"SfR Fresh" - the SfR Freeware/Shareware Archive

Member "Lynx/lynx_doc/docs/README.rootcerts" of archive lynx.zip:

    1 	DOS/Windows-oriented notes on Root Certificates
    2 
    3 To use certificates or a cert bundle within an SSL enabled
    4 application such as lynx you must place your certificate
    5 files into a known directory, and set the environment
    6 variables to a proper value (e.g. in CONFIG.SYS file).
    7 
    8  set SSL_CERT_DIR=x:/usr/local/ssl/certs
    9  set SSL_CERT_FILE=x:/usr/local/ssl/cert.pem
   10 
   11 (See "What are root certificates" below.)
   12 
   13 
   14 Q.  Why would I want to install openssl.exe?
   15 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   16 
   17 openssl.exe is used to manage certificates.  (See "What are root certificates"
   18 below.)
   19 
   20 Q.  How to install openssl.exe?
   21 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   22 
   23 Put openssl.exe in a directory in your PATH and the DLLs to a directory
   24 in your LIBPATH.
   25 
   26 Copy conf\openssl.cnf.demoCA to a directory of your
   27 choice, rename it to openssl.conf and set the environment variable
   28 OPENSSL_CONF by putting
   29 
   30 SET OPENSSL_CONF=<your-directory>\openssl.cnf
   31 
   32 into CONFIG.SYS.
   33 
   34 
   35 Q. Why is this document so paranoid?
   36 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   37 
   38 If you want to use OpenSSL, then probably your Internet transactions have
   39 *real* monetary value embedded in them.  And as usual, the security is as good
   40 as the weakest link.  This document unravels only the tip of the iceberg
   41 of what can go wrong with improperly established "secure" connections.  And
   42 given the monetary value involved, "bad guys" have a high incentive to exploit
   43 the weakest links.  As experience shows, do not underestimate the intelligence
   44 of bad guys...
   45 
   46 Really, with security, a little knowledge is a dangerous thing; one can
   47 suspect that many people, if they really understood the trust structures
   48 associated with SSL, would be rather careful about checking the details
   49 of certificates.
   50 
   51 Q. What are root certificates?
   52 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   53 
   54 Making a secure connection is like sending your valuables (for storage or
   55 consumption) to somebody who agreed to be at a prearranged place.  To
   56 guard the valuables on the way there, you can ask for a police escort; this is
   57 what https:// connections are about.  However, it does not make any sense to
   58 have an escort if the goods are transfered to a random person who happens to be
   59 at this place; one needs to certify the identity of the receiver as well.
   60 
   61 The certification process is a chain; when site A wants to certify that it is
   62 actually what it claims, it actually says "Check this certificate with site B";
   63 to proceed, one needs to certify that site B is what it claims, so B may
   64 redirect to site C etc.  For this process to stop, some sites claim
   65 "You must know my certificate, check it yourself".  These certificates are
   66 "root certificates"; one cannot verify such a site unless one has the
   67 certificate for the "end of its certification chain".  If you don't have the
   68 relevant root certificate in your local certificates file, it means that
   69 you don't trust anyone to vouch for the authenticity of the site.
   70 
   71 So one should have a collection of known certificates from several well-known
   72 sites known as "Root Certification Authorities".  Most sites for large-scale
   73 businesses have certificates which will eventually resolve to these places.
   74 Such certicates represent people like Verisign that are in the business of
   75 confirming the identity of servers, etc.
   76 
   77 Additionally, since having yourself certified through another site costs,
   78 some sites avoid this cost via presenting "end-of-chain certificates".
   79 One should have a way to obtain these certificates via other means than
   80 insecure Internet connection (e.g., one can walk into the office and copy
   81 the certificate file to a floppy).  These are so-called "Self-signed
   82 certificates"; they are "root certificates" as well.  The locally-installed
   83 securely obtained copies of such certificates are referred to as
   84 "local certificates".  (See 'What is "Snake Oil Ltd."' below.)
   85 
   86 If you are presented with a locally-unresolvable root certificate, and you
   87 *believe* that you are really talking to the site, and not someone
   88 in between (who is either completely simulating the site or relaying
   89 your requests onto the real site - called a "man in the middle" attack),
   90 you will still have an encrypted connection.  Otherwise, you should act
   91 as though the site was an impostor, unless and until you manage to get
   92 a root certificate from a trustworthy source, and that root certificate
   93 represents someone that you would trust to have vetted the site you
   94 want to connect to.
