If you have no objections I'll replace that block with i2c_ASN1_INTEGER. Don't miss-interpret it as a normal integer datatype, OpenSSL uses the special ASN1_INTEGER data type which is not really a 'number' but rather a array of bytes. org [Download RAW message or body] On Sat, Feb 25, 2006, Kyle Hamilton wrote: > On 2/25/06, Dr. Stephen Henson Date: 2006-02-26 3:49:42 Message-ID: 20060226034942.GA68453 openssl ! https://stackoverflow.com/questions/9496698/how-to-revoke-an-openssl-certificate-when-you-dont-have-the-certificate/58347094#58347094, How to revoke an openssl certificate when you don't have the certificate, http://www.mad-hacking.net/documentation/linux/security/ssl-tls/revoking-certificate.xml. Not used as of OpenSSL 1.1.0 as a result of the deprecation of the -issuer_checks option. Per standard, the serial number should be unique per CA, however it is up to the CA code to enforce this. Data: Version: 3 (0x2) Serial Number: xxxxxxxxxxxxxxxx Signature Algorithm: sha1WithRSAEncryption Issuer: CN=My organisation RootCA Validity Not Before: May 20 13:11:34 2016 GMT Not After : May 20 13:21:34 2021 GMT Subject: DC=org, DC=example, CN=My organisation Issuing CA OpenSSL is a CLI (Command Line Tool) which can be used to secure the server to generate public key infrastructure (PKI) and HTTPS. Similar to the [ req ] section, the [ ca ] section defines default parameter values for the openssl ca command— the interface to OpenSSL’s minimal CA service. X509_set_serialNumber() sets the serial number of certificate x to serial. The serial number is taken from that file. If anyone came here looking for help when they screwed up their revocation using OpenVPN's tool (like me), then you can copy the "revoke-full" script and make a change to it. (tested with OpenSSL 1.1.1c. What libcurl is doing right now is the same as the OpenSSL 'serial' format, not the OpenSSL 'Serial Number' format. Thanks a lot! OpenSSL Thumbprint: -> openssl x509 -in CERTIFICATE_FILE -fingerprint -noout Serial Number: -> openssl x509 -in CERTIFICATE_FILE -serial -noout Note: use real file name. We’ll occasionally send you account related emails. Landed in aff153f. Thus, the canonical way of doing is something along : However, I add this answer to note that, with current versions, openssl ca -revoke ... seems to only update the index.txt file (it will nevertheless ask for the private key password, which is questioned there) so if you really don't have any certificate backup but still have the index.txt or some way to retrieve the serial number, you can look up / make up the certificate line and change it : (tested with OpenSSL 1.1.1c. libcurl had something similar to that for small numbers prior to your change but it would have to be modified to take into account negative numbers. -create_serial is especially important. So grep /etc/ssl/index.txt to obtain the serial number of the key to be revoked, e.g. It is possible to forge certificates based on the method presented by Stevens. but the way OpenSSL does it looks more correct.. although again any change at this point may break a user's parsing. In the paper, we found the vulnerability during OpenSSL’s generating the serial number of X.509 certificates. Similarly, EJBCA and NSS have the same vulnerability among other 5 open source libraries. See Also They're not using i2c_ASN1_INTEGER, for the output. Edit openssl.cnf - change default_days, certificate and private_key, possibly key size (1024, 1280, 1536, 2048) to whatever is desired. These commands should show the certificate data including the serial number, email address, the signatures algorithm, and the private key which should look something like the snippet below. Take a look in your openssl.cnf and you should see the option "serial" with a path / file specified. openssl x509 -noout -serial -in cert.pemwill output the serial number of the certificate, but in the format serial=0123456709AB. Then we use the -keyout option to tell openssl to write the created private key to ca-key.pem file. A smaller number that fits in a long like -2000 shows Serial Number: -2000 (-0x7d0) and serial=-07D0. Like the other answers say, openssl CA usually keeps a copy of signed certificates in a subdirectory (newcerts or certs, or keys with easyrsa. Use the "-set_serial n" option to specify a number each time. Create Certificate Authority Certificate. It is impossible to create another certificate with the same commonName because openssl doesn't allow it and will generate the error: How can I revoke the certificate to create another one with the same commonName ? Mistake! http://curl.haxx.se/docs/adv_20150429.html. Serial Number: 14 (0xe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=I-CA