Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Signing certificate with another certificate signed by CA

Tags:

openssl

x509

pki

Is it possible to sign a new certificate using a certificate signed by a CA as the CA for other certificates and still have them validated by the root CA?

Example:

# create new key
openssl genrsa -des3 -out server.key 2048
openssl req -new -key server.key -out server.csr
....
# send csr to ca for signing
....
# now what if we make a new key and sign it with the received crt?
openssl genrsa -des3 -out newkey.key 2048
openssl req -new -key newkey.key -out newkey.csr
openssl x509 -req -in newkey.csr -CA server.crt -CAkey server.key -CAcreateserial -out newcert.crt -days 500

Why is it not possible to do this? I tried using this new cert for a service and the browser complains that the certificate lacks CA chain. Basically I want to use one certificate that is signed for the domain and create new certificates for subdomains using domain certificate as CA for the subdomains. How is this process designed to work?

like image 976
Martin Avatar asked Jan 23 '14 21:01

Martin


1 Answers

Whether or not a certificate can be used to sign another certificate is defined by the basic constraints field of the certificate. When you submit a CSR to a CA, the certificate returned by the CA should specify that the certificate cannot be used to sign other certificates in the basic constraints field.

Otherwise, this would open the door to anyone being able to create a fake certificate for any site. For example, I could create a CSR for mysite.com, get the certificate signed by a CA like VeriSign, then create a CSR for www.paypal.com and use the certificate for mysite.com to sign the certificate for www.paypal.com. Then, I would have a valid certificate for www.paypal.com. But, I'm not paypal.com.

Notwithstanding, many early SSL implementations in early browsers and even some early versions of OpenSSL did not check the basic constraints field of the certificates in a certificate chain, so this was a vulnerability that could be exploited. Security researcher Moxie Marlenspike was active in bringing this to the public's attention which forced browser makers to fix this. See http://www.thoughtcrime.org/ie-ssl-chain.txt for more info.

like image 61
mti2935 Avatar answered Sep 18 '22 23:09

mti2935