Secure Web Server with Client Certificate Authentication and Access Control Feature

• Secure web access provides the following services to the users:
  • Athentication service: The web server is configured to present a notorized credential called "certificates" to address identity concerns.
  • Encryption service: The web server and web client negotiate a session key for encrypting the packet data exchanged among them, ensuring the confidentiality of the information.
  • Option: mutual authentication service: The web server is configured to ask browsers to prompt the user to select a personal certificate, then check on the authenticity of the signed personal certificate and against an access control ("password") list.
• The mutual authentication service enables the web server to verify users without them presenting the login/password.
• Secure access to a web server can be enhanced by requiring a client to present its digital certificate.
• For more information about how can digital certificate be used to authenticate users/server. See Apache document on SSL/TLS Strong Encryption at https://httpd.apache.org/docs/2.4/ssl/ssl_intro.html
• In Public Key Infrastructure (PKI), there are organizations called Certificate Authorities (CA), which "sign" or certify the certificate requests sent in by others and return the signed certificate or called digital certificates. CAs are also responsible for revoking the certificates and maintaining a certificate revoke list (CRL).
• A certificate of a subject (users/servers) is a document that contains the information about the subject, the public key of the sender, valid period of the certificate, the issuer (Certificate Authority that signed this certificate), and the certificate signature. Note that subject field and public key information are sent by the requester. The other fields are filled in by the CA.
• The certificates are posted on CA sites or sender
• The public key infrastructure utilizes the public key cryptography first proposed by Dillfi and Hellman 1976. Public key cryptography used a pair key: one public key to be distributed to other communicating parties, and one private key that one must protect and hide. Data that encrypted by one key can only be decrypted by the other key.
  • To authenticate oneself, one can encrypt a known text with one's private key and sends the cipher or encrypted text to others. Receiver can use the public key (download from CA or sender's web site) of the sender to decrypt the encrypted text.
  • To encrypt the text and only allow a receiver to see it, the sender encrypts the text with the receiver's public key and send the cipher text. Only the receiver with the corresponding private key can decipher the text.
• How a certificate is signed by a CA: The CA takes all the fields of the certificate except the last field and generates the message digest (hash) typically using MD5. CA then encrypts (also called signs) the message digest (128 bits if MD5 is used) using CA's private key. The resulting encrypted/signed message digest is called signature. The signature was filled in the last field of the certificate.
• Since MD5 is claimed to be vulnerable and federal agencies start to urge phase out SHA1, we should use refrain from using MD5; use SHA-256 if we can.
• Note on CAB Forum (A collection of Certificate Authorities and Browser vendors) agrees to restrict the SSL certificate to only 39 months (3 year plus 3 months additional validity period). Even if you change the default days to 3650, the CA self signed certificate still only signed with 36 months. Server and client certificate are different. See https://support.servertastic.com/ssl-certificates-to-be-restricted-to-3-year-validity-from-april-2015/
• How one can prove a received certificate is indeed signed by a CA:
  • The issuer field indicates the CA identity.
  • The receiver can use the issuer info to locate the related CA certificate. Most of browsers comes with the certificate of known CAs.
  • Extract the public key of the CA from the CA certificate.
  • Decrypt the signed/encrypted message digest (signature) in the last field of the certificate by using the public key.
  • Generate message digest indepently similar to what CA has done for the sender's certificate. Apply the message digest function specified in 3rd field of the certificate.
  • Compare the independently generated message digest with those decrypted one. If they are the same, then the certificate is indeed signed by the CA.
• http://cs.uccs.edu/~cs591/crypto/basicCrypto.ppt#56 shows the various fields of an X.509 certificate.
• Here is the example of a server certificate signed by a CA:
  

  Certificate:
  Data:
  Version: 3 (0x2)
  Serial Number: 1 (0x1)
  Signature Algorithm: md5WithRSAEncryption
  Issuer: C=US, ST=Colorado, L=Colorado Springs, O=UCCS, OU=Computer Science, CN=CAfc3/emailAddress=ca@fc3c.csnet.uccs.edu
  Validity
  Not Before: Feb 15 20:14:55 2005 GMT
  Not After : Feb 15 20:14:55 2006 GMT
  Subject: C=US, ST=Colorado, L=Colorado Springs, O=UCCS, OU=Computer Science, CN=serverfc3/emailAddress=webmaster@fc3c.csnet.uccs.edu
  Subject Public Key Info:
  Public Key Algorithm: rsaEncryption
  RSA Public Key: (1024 bit)
  Modulus (1024 bit):
  00:a3:8a:4b:6c:9b:25:0b:df:55:26:7e:4b:5d:3b:
  cd:9d:a0:fd:73:0a:7b:00:81:d4:c2:7e:34:01:08:
  a2:e1:8a:9e:ec:d2:5e:9d:5c:61:29:05:ef:86:e1:
  1d:e6:d1:9e:27:85:2a:e8:7c:13:8e:96:cd:be:03:
  d0:d0:23:29:28:cf:97:ea:38:b7:45:5a:8a:8e:c6:
  fc:0f:cd:45:a8:ce:82:e5:27:92:d1:1c:c6:7a:51:
  30:f4:4a:5a:2b:1d:60:f8:c8:21:f2:0e:0d:20:9d:
  be:6d:be:db:1f:80:66:a5:33:e7:0a:ba:ac:78:c8:
  a5:5b:e9:07:fb:83:c0:59:11
  Exponent: 65537 (0x10001)
  X509v3 extensions:
  X509v3 Basic Constraints:
  CA:FALSE
  Netscape Comment:
  OpenSSL Generated Certificate
  X509v3 Subject Key Identifier:
  DC:FC:85:B7:7F:01:33:EB:81:78:1D:29:A7:BC:A8:77:8F:2F:AD:3E
  X509v3 Authority Key Identifier:
  keyid:15:CF:EA:59:0D:BE:5E:55:3E:61:B2:B4:A9:2B:28:18:DB:9F:A3:0D
  DirName:/C=US/ST=Colorado/L=Colorado Springs/O=UCCS/OU=Computer Science/CN=CAfc3/emailAddress=ca@fc3c.csnet.uccs.edu
  serial:00

