GnuTLS PKI setup ================ Notes to: - Create a self-signed CA - Create server certificate - Run a GnuTLS server/client session to validate the setup (1) Create the private key for the CA: ----------------------------------------------------------------------- $ certtool --generate-privkey --outfile ca-key.pem Generating a 2048 bit RSA private key... ----------------------------------------------------------------------- (2) Generate the self-signed CA certificate using the above key: ----------------------------------------------------------------------- $ certtool --generate-self-signed --load-privkey ca-key.pem \ --outfile ca-cert.pem Generating a self signed certificate... Please enter the details of the certificate's distinguished name. Just press enter to ignore a field. Common name: UID: Organizational unit name: TestOU Organization name: TestOrg Locality name: State or province name: Country name (2 chars): Enter the subject's domain component (DC): This field should not be used in new certificates. E-mail: Enter the certificate's serial number in decimal (default: 6145014228788391674): Activation/Expiration time. The certificate will expire in (days): 3650 Extensions. Does the certificate belong to an authority? (y/N): y Path length constraint (decimal, -1 for no constraint): Is this a TLS web client certificate? (y/N): Will the certificate be used for IPsec IKE operations? (y/N): Is this a TLS web server certificate? (y/N): Enter a dnsName of the subject of the certificate: Enter a URI of the subject of the certificate: Enter the IP address of the subject of the certificate: Enter the e-mail of the subject of the certificate: Will the certificate be used to sign other certificates? (y/N): y Will the certificate be used to sign CRLs? (y/N): y Will the certificate be used to sign code? (y/N): y Will the certificate be used to sign OCSP requests? (y/N): y Will the certificate be used for time stamping? (y/N): y Enter the URI of the CRL distribution point: X.509 Certificate Information: Version: 3 Serial Number (hex): 554779e226a72efa Validity: Not Before: Mon May 04 13:53:39 UTC 2015 Not After: Thu May 01 13:53:42 UTC 2025 Subject: OU=TestOU,O=TestOrg Subject Public Key Algorithm: RSA Algorithm Security Level: Medium (2048 bits) Modulus (bits 2048): 00:b5:0e:42:07:c8:ad:c2:f8:83:1f:6b:4a:be:bc:b0 5b:30:51:55:fe:fd:04:c7:85:5c:03:9f:ec:ca:10:99 89:e2:72:25:62:fe:f6:a8:7f:d9:2c:47:a0:37:23:22 dd:8b:22:7e:fa:92:15:a8:b3:55:53:8a:f4:5a:ae:1e 73:0b:f9:e1:d0:fa:eb:d7:b8:65:b2:0c:96:81:59:8d 92:12:5c:42:9c:72:7f:83:66:c6:3e:31:0f:ce:e7:66 ac:64:2e:38:4a:9a:96:66:60:13:92:c6:4a:e5:e1:ff 7d:33:d7:b5:11:85:4b:91:0d:9f:5f:3d:4e:3e:fb:5e 9b:94:2d:e4:4f:79:66:ba:98:c4:09:d2:8e:19:54:fc bc:69:1e:49:ff:7b:70:e9:8f:76:cc:34:5c:95:b4:cb 78:a1:aa:d8:a8:12:29:18:01:cd:08:71:43:f9:60:ed 94:cb:6c:54:0c:49:ab:f1:9c:3d:7e:04:17:74:4c:3c a6:c8:61:ab:60:e9:b8:ca:89:fc:0b:89:ca:e3:da:49 21:6b:79:f1:76:19:bf:db:c3:2f:59:66:4c:ad:1f:94 5f:57:c1:74:ed:ad:b8:c4:75:c2:df:fc:f2:8e:2b:01 0c:39:98:2b:62:63:9b:47:9b:a4:b9:54:8f:7e:4e:94 a1 Exponent (bits 24): 01:00:01 Extensions: Basic Constraints (critical): Certificate Authority (CA): TRUE Key Purpose (not critical): Code signing. OCSP signing. Time stamping. Key Usage (critical): Certificate signing. CRL signing. Subject Key Identifier (not critical): 0ee3d0522bd698f092f165500f25fcc09d0792ad Other Information: Public Key ID: 0ee3d0522bd698f092f165500f25fcc09d0792ad Public key's random art: +--[ RSA 2048]----+ | .+==oo | | .