   95 
   96 Local certificates are stored in SSL_CERT_FILE (this "cert bundle", usually
   97 named cert.pem, contains several signatures for "Root Certification
   98 Authorities") and SSL_CERT_DIR (which has a signature per file, and usually
   99 contain local copies of self-signed certificates).
  100 
  101 There are three crucial considerations to be added to this picture:
  102 
  103   a) While there are ways to ensure that the receivers are who they claim,
  104      there is absolutely no technological way to verify how *trustworthy*
  105      the receiving party is.  It does not make sense to secure-send your
  106      valuables to a certified receiver if this receiver is a crook (or will
  107      just keep them later in a publicly accessible place).
  108 
  109   b) "VeriSign Syndrome".  For the above scheme of "a chain of trust" to work,
  110      the "Root Certification Authorities" should be *very* trustworthy
  111      high-integrity entities.  Unfortunately, there are certain doubts that
  112      this is so.  E.g., fall 2003, VeriSign started an attack on DNS scheme
  113      which could disrupt the whole architecture of Internet (hijacking *all*
  114      unclaimed Internet addresses and redirecting them to a promotional site;
  115      google for VeriSign DNS hijack).
  116 
  117      One major company even issued a Microsoft certificate to a company
  118      other than Microsoft, and there had to be a Windows critical update
  119      to block that certificate.
  120 
  121   c) Keep in mind that the "big 2 browsers" are adding an increasing
  122      number of root certificates, and most users fail to realise that they
  123      are putting a trust in the supply chain for the browser to give them
  124      the certificates of reliable organisations (the browser suppliers could
  125      make bad choices, or the browser could have been hacked before you got
  126      it).
  127 
  128      Incidentally, standard browsers come with certificates representing
  129      very different levels of identity verification, but most people accept
  130      all of those supplied with the big 2 as equally valid.
  131 
  132 Q. How to obtain root certificates?
  133 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  134 
  135 Certificate files, such as cert.pem, are security critical; you have to
  136 trust whoever supplies it to you; all your certification process is no more
  137 trustworthy than the site you downloaded cert.pem from.  So you shouldn't just
  138 accept any offer.
  139 
  140 One way is to copy them from a machine which already obtained them in a secure
  141 way.  Another one is to extract them from a web browser which was itself
  142 obtained in a secure way (see "How to extract certificates from Internet
  143 Explorer" below).  If anything else fails, obtaining a privately-generated
  144 bundle from third-parties, such as
  145 
  146   http://www.kfu.com/~nsayer/encryption/ca-bundle.crt.text
  147 
  148 is *not* much better than no certificates at all, but may avoid some warnings
  149 from applications.  One of the places which has a bundle is the mod_ssl site.
  150 
  151 Q. Should you trust this distribution system?
  152 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  153 
  154 It is very hard to imagine a situation when the answer is different from
  155 "Absolutely not!".
  156 
  157 Indeed, obtaining the certificates is only half of the problem.
  158 The certificates are going to be checked by the SSL library.  Can you trust
  159 these executables (DLLs)?  Did you obtain the library via a secure connection?
  160 Are you sure that the place you obtained it from has reasonable security
  161 practice, so that the archive could not be tampered with?  The latter place
  162 most probably did not build the DLLs themselves; chances are they just
  163 store what a fourth-party supplied them.  Was *that* file transfer done via
  164 secure channels?  Can you trust this fourth-party so that it did not insert
  165 Trojans?
  166 
  167 Chances are that all of these questions are answered "No".  There are still
  168 major problems with bootstrapping security via the Internet...
  169 
  170 What about the application which uses these DLLs?  Do you have any reason to
  171 trust it?  What about the OS itself?  Did it come from a trustworthy source
  172 via trustworthy channels?  Are you sure it was not tampered with?
  173 
  174 Q.  How to compile and link with OpenSSL libraries?
  175 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  176 
  177 Put the files from include and lib to your emx directory,
  178 or directories on C_INCLUDE_PATH and LIBRARY_PATH.
  179 Note that openssl should become a subdirectory of your include directory.
  180 If you need .lib files you can create them using emxomf.
  181 
  182 The supplied library files link against the new renamed dlls open_ssl and
  183 cryptsll.
  184 
  185 See the doc directory for some information and visit
  186 http://www.columbia.edu/~ariel/ssleay/ for more infos.
  187 
  188 
  189 Q. Why do you need your own keys and certificates?
  190 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  191 
  192 There are several situations: having a server which accepts secure connections;
  193 authenticating yourself to a server by means other than login/password,
  194 sending S-Mime crypto-mail, authenticating from a client browser to a server.