  Signature Algorithm: md5WithRSAEncryption
  55:ff:bc:e0:50:92:e7:6c:4b:a3:f4:0f:66:d2:f2:88:cb:13:
  e3:20:39:22:4d:21:66:d8:27:70:7f:38:ca:68:4e:25:72:21:
  4f:1d:06:9d:3a:fe:34:e1:ae:70:b4:72:7f:d5:fa:df:7a:13:
  af:e7:8e:bc:93:bd:09:13:84:06:03:c2:82:b3:8b:e0:0d:30:
  26:1d:6d:33:5c:52:9b:7c:b8:19:20:6a:12:92:4c:2c:86:44:
  e7:44:d1:8e:4f:42:81:25:ab:1b:0b:8a:15:d5:8c:5c:a5:e2:
  b5:52:ea:42:11:bc:bc:00:35:26:f1:23:eb:a9:89:4d:43:f4:
  22:7a

• Here is a bundle of X.509 certificates of public Certificate Authorities used in Fedora Core 4. It is located in /etc/pki/tls/cert.pem. It was generated from the Mozilla root CA list.
  

• "The binary format of a certificate is defined using the ASN.1 notation [ X208] [PKCS]. This notation defines how to specify the contents, and encoding rules define how this information is translated into binary form. The binary encoding of the certificate is defined using Distinguished Encoding Rules (DER), which are based on the more general Basic Encoding Rules (BER). For those transmissions which cannot handle binary, the binary form may be translated into an ASCII form by using Base64 encoding [MIME]. This encoded version is called PEM encoded (the name comes from "Privacy Enhanced Mail"), when placed between begin and end delimiter lines" (cited in http://cs.uccs.edu/manual/ssl/ssl_intro.html) as follows:
  -----BEGIN CERTIFICATE-----
  MIID5TCCA06gAwIBAgIBATANBgkqhkiG9w0BAQQFADCBnDELMAkGA1UEBhMCVVMx
  ETAPBgNVBAgTCENvbG9yYWRvMRkwFwYDVQQHExBDb2xvcmFkbyBTcHJpbmdzMQ0w
  CwYDVQQKEwRVQ0NTMRkwFwYDVQQLExBDb21wdXRlciBTY2llbmNlMQ4wDAYDVQQD
  EwVDQWZjMzElMCMGCSqGSIb3DQEJARYWY2FAZmMzYy5jc25ldC51Y2NzLmVkdTAe
  Fw0wNTAyMTUyMDE0NTVaFw0wNjAyMTUyMDE0NTVaMIGnMQswCQYDVQQGEwJVUzER
  MA8GA1UECBMIQ29sb3JhZG8xGTAXBgNVBAcTEENvbG9yYWRvIFNwcmluZ3MxDTAL
  BgNVBAoTBFVDQ1MxGTAXBgNVBAsTEENvbXB1dGVyIFNjaWVuY2UxEjAQBgNVBAMT
  CXNlcnZlcmZjMzEsMCoGCSqGSIb3DQEJARYdd2VibWFzdGVyQGZjM2MuY3NuZXQu
  dWNjcy5lZHUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKOKS2ybJQvfVSZ+
  S107zZ2g/XMKewCB1MJ+NAEIouGKnuzSXp1cYSkF74bhHebRnieFKuh8E46Wzb4D
  0NAjKSjPl+o4t0Vaio7G/A/NRajOguUnktEcxnpRMPRKWisdYPjIIfIODSCdvm2+
  2x+AZqUz5wq6rHjIpVvpB/uDwFkRAgMBAAGjggEoMIIBJDAJBgNVHRMEAjAAMCwG
  CWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNV
  HQ4EFgQU3PyFt38BM+uBeB0pp7yod48vrT4wgckGA1UdIwSBwTCBvoAUFc/qWQ2+
  XlU+YbK0qSsoGNufow2hgaKkgZ8wgZwxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhD
  b2xvcmFkbzEZMBcGA1UEBxMQQ29sb3JhZG8gU3ByaW5nczENMAsGA1UEChMEVUND
  UzEZMBcGA1UECxMQQ29tcHV0ZXIgU2NpZW5jZTEOMAwGA1UEAxMFQ0FmYzMxJTAj
  BgkqhkiG9w0BCQEWFmNhQGZjM2MuY3NuZXQudWNjcy5lZHWCAQAwDQYJKoZIhvcN
  AQEEBQADgYEAVf+84FCS52xLo/QPZtLyiMsT4yA5Ik0hZtgncH84ymhOJXIhTx0G
  nTr+NOGucLRyf9X633oTr+eOvJO9CROEBgPCgrOL4A0wJh1tM1xSm3y4GSBqEpJM
  LIZE50TRjk9CgSWrGwuKFdWMXKXitVLqQhG8vAA1JvEj66mJTUP0Ino=
  -----END CERTIFICATE-----

