Certificate authority changes with OpenSSL
Viktor Dukhovni
openssl-users at dukhovni.org
Thu Mar 17 20:32:58 UTC 2022
On Thu, Mar 17, 2022 at 07:51:43PM +0100, egoitz--- via openssl-users wrote:
> I think that is the problem, the sha1.
That's the specific issue being reported.
> So... I have built Openssl 3.0.2
There's no reason for OpenSSL 3.0.2, that might just tighten the
restrictions further. OpenSSL 1.0.0 and up all support SHA2-256,
you can create and consume SHA-2 certificates with OpenSSL 1.1.1.
> I have seen that the own CA uses sha1WithRSAEncryption signature
> algorithm.
Yes, fix that.
> I assume this is one of the things to change, so I have planned to
> convert the whole PKI, the whole CA to another supported Signature
> algorithm that had no issues with SECLEVEL2.
Just set the default digest to sha256, and reissue all the intermediate
and leaf certificates. The root CA can stay unchanged, its
self-signature is not relevant.
> 1 - Is it possible to update a whole CA with 2048 bit public and private
> keys (I used in req section of openssl.conf, the default_bits to 2048)
> to a Signature algorithm that don't bother the SECLEVEL 2?.
SHA2-256 is sufficient.
> I mean to have two versions of the same certificate. One for SECLEVEL1
> and one for SECLEVEL2?. I preserve all csr and so....
It is isn't "the same certificate". You can issue new certificates,
that all clients can verify, by using SHA2-256.
> 2 - I was wondering too another question... although this is not urgent
> now. If the CA key pair, is almost expiring what's the proper process of
> doing what is supposed to be done?. I assume, it could be :
Keys don't expired, certificates do. You can reissue a CA certiifcate
with the same key and subject name, but a different expiration time and
serial number.
> But... I assume I would have to use a different CN for the new CA?.
No, you would typically use the same CN if just extending the validity.
> Perhaps is this same process the one I need to do.... for converting
> certificates from SECLEVEL 1 friendly to SECLEVEL 2 friendly?.
Certificate don't have seclevels, they have a signature algorithm,
SHA2-256 has long been support by all clients.
--
Viktor.
More information about the openssl-users
mailing list