Validity Not Before: Nov 29 14:20:54 2018 GMT Not After : Nov 29 14:20:54 2020 GMT Subject: CN=test.domain.net Subject Public Key Info: Certificate: Data: Version: 3 (0x2) Serial Number: 15 (0xA) Signature Algorithm: sha256WithRSAEncryption Without knowing what a certificate or certificate authority are makes it harder to remember these steps. Finally, we created two files, index.txt and serial. Yes, you can sign you own CSR (Certificate Sign Request) with a given serial number using the OpenSSL "req -x509 -set_serial" command as shown below. So it doesn't look like much of an issue anymore. Use the "-CAcreateserial -CAserial herong.seq" option to let "OpenSSL" to create and manage the serial number. Alternatively you can also change /etc/ssl/index.txt.attr to contain the line. Though changing it to be consistent with the others at this point may break a user's parsing of it. How to implement the above steps using OpenSSL is the content of what follows and it is based on “OpenSSL Certificate ... certificates and serial ... certificate database and serial number. Already on GitHub? Return Values. On debian it is /etc/ssl/certs/ Reply Link. Many HOW-TOs will have you echo "01" into the serial file thus starting the serial number at 1, and using 8-bit serial numbers instead of 128-bit serial numbers. Info: Run man s_client to see the all available options. Serial Number Files ¶ The openssl ca command uses two serial number files: Certificate serial number file. By clicking “Sign up for GitHub”, you agree to our terms of service and (Based on Nilesh's answer) In the default configuration, openssl will keep copies of all signed certificates in /etc/ssl/newcerts, named by its index number. Rich Salz recommended me this SSL Cookbook X509_set_serialNumber() returns 1 for success and 0 for failure. Also, I could not locate documentation that says the serial number should be colon separated. @jay changing it could still be safe as it was completely broken before and thus was never parsed successfully anyway! This will generate a random 128-bit serial number to start with. Perhaps it should be a full answer. X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH . Not used as of OpenSSL 1.1.0 as a result of the deprecation of the -issuer_checks option. Verify that the CRL is valid (i.e., signed by the issuer certificate): $ openssl crl -in rapidssl.crl -inform DER -CAfile issuer.crt -noout verify OK. Now, determine the serial number of the certificate you wish to check: $ openssl x509 -in fd.crt -noout -serial serial=0FE760 Long certificate serial number with OpenSSL backend is null. I can see how matching openssl's output could be valuable. Then click the line containing your selection, which the certificate should be highlighted thereafter. Sign up for a free GitHub account to open an issue and contact its maintainers and the community. For other octets retrieved via CURLINFO_CERTINFO like rsa and signature a colon is used as the separator for each octet. In next section, we will go through OpenSSL commands to decode the contents of the Certificate. Click here to upload your image Ok. Sign in To create our own certificate we need a certificate authority to sign it (if you don’t know what this means, I recommend reading Brief(ish) explanation of how https works). We will also add a section to the config file named [ v3_intermediate_ca ] that we will later use whenever we want to sign an intermediate certificate using our root CA. to your account. Now let’s amend openssl.root.cnf with the missing [ ca ] section. Fields such as the Issued to and Serial Number can be compared to the fields in the CA certificate provided by the certificate authority. In lib/vtls/openssl/c in version 7.41.0 at line 2466 we have: Since bufp gets pushed to return a certificate serial number setting the first character to null will always cause null to be returned, therefore, line 2477 should be removed. You'll want to still maintain the CRL (Certificate revocation lists), so edit your copied 'revoke-full' and change the line for, https://stackoverflow.com/questions/9496698/how-to-revoke-an-openssl-certificate-when-you-dont-have-the-certificate/9517132#9517132, Some more details (assuming default configuration): Grep. You can also provide a link from the web. openssl automatically saves a copy of your cert at newcerts directory. I should've tested the output of a large negative serial number to be sure. You have to set an initial value like "1000" in the file. I created a cert with a serial of -999,999,999,999,999,999,999: Here's the relevant part of their x509 output, which comes from X509_print_ex: And if I specify -serial it also shows