• The certificates and keys generated by Openssl by default are saved in .pem file format. Utilities are available to convert them to different format such as the pkcs12 format that can be imported to the netscape/firefox browser.
• To learn how certificates and SSL are used to enhance secure web access, see brief description in http://httpd.apache.org/docs-2.0/ssl/ssl_faq.html#aboutcerts
• Here we explore how to configure apache web server to accept SSL connection and to allow access to certain directories by requiring the client to present their certificate.
• In the following, we will use the fc3c virtual machine to illustrate the process.
• Openssl software package is used
  • to create self-signed Certificate Authority certificate/private key.
  • to create web server certificate request and private key, and to sign server certificate using CA private key.
  • to generate client certificate request and private key, and to sign client certificate using CA private key.

Mod_SSL

• Current apache distribution support secure web server using mod_ssl module
• The mod_ssl v1 package was initially created in April 1998 by Ralf S. Engelschall via porting Ben Laurie's Apache-SSL 1.17 source patches for Apache 1.2.6 to Apache 1.3b6.
• The configuration file ssl.conf is /etc/httpd/conf.d/ssl.conf
• See Apache SSL/TLS Encryption for more details. http://httpd.apache.org/docs-2.0/ssl/
• SSLCipherSuite specifies the order of ciphers the client is permitted to negotiate: http://httpd.apache.org/docs-2.0/mod/mod_ssl.html#sslciphersuite
  • The current FC3 apache distribution use SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
  • You can see the resulting cipher list by executing "openssl ciphers -v 'ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP'
    
• Testing https: $ openssl s_client -connect localhost:443 -state -debug
  GET / HTTP/1.0
• There is command line test tool called curl, http://curl.haxx.se/download.html
• Curl is a command line tool for transferring files with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, GOPHER, TELNET, DICT, FILE and LDAP. Curl supports HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading, kerberos, HTTP form based upload, proxies, cookies, user+password authentication, file transfer resume, http proxy tunneling and a busload of other useful tricks.
• http://curl.haxx.se/docs/sslcerts.html. Add the CA cert for your server to the existing default CA cert bundle.
  The default path of the CA bundle installed with the curl package is:
  /usr/local/share/curl/curl-ca-bundle.crt, which can be changed by running
  configure with the --with-ca-bundle option pointing out the path of your
  choice.

Using OpenSSL to create new CA (private key and certificate), to create new server private key and certificate request, and to have the new CA sign the server certificate.

• The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
• On FC4, in /etc/pki/tls (On FC3 it is /usr/share/ssl/misc), there is a CA shell script for creating self-signed CA, server/client certificate request, and for signing the certificate request.
  #misc/CA -newca ... will setup the right stuff
  #misc/CA -newreq ... will generate a certificate request
  #misc/CA -sign ... will sign the generated request and output
  
• CA script utilizes openssl command. http://www.openssl.org/docs/HOWTO/certificates.txt contains brief description on related commands used.
• Make sure you run the script from the same /etc/pki/tls directory and enter command as misc/CA.
• The openssl utility reads the openssl.cnf configuration file to find out where is the default setting for subject fields and locations of default CA private key and certificate.
• For FC4 openssl.cnf is saved in /etc/pki/tls/, a copy is available at http://cs.uccs.edu/~cs591/secureWebAccess/openssl.cnf
• For fc3 openssl.cnf is saved in /usr/share/ssl/ according to http://fr2.rpmfind.net//linux/RPM/fedora/development/i386/openssl-0.9.7a-46.i386.html
• Edit the distinguished name section of openssl.cnf by replacing the following attributes:
  ####################################################################
  [ CA_default ]
  
  default_md = sha1 # change from md5 to use sha1.
  
  [ req_distinguished_name ]
  countryName = Country Name (2 letter code)
  countryName_default = US
  countryName_min = 2
  countryName_max = 2

  stateOrProvinceName = State or Province Name (full name)
  stateOrProvinceName_default = Colorado

  localityName = Locality Name (eg, city)
  localityName_default = Colorado Springs

  0.organizationName = Organization Name (eg, company)
  0.organizationName_default = UCCS

  # we can do this but it is not needed normally :-)
  #1.organizationName = Second Organization Name (eg, company)
  #1.organizationName_default = World Wide Web Pty Ltd

  organizationalUnitName = Organizational Unit Name (eg, section)
  organizationalUnitName_default = Computer Science
  

