OpenSSL

From ArchWiki
Jump to: navigation, search

OpenSSL is an open-source implementation of the SSL and TLS protocols, designed to be as flexible as possible. It is supported on a variety of platforms, including BSD, Linux, OpenVMS, Solaris and Windows.

openssl is installed by default on Arch Linux (as a dependency of coreutils).

Warning: Collaborated research into OpenSSL protocol usage, published in May 2015, showed further significant risks for SSL connections; named "Logjam" attack. See https://weakdh.org/ for results and https://weakdh.org/sysadmin.html for suggested server-side configuration changes.

Configuration

On Arch Linux the OPENSSLDIR is /etc/ssl.

The OpenSSL configuration file, conventionally placed in /etc/ssl/openssl.cnf, may appear complicated at first. Remember that variables may be expanded in assignments, much like how shell scripts work. For a thorough explanation of the configuration file format, see config(5ssl).

req section

Merge-arrows-2.pngThis article or section is a candidate for merging with #Generate a certificate signing request.Merge-arrows-2.png

Notes: Same topic. (Discuss in Talk:OpenSSL#Plan)

Settings related to generating keys, requests and self-signed certificates.

The req section is responsible for the DN prompts. A general misconception is the Common Name (CN) prompt, which suggests that it should have the user's proper name as a value. End-user certificates need to have the machine hostname as CN, whereas CA should not have a valid TLD, so that there is no chance that, between the possible combinations of certified end-users' CN and the CA certificate's, there is a match that could be misinterpreted by some software as meaning that the end-user certificate is self-signed. Some CA certificates do not even have a CN, such as Equifax:

$ openssl x509 -subject -noout < /etc/ssl/certs/Equifax_Secure_CA.pem
subject= /C=US/O=Equifax/OU=Equifax Secure Certificate Authority

Usage

This sections assumes you have read Transport Layer Security#Obtaining a certificate.

Generate an RSA private key

With genpkey(1ssl), which supersedes genrsa according to openssl(1ssl):

$ openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:keysize -out file

If an encrypted key is desired, use the -aes-256-cbc option.

Generate a certificate signing request

Use req(1ssl):

$ openssl req -new -sha256 -key private_key -out filename

Generate a self-signed certificate

$ openssl req -key private_key -x509 -new -days days -out file

Troubleshooting

"bad decrypt" while decrypting

OpenSSL 1.1.0 changed the default digest algorithm for the dgst and enc commands from MD5 to SHA256. [1]

Therefore if a file has been encrypted using OpenSSL 1.0.2 or older, trying to decrypt it with an up to date version may result in an error like:

error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:crypto/evp/evp_enc.c:540

Supplying the -md md5 option should solve the issue:

$ openssl enc -d -md md5 -in encrypted -out decrypted

See also