  195 In each of these situations one needs keys.
  196 
  197 The following sites may be useful:
  198 
  199    http://www.pseudonym.org/ssl/ssl_cook.html#environment
  200    http://the.earth.li/~sgtatham/putty/0.53b/htmldoc/Chapter8.html#8.2
  201 
  202 Q. How to generate your own keys and certificates?
  203 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  204 
  205 There are many ways. A good solution is to use sslRexx. It provides everything
  206 you need. PuTTYgen is a key generator that will work.
  207 
  208 Below is a short description of how I made my own Certification Authority,
  209 a Server Key for Apache and a client Key/Certificate for me, signed by my
  210 own CA.
  211 
  212 
  213 Q. Howto: Root CA (needed to self-sign all certificates)
  214 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  215 
  216 Generate a CA-Key and store it in sub-directory private:
  217 
  218   openssl genrsa -des3  -out private/MyOwnCA.pem 2048
  219 
  220 Make a selfsigned certificate based on above key.
  221 
  222   openssl req -new -x509 -days 730 -key private/CAkey.pem -out CAcert.pem
  223 
  224 This certificate will expire in 2 years.
  225 
  226 Optional: generate text output of this certificate:
  227 
  228   openssl x509 -in ./CAcert.pem -text > CAcert.txt
  229 
  230 Now you have a key and certificate for your own CA which can be used
  231 to sign user and server keys. The CAcert is also needed to configure
  232 Apache and Netscape. You can/should give away the CA certificate but
  233 never give the CA key to anybody.
  234 
  235 
  236 Q. Howto: Your Client Certificate/Key
  237 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  238 
  239 Generate a private key
  240 ----------------------
  241 
  242   openssl genrsa -des3 -out hrom-key.pem 2048
  243 
  244 
  245 Create a signing request (same command again)
  246 ------------------------
  247 
  248   openssl req -new -key hrom-key.pem -out hrom-req.pem
  249 
  250 Let the CA sign it (same command again)
  251 ------------------
  252 
  253   openssl ca -in hrom-req.pem -out hrom-cert.pem -outdir MyOwnCA/newcerts
  254 
  255 After you get back the certificate from the CA, combine it with
  256 your private key and store the result as p12 file. This file can
  257 be imported into your browser.  The browser will use this file to present
  258 to a server requiring it for access.
  259 
  260   openssl pkcs12 -export -name Hromadka -in hrom-cert.pem -inkey hrom-key.pem -out hrom.p12
  261 
  262 
  263 Security Notes: Never give your private key to a CA, they only need the
  264 signing request. Never give away your p12 file. Always secure your private
  265 keys with a passphrase.
  266 
  267 
  268 Q. How to use c_rehash?
  269 ~~~~~~~~~~~~~~~~~~~~~~
  270 
  271 One needs a working port of Perl and cp.exe to run this.  Set OPENSSL to the
  272 full name of openssl executable.  One may also need to change some ':' to
  273 $Config{path_sep}.  c_rehash finds certs from enviroment variables and allows
  274 them to be recognized by openssl.
  275 
  276 Q. How to extract certificates from Internet Explorer?
  277 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  278 
  279 To make your own file of certificates, go to the
  280 "Tools/Internet Options/Content/Certificates/Trusted Root Certificates"
  281 section of IE. Select all the certificates, then "export" to a file.
  282 It will be saved as a PKCS#7 file, with suffix ".p7b". You can call
  283 it "ca_bundle.p7b". Then use openssl to convert it with the command:
  284 "openssl pkcs7 -inform DER -in ca_bundle.p7b -print_certs -text -out cert.pem".
  285 Ask your system administrator to put the file "cert.pem" in the openssl
  286 directory and c_rehash it. Then lynx can check the certificates against the
  287 set of certificates that you (or Microsoft) trusts, and you won't get the
  288 warning message any more.
  289 
  290 Q. How to install a self-signed certificate?
  291 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  292 
  293 When you would like to trust a self-signed (non-commercial) certificate you will
  294 need to get hold of the actual file. If it's a cert local to your network you
  295 can ask the sysadmin to make it available for download as a link on a webpage.
  296 
  297 If such file is not human-readable it's probably DER formatted and will need to
  298 be converted to PEM format to allow openssl to use it.
  299 
  300 To convert DER formatted certificates into something openssl can deal with:
  301 
  302 Save the cert as site_name.crt in a directory. In that directory, type:
  303 
  304   openssl x509 -inform DER -in site_name.crt -outform PEM -out site_name.pem
  305 
  306 You can now copy this individual cert into the directory for that and hash the
  307 cert by running c_rehash. A complete discussion of this procedure for unix is
  308 in the document README.sslcerts.