Create new CA

• Here are detailed steps of creating new CA.
• Use the same password when asked for the pass phrase (password). This makes it easier to remember.
• Enter CAfc4 for Common Name and ca@fc4.csnet.uccs.edu for Email Address.
• [root@fc4 tls]# rm -rf ../../CA
  This removes the old certificates/keys/crl/ in /etc/CA directory. Allow us to create new CA directory.
  On FC3 the above directory is in /usr/share/ssl/demoCA.
  [root@athena tls]# misc/CA -newca
  CA certificate filename (or enter to create)

  Making CA certificate ...
  Generating a 1024 bit RSA private key
  .....................................................++++++
  ........................................++++++
  writing new private key to '../../CA/private/./cakey.pem'
  Enter PEM pass phrase: XXXXXXX
  Verifying - Enter PEM pass phrase: XXXXXX
  -----
  You are about to be asked to enter information that will be incorporated
  into your certificate request.
  What you are about to enter is what is called a Distinguished Name or a DN.
  There are quite a few fields but you can leave some blank
  For some fields there will be a default value,
  If you enter '.', the field will be left blank.
  -----
  Country Name (2 letter code) [US]:
  State or Province Name (full name) [Colorado]:
  Locality Name (eg, city) [Colorado Springs]:
  Organization Name (eg, company) [UCCS]:
  Organizational Unit Name (eg, section) [Computer Science]:
  Common Name (eg, your name or your server's hostname) []:CAfc4
  Email Address []:ca@fc4.csnet.uccs.edu
  
  Replace fc4 in the above Common Name and Email with your ufp login name. Same for the following steps.
  

Creating Server Certificate

• We use "CA -newreq" command to create server certificate request. Enter fc4.csnet.uccs.edu (the domain name used by the web server) for the Common Name. It is critical that we enter the exact domain name of the web server or the *.csnet.uccs.edu with prefix * wildcard to match any web server DNS name that will be used for servicing the web requests.
• If enter different common name such as serverfc4. The browser will prompt "You have attempted to establish a connection with "fc4.csnet.uccs.edu" However the security certificate presented belongs to "serverfc4" It is possible that someone may be trying to intercept your communication with this web site.
• Here are the steps for creating server certificate request:
  [root@fc4 tls]# misc/CA -newreq
  Generating a 1024 bit RSA private key
  ............++++++
  ...++++++
  writing new private key to 'newreq.pem'
  Enter PEM pass phrase:
  Verifying - Enter PEM pass phrase:
  -----
  You are about to be asked to enter information that will be incorporated
  into your certificate request.
  What you are about to enter is what is called a Distinguished Name or a DN.
  There are quite a few fields but you can leave some blank
  For some fields there will be a default value,
  If you enter '.', the field will be left blank.
  -----
  Country Name (2 letter code) [US]:
  State or Province Name (full name) [Colorado]:
  Locality Name (eg, city) [Colorado Springs]:
  Organization Name (eg, company) [UCCS]:
  Organizational Unit Name (eg, section) [Computer Science]:
  Common Name (eg, your name or your server's hostname) []:fc4.csnet.uccs.edu
  Email Address []:webmaster@fc4.csnet.uccs.edu

  Please enter the following 'extra' attributes
  to be sent with your certificate request
  A challenge password []:
  An optional company name []:
  Request (and private key) is in newreq.pem

  
  [root@fc4 tls]#

Sign server certificate.

• After the server certificate request is generated, it will be sent to the CA site for signing.
• Since the server certificate and server private key are all located in the same newreq.pem file, we need to remove private key from the server certificate request. We do not want to send server private key to CA.
• cp newreq.pem serverreq.pem
• cp newreq.pem serverkey.pem
  
• mv serverreq.pem newreq.pem
  This is due to misc/CA -sign looks for newreq.pem file for signing the certificate.
• In reality, we will attach serverreq.pem in email sent to the CA such as verisign. Here we use the same machine as CA.
  
• CA will perform certain "investigation" on the credential of the server site based on the type/grade of certificate issued. The signed certificate will then be return typically in PEM format with instruction on how to install on the web server.
• In our case, we skip the above certificate request/certificate exchange, since we serve both the role of CA and that of web server admin. The certificate request and signed certificate will all be in the same /etc/pki/tls directory.
• We use the command "misc/CA -sign". You will first be asked to enter the pass phrase for decrypting the RSA private key of CA and then be asked to confirm the signing and commit.
• CA saved all the signed certificates in /etc/CA/newcerts. The CA certificate is saved as /etc/CA/cacert.pem. The CA private key is saved in /etc/CA/private/cakey.pem.
• Here are detailed steps:
  [root@fc4 tls]# misc/CA -sign
  Using configuration from /etc/pki/tls/openssl.cnf
  Enter pass phrase for ../../CA/private/cakey.pem: XXXXXXX # CA admin enter the pass phrase that protect the CA private key.
  Check that the request matches the signature
  Signature ok
  Certificate Details:
  Serial Number: 1 (0x1)
  Validity
  Not Before: Sep 25 20:51:04 2005 GMT
  Not After : Sep 25 20:51:04 2006 GMT
  Subject:
  countryName = US
  stateOrProvinceName = Colorado
  localityName = Colorado Springs
  organizationName = UCCS
  organizationalUnitName = Computer Science
  commonName = fc4.csnet.uccs.edu
  emailAddress = webmaster@fc4.csnet.uccs.edu
  X509v3 extensions:
  X509v3 Basic Constraints:
  CA:FALSE
  Netscape Comment:
  OpenSSL Generated Certificate
  X509v3 Subject Key Identifier:
  E1:CD:8D:3F:6E:50:99:BB:F0:30:B6:07:0C:A4:C2:99:02:3F:28:4A
  X509v3 Authority Key Identifier:
  keyid:75:FD:1F:6F:A2:70:E1:26:73:03:E0:8A:3C:07:E0:DB:C5:76:12:4F
  DirName:/C=US/ST=Colorado/L=Colorado Springs/O=UCCS/OU=Computer Science/CN=CAfc4/emailAddress=ca@fc4.csnet.uccs.edu
  serial:DC:A6:6A:EF:B8:04:93:3D