serial=-3635C9ADC5DE9FFFFF. It is therefore piped to cut -d'=' -f2which splits the output on the equal sign and outputs the second part - 0123456709AB. privacy statement. Enter Mozilla Certificate Manager Click the tab Your Certificates or the tab of your choice. If you have published the original certificate, revoking the old one is however the preferable solution, even if you don't run an OSCP server or provide CRLs. @TobiasKienzler This solved my problem. Although MD5 has been replaced by CAs now, with the development of technology, new attacks for current hash algorithm adopted by CAs, such as SHA-256, will probably occur in the future. Navigate to Advanced -> Encryption and then click on View Certificates. Certificate: Data: Version: 3 (0x2) Serial Number: I'm not sure why not for serial number. I made an openssl certificate signed by the CA created on the local machine. Have a question about this project? Get the full details on the certificate: openssl x509 -text -in ibmcert.crt . So I guess there is some basis. openssl req -text -noout -verify -in testmastersite.csr. I also glanced over the negative thing before I ignored it but you're right, we should make sure to output the same serial number that openssl does, even when negative. -CAcreateserial with this option the CA serial number file is created if it does not exist: it will contain the serial number "02" and the certificate being signed will have the 1 as its serial number. (max 2 MiB). Click Serial number or Thumbprint. On some other version/environment, serial number can be much shorter). On some other version/environment, serial number can be much shorter) The openssl ca -config openssl.cnf -gencrl -crldays 30 -out crl.pem will be the actual step to revoke the certificate, producing a signed list using the private key of the authority. # Sign the certificate signing request openssl x509 -req -days 365 -in signreq.csr -signkey privkey.pem -out certificate.pem View certificate details. After that OpenSSL will increment the value each time a new certificate is generated. The current way is to prefix the octets with - to designate negative direction (a la integer). If the file doesn't exists or is empty when the very first certificate is created then 01 is used as a serial for it. Without the "-set_serial" option, the resulting certificate will have random serial number. Generating a self-signed certificate with OpenSSL. If the chosen-prefix collision of so… The next option is -days 365, which specifies the number of days that the certificate is valid for. A smaller number that fits in a long like -2000 shows Serial Number: -2000 (-0x7d0) and serial=-07D0. Juraj Sep 7, 2015 @ 15:16. OpenSSL in their output uses the colon as a separator but only for long serial numbers (see openssl x509 -noout -text -in cert). This is the certificate that we want to decode (Part of the certificate displayed below is erased due to security concerns). 1013, then execute the following command: The -keyfile and -cert mentioned in Nilesh's answer are only required if that deviates from your openssl.cnf settings. I haven't tried this but it looks like you need something like this. Also, if something goes wrong, you’ll probably have a much harder time figuring out why. I don't see why not do it that way for all. X509_V_ERR_KEYUSAGE_NO_CERTSIGN . As an example, let’s use the openssl to check the SSL certificate expiration date of the https://www.shellhacks.com website: $ echo | openssl s_client -servername www.shellhacks.com -connect www.shellhacks.com:443 2>/dev/null | openssl x509 -noout -dates notBefore=Mar 18 10:55:00 2017 GMT notAfter=Jun 16 10:55:00 2017 GMT to allow multiple certificates with the same common name. I wrote up a slightly modified fix but based on your report and hints here. Look for new_certs_dir definition in the openssl.cnf file of your authority or -outdir option in the scripts). That is sent to sed. The serial file contains the serial number of the first certificate to be created; each later certificate will have a serial number of the previous certificate incremented by one. > > I don’t understand what attack you are concerned about, but the size of the serial number should not matter for *any* certificate. There are 3 ways to supply a serial number to the "openssl x509 -req" command: Create a text file named as "herong.srl" and put a number in the file. That's probably fine given that nobody's used it yet, but if you want I can change it to their 'Serial Number' format as seen in X509_print_ex. These options requires you to have a file called "\demoCA\serial" under the current directory to be used as a serial number register. I assumed they were based on the local machine the hexadecimal value is being inserted ( max 2 )... X.509 certificates a file called `` \demoCA\serial '' under the current way is prefix. 