -days 365 find a generic configuration file ssl.conf.
Generally on these generic files we
This command creates a self-signed digital have to make some changes such as:
certificate that is valid for a period of 365
days. • DocumentRoot
The parameter -signkey causes • ServerName
the input file (parameter -in ) to be self • ServerAdmin
signed using the supplied private key. This • SSLCertificateFile
certificate has the start date equal to the • SSLCertificateKeyFile
current date and the end date is set to a
value depending by the -days parameter. At this point we have to stop and then restart
the Apache web server (see Figure 5).
Configure the Apache Web Open a web browser and type the URL:
Server to Use SSL
Assume that we use Apache on Windows https://[server_name]/
platform. If not present, copy the files
libeay32.dll and ssleay32.dll from Of course, the browser notifies us that the
the Apache bin directory (eg c:\Program digital certificate is self-signed.
Files\Apache Group\Apache2\bin ) to
the Windows system32 directory (eg c: Conclusion
\windows\system32 ). We have seen how to install the OpenSSL
Check that we have the file mod _ toolkit and how to use it to generate a self-
ssl.so copied under the Apache modules signed digital certificate. Finally, we have
directory otherwise we have to download seen how to use the self-signed digital
it from the Internet Open the Apache certificate in the Apache web server in
configuration file, httpd.conf, and add the order to test it over an https connection but
following lines: in an unsecure way because it is only self-
signed and not trusted by a CA.
• LoadModule ssl_module modules/
mod_ssl.so Daniele Zuco, Graduated in Computer Science (Informatic
Technologies) and student of Informatic Engineering
• Listen 443
at Sapienza university of Rome. He has worked at
• SSLMutex default C.I.T.I.C.O.R.D. always at Sapienza university of Rome. He
has worked at ALITALIA S.p.A. and at Elsag Banklab S.p.A.
• SSLRandomSeed startup builtin He has also worked at Faculty of Economics Sapienza
• SSLSessionCache none university of Rome for an important project.