  Certificate is to be certified until Sep 25 20:51:04 2006 GMT (365 days)
  Sign the certificate? [y/n]:y

  
  1 out of 1 certificate requests certified, commit? [y/n]y
  Write out database with 1 new entries
  Data Base Updated
  Certificate:
  Data:
  Version: 3 (0x2)
  Serial Number: 1 (0x1)
  Signature Algorithm: sha1WithRSAEncryption
  Issuer: C=US, ST=Colorado, L=Colorado Springs, O=UCCS, OU=Computer Science, CN=CAfc4/emailAddress=ca@fc4.csnet.uccs.edu
  Validity
  Not Before: Sep 25 20:51:04 2005 GMT
  Not After : Sep 25 20:51:04 2006 GMT
  Subject: C=US, ST=Colorado, L=Colorado Springs, O=UCCS, OU=Computer Science, CN=fc4.csnet.uccs.edu/emailAddress=webmaster@fc4.csnet.uccs.edu
  Subject Public Key Info:
  Public Key Algorithm: rsaEncryption
  RSA Public Key: (1024 bit)
  Modulus (1024 bit):
  00:cf:47:e7:92:6e:8b:e8:d7:49:70:11:86:40:ed:
  43:47:f5:29:18:b3:ba:48:ad:3d:21:b3:2e:91:ab:
  5d:6d:c1:ed:79:18:5a:e7:43:e3:6b:ba:fe:de:4c:
  c6:c6:44:8a:93:fd:5d:a7:60:b4:1a:30:88:09:65:
  42:d4:bb:cb:02:b3:bc:dc:a2:03:fd:f5:3e:9f:f7:
  db:c3:fe:a2:87:dd:c7:e9:4d:04:b6:6a:61:3f:62:
  de:e1:b1:d6:63:ea:bf:c3:8f:a7:28:2f:bd:74:7f:
  b3:52:e6:8d:8f:e3:80:30:2d:fd:38:30:03:7d:5a:
  f6:ff:c5:1e:46:4b:f8:ca:eb
  Exponent: 65537 (0x10001)
  X509v3 extensions:
  X509v3 Basic Constraints:
  CA:FALSE
  Netscape Comment:
  OpenSSL Generated Certificate
  X509v3 Subject Key Identifier:
  E1:CD:8D:3F:6E:50:99:BB:F0:30:B6:07:0C:A4:C2:99:02:3F:28:4A
  X509v3 Authority Key Identifier:
  keyid:75:FD:1F:6F:A2:70:E1:26:73:03:E0:8A:3C:07:E0:DB:C5:76:12:4F
  DirName:/C=US/ST=Colorado/L=Colorado Springs/O=UCCS/OU=Computer Science/CN=CAfc4/emailAddress=ca@fc4.csnet.uccs.edu
  serial:DC:A6:6A:EF:B8:04:93:3D