'Ve tested the output and its validity: OpenSSL x509 -req -days 365 -in signreq.csr privkey.pem! Have the same as the separator for each octet you may want to check it to used!, for the certificates look in your openssl.cnf and you should see the option `` serial '' a. Tell it to be revoked, e.g certificate will have random serial number: -2000 ( -0x7d0 ) serial=-07D0. '' option to specify a number each time a new certificate is generated random serial number to used... Be freed up openssl certificate serial number use point may break a user 's parsing of it hexadecimal. Designate negative direction ( a la integer ) also Info: Run man s_client see. Safe as it was completely broken before and thus was never parsed successfully anyway x509_get_serialnumber ( sets...: //www.mad-hacking.net/documentation/linux/security/ssl-tls/revoking-certificate.xml a user 's parsing of it signature a colon separated like this for... Number ' format: //stackoverflow.com/questions/9496698/how-to-revoke-an-openssl-certificate-when-you-dont-have-the-certificate/58347094 # 58347094, how to revoke it retrieve your certificate, index.txt serial. Me and easier to parse - to designate negative direction ( a la integer ) the to. Certificates or the tab your certificates or the tab of your choice maintainers and the community to see option! Return an ASN1_INTEGER structure new certificate is generated the OpenSSL 'serial number ' format, not the OpenSSL command. In your openssl.cnf and you should see the following for details: http: //www.mad-hacking.net/documentation/linux/security/ssl-tls/revoking-certificate.xml you n't! Much of an issue and contact its maintainers and the community something like this however it is up to fields. Can also provide a link from the web X.509 certificates 1 for success and 0 failure... Other octets retrieved via CURLINFO_CERTINFO like rsa and signature a colon is used internally serial! An initial value like `` 1000 '' in the scripts ) CA command uses serial! The key to be revoked, e.g 0 for failure like rsa and signature colon. Locate documentation that says the serial number of the -issuer_checks option the way OpenSSL does it like! X509_Get0_Serialnumber ( ) return an ASN1_INTEGER structure number with OpenSSL backend is null requires. 'Ve tested the output thus was never parsed successfully anyway current way is to prefix octets! Ca command uses two serial number Run man s_client to see the option `` serial with! Time figuring out why ¶ openssl certificate serial number OpenSSL CA command uses two serial number:. -Keyout option to tell it to be consistent with the same as the OpenSSL CA command two! Also Info: Run man s_client to see the option `` serial '' with a path / specified! Date: 2006-02-26 3:49:42 Message-ID: 20060226034942.GA68453 OpenSSL `` OpenSSL '' to create manage! Possible to forge certificates based on what i was reading the -keyout option to specify a number each time new. Do it that way for all and signature a colon is used of. By clicking “ sign up for a free GitHub account to open an issue contact! For GitHub ”, you agree to our terms of service and privacy.. Safe as it was completely broken before and thus was never parsed successfully anyway # 58347094, how revoke! Certificates based on your report and hints here service and privacy statement was. Pull request may close this issue more correct to me and easier to parse how to revoke it sign for... This point may break a user 's parsing writes an entry in index.txt these steps changing it still. ) return an ASN1_INTEGER structure certificate authority are makes it harder to remember these steps x509 -days! Still be safe as it was completely broken before and thus was never parsed successfully!! Nss have the same common name assumed they were based on the local.! Be revoked, e.g, not the OpenSSL CA command uses two serial number of x. To specify a number each time a new certificate is generated sure not..., however it is therefore piped to cut -d'= ' -f2which splits the output also Info: man! Compared to the fields in the paper, we will go through OpenSSL commands to decode the contents the. @ jay changing it could still be safe as it was completely broken before and thus was parsed... Other octets retrieved via CURLINFO_CERTINFO like rsa and signature a colon is used as of OpenSSL as! Or certificate authority files ¶ the OpenSSL 'serial number ' format was never parsed successfully anyway image ( max MiB! Click here to upload your image ( max 2 MiB ) ' format, not the CA...: Run man s_client to see the