==+ . | | o ++.. | | * OE.. | | o X * S | | o = + | | . . | | | | | +-----------------+ Is the above information ok? (y/N): y Signing certificate... ----------------------------------------------------------------------- (3) Generate a private key for server certificate: ----------------------------------------------------------------------- $ certtool --generate-privkey --outfile server-key.pem Generating a 2048 bit RSA private key... ----------------------------------------------------------------------- (4) Generate the certificate request for the server: ----------------------------------------------------------------------- $ certtool --generate-request --load-privkey server-key.pem --outfile server-request.pem Generating a PKCS #10 certificate request... Common name: Organizational unit name: Organization name: Locality name: State or province name: Country name (2 chars): Enter the subject's domain component (DC): UID: Enter a dnsName of the subject of the certificate: localhost Enter a dnsName of the subject of the certificate: Enter a URI of the subject of the certificate: Enter the IP address of the subject of the certificate: Enter the e-mail of the subject of the certificate: Enter a challenge password: Does the certificate belong to an authority? (y/N): Will the certificate be used for signing (DHE and RSA-EXPORT ciphersuites)? (Y/n): Will the certificate be used for encryption (RSA ciphersuites)? (Y/n): Is this a TLS web client certificate? (y/N): Is this a TLS web server certificate? (y/N): y ----------------------------------------------------------------------- (5) Generate a server sertificate using the key and request from steps (3) and (4): ----------------------------------------------------------------------- $ certtool --generate-certificate --load-request server-request.pem \ --outfile server-cert.pem --load-ca-certificate ca-cert.pem \ --load-ca-privkey ca-key.pem Generating a signed certificate... Enter the certificate's serial number in decimal (default: 6145015839457047347): Activation/Expiration time. The certificate will expire in (days): 3650 Extensions. Do you want to honour the extensions from the request? (y/N): y Does the certificate belong to an authority? (y/N): Is this a TLS web client certificate? (y/N): Will the certificate be used for IPsec IKE operations? (y/N): Is this a TLS web server certificate? (y/N): y Enter a dnsName of the subject of the certificate: localhost Enter a dnsName of the subject of the certificate: Enter a URI of the subject of the certificate: Enter the IP address of the subject of the certificate: Will the certificate be used for signing (DHE and RSA-EXPORT ciphersuites)? (Y/n): Will the certificate be used for encryption (RSA ciphersuites)? (Y/n): X.509 Certificate Information: Version: 3 Serial Number (hex): 55477b5929fc7333 Validity: Not Before: Mon May 04 13:59:55 UTC 2015 Not After: Thu May 01 13:59:58 UTC 2025 Subject: Subject Public Key Algorithm: RSA Algorithm Security Level: Medium (2048 bits) Modulus (bits 2048): 00:b7:12:03:7a:ad:15:cd:42:ec:ad:e8:65:b2:a6:d7 41:b1:3b:d4:a5:44:1e:18:58:b1:8e:38:d7:42:d3:05 a0:65:f4:e6:2a:cc:20:e1:ab:f0:1e:11:00:9b:d4:ac 77:34:1c:66:06:df:dc:6b:f9:72:28:ed:f1:65:64:9b 28:36:81:f1:a8:0d:15:9d:71:e2:57:c2:53:63:54:82 c0:f0:8c:a4:24:b3:17:cb:e3:cd:9d:a4:11:7b:23:3a 27:0d:87:2a:36:4e:d7:6b:4d:79:a6:07:c2:16:bf:fc 8b:a0:31:25:68:a8:32:bb:69:24:b1:78:fd:15:b8:ad 40:fd:03:a0:b7:c7:03:b2:33:8f:f4:3b:56:f0:87:ab 41:28:44:6a:80:08:fd:45:f9:f1:86:e7:1c:d1:3e:fa 37:3b:68:86:74:d4:17:11:16:f9:a5:83:5a:54:e4:1e 3f:63:75:cb:51:a2:93:19:5e:fb:bc:cd:72:f6:b3:4f 39:82:94:50:34:68:44:83:2d:67:67:24:37:75:e8:79 4e:82:31:b9:b4:dc:10:e3:0e:08:be:95:2f:07:cb:7c 77:57:1a:74:4a:5e:64:6d:ba:7d:92:25:f8:4c:23:41 ff:d3:e9:38:5f:d5:12:86:89:a0:11:d8:ca:c1:29:da 6b Exponent (bits 24): 01:00:01 Extensions: Subject Alternative Name (not critical): DNSname: localhost DNSname: localhost Basic Constraints (critical): Certificate Authority (CA): FALSE Key Usage (critical): Digital signature. Key encipherment. Key Purpose (not critical): TLS WWW Server. TLS WWW Server. Subject Key Identifier (not critical): d0299115d42ee08014254e2172604c53a1e23a74 Authority Key Identifier (not critical): 0ee3d0522bd698f092f165500f25fcc09d0792ad Other Information: Public Key ID: d0299115d42ee08014254e2172604c53a1e23a74 Public key's random art: +--[ RSA 2048]----+ |**OBo .