  Signature Algorithm: sha1WithRSAEncryption
  c0:97:c5:ab:b8:28:da:72:45:ea:34:3f:1e:f2:79:6b:51:07:
  23:8e:99:c5:8c:68:5a:50:20:85:5e:69:bf:8d:69:61:69:ed:
  95:e0:f4:2a:16:bc:16:fd:78:6b:fa:77:d2:8f:29:fe:da:0a:
  87:de:81:0f:64:75:fe:6e:f5:3c:5b:d3:57:72:bc:d5:83:22:
  81:01:05:bc:d0:21:0d:7e:59:d2:68:2e:57:40:a1:fa:47:81:
  95:f4:c9:71:1d:82:0c:cb:21:3b:8e:fb:16:e2:fa:c9:c6:ee:
  70:5f:b9:9b:fa:64:ab:6e:62:f9:83:99:bf:e7:00:e3:9f:4e:
  3f:4a
  -----BEGIN CERTIFICATE-----
  MIID8zCCA1ygAwIBAgIBATANBgkqhkiG9w0BAQUFADCBmzELMAkGA1UEBhMCVVMx
  ETAPBgNVBAgTCENvbG9yYWRvMRkwFwYDVQQHExBDb2xvcmFkbyBTcHJpbmdzMQ0w
  CwYDVQQKEwRVQ0NTMRkwFwYDVQQLExBDb21wdXRlciBTY2llbmNlMQ4wDAYDVQQD
  EwVDQWZjNDEkMCIGCSqGSIb3DQEJARYVY2FAZmM0LmNzbmV0LnVjY3MuZWR1MB4X
  DTA1MDkyNTIwNTEwNFoXDTA2MDkyNTIwNTEwNFowga8xCzAJBgNVBAYTAlVTMREw
  DwYDVQQIEwhDb2xvcmFkbzEZMBcGA1UEBxMQQ29sb3JhZG8gU3ByaW5nczENMAsG
  A1UEChMEVUNDUzEZMBcGA1UECxMQQ29tcHV0ZXIgU2NpZW5jZTEbMBkGA1UEAxMS
  ZmM0LmNzbmV0LnVjY3MuZWR1MSswKQYJKoZIhvcNAQkBFhx3ZWJtYXN0ZXJAZmM0
  LmNzbmV0LnVjY3MuZWR1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPR+eS
  bovo10lwEYZA7UNH9SkYs7pIrT0hsy6Rq11twe15GFrnQ+Nruv7eTMbGRIqT/V2n
  YLQaMIgJZULUu8sCs7zcogP99T6f99vD/qKH3cfpTQS2amE/Yt7hsdZj6r/Dj6co
  L710f7NS5o2P44AwLf04MAN9Wvb/xR5GS/jK6wIDAQABo4IBLzCCASswCQYDVR0T
  BAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNh
  dGUwHQYDVR0OBBYEFOHNjT9uUJm78DC2BwykwpkCPyhKMIHQBgNVHSMEgcgwgcWA
  FHX9H2+icOEmcwPgijwH4NvFdhJPoYGhpIGeMIGbMQswCQYDVQQGEwJVUzERMA8G
  A1UECBMIQ29sb3JhZG8xGTAXBgNVBAcTEENvbG9yYWRvIFNwcmluZ3MxDTALBgNV
  BAoTBFVDQ1MxGTAXBgNVBAsTEENvbXB1dGVyIFNjaWVuY2UxDjAMBgNVBAMTBUNB
  ZmM0MSQwIgYJKoZIhvcNAQkBFhVjYUBmYzQuY3NuZXQudWNjcy5lZHWCCQDcpmrv
  uASTPTANBgkqhkiG9w0BAQUFAAOBgQDAl8WruCjackXqND8e8nlrUQcjjpnFjGha
  UCCFXmm/jWlhae2V4PQqFrwW/Xhr+nfSjyn+2gqH3oEPZHX+bvU8W9NXcrzVgyKB
  AQW80CENflnSaC5XQKH6R4GV9MlxHYIMyyE7jvsW4vrJxu5wX7mb+mSrbmL5g5m/
  5wDjn04/Sg==
  -----END CERTIFICATE-----
  Signed certificate is in newcert.pem
  

  
  
• CA will typically email back the server admin with the signed certificate as attachment.
• Here we just rename them.
  mv newcert.pem fc4ServerCert.pem
• mv serverkey.pem fc4ServerPrivateKey.pem
  

Set up Apache to use the new server certificate and private key

• The configuration file for plain httpd server is in /etc/httpd/conf/httpd.conf file; while that of the secure httpd server is in /etc/httpd/conf.d/ssl.conf.
• Line 112 of ssl.conf specifies the location of signed server certificate.
  SSLCertificateFile /etc/pki/tls/certs/localhost.crt
  
• Line 119 of ssl.conf specifies the location of server private key.
  SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
  
• The above indicates the FC4 by default accessing the certificate and private key in /etc/pki/tls directory.
• Backup existing server certificate and private key.
  • cp /etc/pki/tls/certs/localhost.crt /etc/pki/tls/certs/localhost.crt.bak
  • cp /etc/pki/tls/private/localhost.key /etc/pki/tls/private/localhost.key.bak
• Copy the new server certificate and private key. Assume that we are still in /etc/httpd/conf directory
  • cp /etc/pki/tls/fc4ServerCert.pem /etc/pki/tls/certs/localhost.crt
  • cp /etc/pki/tls/fc4ServerPrivateKey.pem /etc/pki/tls/private/localhost.key
• Edit /etc/hosts to replace the line with 127.0.0.1 with the actual domain name of the server:
  127.0.0.1 fc4.csnet.uccs.edu fc4 localhost.localdomain localhost
  
  This allows us to resolve the fc4.csnet.uccs.edu domain name locally without checking with DNS system.
  
• Try to run "service httpd restart" and access https://fc4.csnet.uccs.edu from the browser.
• We will find the access got refused or "page not found" error. By examining the
  /etc/httpd/logs/ssl_error_log, we found the apache complains that it does not read in pass phrase.
  [Sun Sep 25 15:28:05 2005] [error] Init: Unable to read pass phrase [Hint: key introduced or changed before restart?]
  