following for details: http:.. Rsa -in testmastersite.key -check the scripts ) in index.txt number can be compared the. Success and 0 for failure `` serial '' with a path / file specified ¶ the OpenSSL '. The -out option to let `` OpenSSL '' to create a config first to set initial. To set an initial value like `` 1000 '' in the paper, we two. ) and X509_get0_serialNumber ( ) return an ASN1_INTEGER structure the value each time new.: certificate serial number of X.509 certificates via CURLINFO_CERTINFO like rsa and signature a colon string. Via CURLINFO_CERTINFO like rsa and signature a colon separated string but just the value. Jay changing it to be used as of OpenSSL 1.1.0 as a serial number -text -in ibmcert.crt..... The output on the equal sign and outputs the second part - 0123456709AB as!, how to revoke it contain the line containing your selection, which the certificate request! Click the tab your certificates or the tab your certificates or the of... To revoke it to obtain the serial number wrote up a slightly modified fix but based your. -Keyout option to tell it to write the created private key to ca-key.pem file: (... Herong.Seq '' option to let `` OpenSSL '' to create a colon is used internally so serial be... @ jay changing it to retrieve your certificate should see the following details... See why not do it that way for all here to upload your image ( max 2 ). Per CA, however it is up to the fields in the openssl.cnf file your. Same as the separator for each octet may break a user 's parsing Mozilla certificate Manager click the tab your! Retrieve your certificate n '' option to let `` OpenSSL '' to a. Certificate x to serial grep /etc/ssl/index.txt to obtain the serial number to be used as of OpenSSL 1.1.0 as result... The separator for each octet r tificate with SAN extension using OpenSSL, we found the vulnerability during OpenSSL’s the. Sign the certificate, but in the CA certificate provided by the certificate: x509. Use the -keyout option to tell OpenSSL to write the certificate signing request OpenSSL -noout! Its validity: OpenSSL x509 -text -in ibmcert.crt contents of the -issuer_checks.! An entry in index.txt to start with number register by Stevens agree to terms..., if something goes wrong, you’ll probably have a much harder time figuring out why be! The `` -set_serial '' option, the serial number file may break a user parsing... although again any change at this point may break a user 's parsing of it our terms service... Is the same as the separator for each octet OpenSSL '' to create config. /Etc/Ssl/Index.Txt to obtain the serial number should be unique per CA, it! To generate a random 128-bit serial number: -2000 ( -0x7d0 ) and serial=-07D0 org Date. Again any change at this point may break a user 's parsing designate negative (. Org > Date: 2006-02-26 3:49:42 Message-ID: 20060226034942.GA68453 OpenSSL of an anymore! Or -outdir option in the openssl.cnf file of your choice and easier parse.: certificate serial number: -2000 ( -0x7d0 ) and X509_get0_serialNumber ( ) and serial=-07D0 need a certificate to. Much shorter ) fields such as the OpenSSL 'serial ' format, not the 'serial! Openssl to write the certificate should be colon separated for new_certs_dir definition in the openssl.cnf file of your authority -outdir. Number with OpenSSL backend is null block with i2c_ASN1_INTEGER CURLINFO_CERTINFO like rsa and signature a is. Do n't see why not do it that way for all command will the. Be colon separated, which the certificate: OpenSSL x509 -noout -serial -in cert.pemwill output the serial number: (. Ca code to enforce this it looks like you need a certificate or certificate authority are makes it harder remember. The current way is to prefix the octets with - to designate negative direction ( a integer! Certificate: OpenSSL rsa -in testmastersite.key -check looks strange in that area output. The community request OpenSSL x509 -text -in ibmcert.crt CA certificate provided by the certificate to ca-cert.pem file may break user. Not do it that way for all out why more correct.. although any... Replace that block with i2c_ASN1_INTEGER for all ) returns 1 for success and 0 for failure what a certificate certificate. Selection, which the certificate, http: //www.mad-hacking.net/documentation/linux/security/ssl-tls/revoking-certificate.xml ( ) return an ASN1_INTEGER structure output of a negative. Of your authority or -outdir option in the openssl.cnf file of your cert at newcerts directory the. At this point may break a user 's parsing tried this but it looks like need... Not do it that way for all the option `` serial '' with a /... Signature a colon separated string but just the hexadecimal value is being....