++o | |o*+.. oo .. | |... oo.o. | |o .o. . | | o E S. | |o . | |o | | . | | | +-----------------+ Is the above information ok? (y/N): y Signing certificate... ----------------------------------------------------------------------- (6) Run a GnuTLS server with the certificates created from above: ----------------------------------------------------------------------- $ gnutls-serv --priority=NORMAL -p 9000 \ --x509cafile=/export/security/gnutls/ca-cert.pem \ --x509certfile=/export/security/gnutls/server-cert.pem \ --x509keyfile=/export/security/gnutls/server-key.pem ----------------------------------------------------------------------- (7) Use the GnuTLS client to verify the connection: ----------------------------------------------------------------------- $ gnutls-cli --priority=NORMAL -p 9000 --x509cafile=/export/security/gnutls/ca-cert.pem localhost ----------------------------------------------------------------------- * * * Verification of GnuTLS server/client ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Complete output of steps (6) and (7): Server: ----------------------------------------------------------------------- $ gnutls-serv --priority=NORMAL -p 9000 \ --x509cafile=/export/security/gnutls/ca-cert.pem \ --x509certfile=/export/security/gnutls/server-cert.pem \ --x509keyfile=/export/security/gnutls/server-key.pem Set static Diffie-Hellman parameters, consider --dhparams. Processed 1 CA certificate(s). HTTP Server listening on IPv4 0.0.0.0 port 9000...done HTTP Server listening on IPv6 :: port 9000...done * Accepted connection from IPv4 127.0.0.1 port 37327 on Mon May 4 16:05:04 2015 - Description: (TLS1.2)-(ECDHE-RSA-SECP256R1)-(AES-128-GCM) - Session ID: 72:D5:EE:81:8C:89:A2:90:83:28:86:9D:9C:CA:87:D8:E0:EC:CB:E8:26:7A:8E:4C:23:0F:F0:4A:88:00:7C:D9 - Given server name[1]: localhost No certificates found! - Ephemeral EC Diffie-Hellman parameters - Using curve: SECP256R1 - Curve size: 256 bits - Version: TLS1.2 - Key Exchange: ECDHE-RSA - Server Signature: RSA-SHA256 - Cipher: AES-128-GCM - MAC: AEAD - Compression: NULL - Options: safe renegotiation, - Channel binding 'tls-unique': 0ffef0a6a456de3759241c5f Scheduling inactive connection for close ----------------------------------------------------------------------- Client: ----------------------------------------------------------------------- $ gnutls-cli --priority=NORMAL -p 9000 --x509cafile=/export/security/gnutls/ca-cert.pem localhost Processed 1 CA certificate(s). Resolving 'localhost'... Connecting to '127.0.0.1:9000'... - Certificate type: X.509 - Got a certificate list of 1 certificates. - Certificate[0] info: - subject `', issuer `OU=TestOU,O=TestOrg', RSA key 2048 bits, signed using RSA-SHA256, activated `2015-05-04 13:59:55 UTC', expires `2025-05-01 13:59:58 UTC', SHA-1 fingerprint `bfbc1bb97c 9fe3941c3ae22703d76ccde1146cf2' Public Key ID: d0299115d42ee08014254e2172604c53a1e23a74 Public key's random art: +--[ RSA 2048]----+ |**OBo .++o | |o*+.. oo .. | |... oo.o. | |o .o. . | | o E S. | |o . | |o | | . | | | +-----------------+ - Status: The certificate is trusted. - Successfully sent 0 certificate(s) to server. - Description: (TLS1.2)-(ECDHE-RSA-SECP256R1)-(AES-128-GCM) - Session ID: 61:81:86:45:8A:A0:D4:38:22:A8:43:AC:0A:47:F0:59:F5:6E:D4:96:42:DA:EB:8B:02:E7:20:2D:5B:5A:9A:20 - Ephemeral EC Diffie-Hellman parameters - Using curve: SECP256R1 - Curve size: 256 bits - Version: TLS1.2 - Key Exchange: ECDHE-RSA - Server Signature: RSA-SHA256 - Cipher: AES-128-GCM - MAC: AEAD - Compression: NULL - Options: safe renegotiation, - Handshake was completed - Simple Client Mode: - Peer has closed the GnuTLS connection -----------------------------------------------------------------------