• The reason is that the server.key is actually protected by the password phrase. It contains the following content:

  -----BEGIN RSA PRIVATE KEY-----
  Proc-Type: 4,ENCRYPTED
  DEK-Info: DES-EDE3-CBC,E0CD27BB7E7391A8

  /B3JCpLAAL+Nx7UhWcFLtFSvZQYAAWTJKdn0PXkd4yww/m4hSzvAnIae8hs/RC3a
  qVsjuuVL0KGOLwCvbTpKxC6NUCWgMjsxqzwwCOEOe839uarM1kfL1sszpqtTDMFe
  CZwP8yEBBkbe72+Txllq7TVkaKPwVFTmey4T8Bk2iWc5XqYQjefTBRvBsASOlTbq
  7x0nWcsLbTuAYLZbWPMweWXkODfg7uXRHOH5OLaaeiI9wFXy8PRyZFaUtKr/IoIy
  e0ZVvveU3lBO+56y1KyGkys1ggqCwLvMGddVRpx7qoSL9epzjwQgaS3LndpwzIi0
  HF1zaFOe3C66rkENMlh1Iz+bl2YD6bYIzYr0g3A0UZFIM70deuXH9OOioNt4+slb
  Ck2zD1iqi8aIUz/CUgY3K5vTiTTuqeMCpvs5LmDOwmau3GfkwEG0Z6VAkifLmhrc
  HbzLTk6q4KRCYuHhTq2snXbrxsICqvgSUJG90owgV/B3aQVpS59pi9tiuGK13xji
  sH9UHF8NbTKTugApajWK7fUrVIF4duSDlilEgx+VG5KnbPErUWlJcP67emdRHk9Z
  GucYpbyoNA5v1BXdcU2lmoBDQm9dyU6+eX0x6ZNopLYELM8rINr/zcFkJ4+xIz9B
  eZg+EvrTyHfWRAeYVoj7yZKBLPZrnESC1Pztwx1xSZsPCkJ02H4BzzStZ0v/a3zh
  KvfywfHl9hPVfUELfSaKQJaUsqAokEJeEhMlSqIhnjg7DKPqBeR7fw38fw/QUeKO
  OSgfBEXAMMS+GA974rw1AvQrDlJOdpmFtB9XfkF+of2pStrcWJcuow==
  -----END RSA PRIVATE KEY-----

  The first two lines indicated the private key is encrypted with 3DEC encryption method and E0CD27BB7E7391A8 is the encrypted password.

  If we use serverPrivateKey.pem as server.key directly, the apache web server will ask for pass phrase during the configuration time and fails if we use apachectl script.

• To avoid the problem of entering the pass phrase, we can remove the pass phrase protection on the server private key with the following openssl command.

  [root@fc4 tls]# cp fc4ServerPrivateKey.pem fc4ServerPrivateKey.pem.new
  [root@fc4 tls]# openssl rsa -in fc4ServerPrivateKey.pem.new -out fc4ServerPrivateKey.pem
  Enter pass phrase for fc4ServerPrivateKey.pem.new:
  writing RSA key
  [root@fc3c ssl.key]# vi fc4ServerPrivateKey.pem

• -----BEGIN RSA PRIVATE KEY-----
  MIICXQIBAAKBgQCjiktsmyUL31UmfktdO82doP1zCnsAgdTCfjQBCKLhip7s0l6d
  XGEpBe+G4R3m0Z4nhSrofBOOls2+A9DQIykoz5fqOLdFWoqOxvwPzUWozoLlJ5LR
  HMZ6UTD0SlorHWD4yCHyDg0gnb5tvtsfgGalM+cKuqx4yKVb6Qf7g8BZEQIDAQAB
  AoGAF8N5sD9fA7mhEuXZJ6QP/a6uBXBpbSpwcw6JmfjaSjGtZDYxX2ZUC/T72DqP
  8MFW3OFB2eRlpxuMq+a8CfKCAVupNh8rmEgIGn6qgjasledp4ifFOAwsekC7E3WY
  hp1k1X8AUzZ6pS9c849zObhgWZ6vGCBvay00Se23ex7mQAECQQDO1jAA7CT8fjqA
  FodWnK0K0UblKa8H1Vm4+4+x4+YV+UZUo11QCEUPkgg3QDki+zIQL9RwMrKK5rF7
  eDOhpvwBAkEAymmPMi7EVRzmw8PFq2iVuCPhJt+HEWf9RAEg8RD/mBmwCUKueU/J
  n+l9GDzOqlrdDgeDuXwfoop07pzL0x2dEQJAN0MW1EhDoYqAStS6GDQIL8m2bWfz
  sd4Y+MmNnPPM97YASoDTX5y2BvD3bPulyGjg+V4uHkQNW/tDFEALW3doAQJBAMnv
  zCvNmpQrdFJkc0XR3mTKburgYJlN/M+mrJ20TrsJDaX/f5+JqWa/g8z1hV1Rr246
  swEPQ2Re68/OYE7sIXECQQCA5jLmCophfT54L3toKwWzRrwiLXdG/3x5qPQfsNv9
  Q+jyRqVIQ46ecavqS803BYRUa2nId7Hx92sWAyhLBaJi
  -----END RSA PRIVATE KEY-----

  
  

• Now it is important to protect the server.key by "chmod 700 server.key"
• Let us copy the unencrhypted server key to the directory httpd looking for
  [root@fc4 tls]# cp /etc/pki/tls/fc4ServerPrivateKey.pem /etc/pki/tls/private/localhost.key
  
• Restart the web server with "service httpd restart"
• Start the firefox web browser on fc4.
• When we type in the https://fc4.csnet.uccs.edu/, we should see the prompt for allowing us to examine the server certificate. Click "Examine Certificate" to see the server certificate.
• Hit Right Alt to exit fc4vpc and click the title bar of fc4vpc to make fc4vpc as an active window.
• Use control-alt-print to capture the active window (fc4vpc) with the server certificate.
• Here is the capture image of the server certificate on fc4.csnet.uccs.edu.
  Save the image in your CS Unix machine web site and email me the url.
  
