Questions about signing an intermediate CA

Michael Wojcik Michael.Wojcik at microfocus.com
Wed Feb 12 19:28:00 UTC 2020


> From: Michael Leone [mailto:turgon at mike-leone.com]
> Sent: Wednesday, February 12, 2020 12:10

> > Here's the config section I use for my test intermediate certificate:

> > [ v3_intermediate_ca ]
> > authorityKeyIdentifier = keyid:always,issuer
> > # pathlen:0 means these certs can only sign non-CA certs
> > basicConstraints = critical, CA:true, pathlen:0
> > keyUsage = critical, digitalSignature, cRLSign, keyCertSign
> > nsComment = "TestCA Intermediate Certificate"
> > subjectKeyIdentifier = hash

> Yes, the openssl.cnf I have came with that section, too.

Well, probably not verbatim, since I'm pretty sure I set at least that nsComment value. But, yes, it's not surprising if you already have a v3_intermediate_ca section.

> But I don't see how to use that section specifically, or when it's
> needed to use that section.

You use it by specifying the -extensions option on the ca subcommand:

$ openssl ca -in something.csr -out something.pem -extensions v3_intermediate_ca

And you need it when you're signing an intermediate certificate, because the Basic Constraints and EKU have to be set appropriately. (Well, often you can get by, for some use cases, with non-conforming intermediate certificates. But careful peers will be unhappy with entity certificates signed by a non-conforming intermediate.)

> ... an end entity (I guess that's the term - you know, a "regular"
> certificate, like something used by a web server to secure traffic).

Nomenclature varies, but for example PKIX (RFC 3647) refers to "CA-certificates" and "end entity certificates". They qualify "entity" with "end" because they use "entity" broadly to refer to anything that a certificate might identify, including a CA. I generally use just "entity" to refer to leaf certificates in the hierarchy, because "end entity" is cumbersome, and terms such as "root" and "intermediate" are more useful for certificates elsewhere in the hierarchy.

Of course, there are X.509-based networks which are not strictly hierarchical. Even with PKIX we see things like cross-signing, and you can construct any sort of graph, even cyclical, of certificate relationships. (There are some specifications for non-hierarchical certificate networks.) Describing certificates in those sorts of environments is more complicated. But those are still niche applications.

--
Michael Wojcik


More information about the openssl-users mailing list