• Here is how IE browser displays the athen.uccs.edu server certificate
      
• Note that on a real server such athena.uccs.edu, once configuring with secure web server, you need to open the firewall to allow secure web access, otherwise, you will still get "page not found" error".
• To open the customized firewall access, you can use "lokkit" command to bring up the firewall configuration menu. Then select "customize" menuitem and "secure www (https)"
  
  

Mutual Authentication: Set up Apache to require users to present their client certificate.

• Add the following directives to /etc/httpd/conf/httpd.conf

  SSLVerifyClient none
  <Directory /var/www/html/secure>

  SSLVerifyClient require
  SSLVerifyDepth 5
  SSLCACertificateFile conf/ssl.crt/ca.crt
  SSLCACertificatePath conf/ssl.crt
  SSLOptions +FakeBasicAuth
  SSLRequireSSL
  AuthName "UCCS CS Department"
  AuthType Basic
  AuthUserFile /etc/httpd/conf/httpd.passwd
  require valid-user
  </Directory>

• Add the following line to the /etc/httpd/conf/httpd.passwd
  /C=US/ST=Colorado/L=Colorado Springs/O=UCCS/OU=Computer Science/CN=chow/emailAddress=chow@cs.uccs.edu:xxj31ZMTZzkVA
  
  You should replace chow with your own CN and chow@cs.uccs.edu with your own email address.
  The encrypted password xxj31ZMTZzkVA should not be changed. All entries in httpd.passwd should this exact the same fake password. No space after A.
  If you did not see httpd.passwd, create one

• The above client certificate verification using FakeBasicAuth option is implemented in line1836 of ssl_hook_UserCheck() of ssl_engine_kernel.c.
  http://cs.uccs.edu/~cs591/httpd-2.0.54/modules/ssl/ssl_engine_kernel.c

• Note that string "xxj31ZMTZzkVA" is used as the password in the user file and it is just the crypted variant of the word "password".

• Since we specify in the above "SSLCACertificateFile conf/ssl.crt/ca.crt" to use the public key in this CA certificate to verify the client certificate, we need to copy the CA certificate from /usr/share/sshl. Use the following command:
  cp /etc/CA/cacert.pem /etc/httpd/conf/ssl.crt/ca.crt

• Make sure to include all subject field of the client certificate. The example in SSL-how-to does not include /ST, /O, and /emailAddress fields and does not seem to work with apache2.0.52 on fc3.

• Create a secure directory under /var/www/html. With index.html contains " <h1> This is a secure area only accessible via client certificate and subject field match the httpd.passwd list.</h1>
  
  

Set up Client browser to use the new client certificate.

• cd /etc/pki/tls
• Use misc/CA -newreq and misc/CA -sign to create clientCert.pem and clientPrivateKeyCR.pem. Similar to the creation of server certificate. Use your login name as Common Name. Your uccs email address as emailAddress.
• > misc/CA -newreq
  > cp newreq.pem clientreq.pem
  > cp newkey.pem clientPrivateKeyCR.pem
  > vi clientCert.pem # edit and keep the lower part cert request
  > vi clientPrivateKeyCR.pem # edit and keep the upper part RSA private key
  > mv clientreq.pem newreq.pem
  > misc/CA -sign
  > mv newcert.pem clientCert.pem
  
  
• cp clientPrivateKeyCR.pem clientKey.pem
• Edit out the lower part of the certificate request contains in clientKey.pem only leave the RSA private key.
• Create client certificate using the following command.
  Since the netscape or firefox only accept pkcs12 format. We use pkcs12 utility command of openssl to export the client certificate with the format.

  openssl pkcs12 -export -in clientCert.pem -inkey clientKey.pem -out <yourLogin>Client.p12
  
  [root@athena tls]# openssl pkcs12 -export -in clientCert.pem -inkey clientKey.pem -out chowClient.p12
  Enter pass phrase for clientKey.pem: XXXXXXX
  Enter Export Password: YYYYYYYY
  Verifying - Enter Export Password: YYYYYYYY
  

• You will be asked to enter the pass phrase and export password. Export password will be asked when we installed on client browser.
• Note that here we are exporting both the private key and the client certificate, all in the same file protected by the export password. Make sure you carry/transmit them in a secure manner.
• Besides create a client certificate with your login name. Repeat the above process and create a client certificate with cs591 as CN and cs591@cs.uccs.edu as email address field. It will allow us to check whether server reject the access when presented with an client certificate not in the httpd.passwd list.
• copy <yourLogin>Client.p12 and cs591Client.p12 to root directory. In real word, the user will transfer password protected the client certificate to the local machine for installation.
• Import your client certificate to your browser.
  • On firebox browser, select Edit | Preference
  • Bring up Preference dialog window. Select Advanced and scroll down to the certificate section.
  • Click manage certificates button to bring up Certificate Manger.
    
  • Click import and chose <yourlogin>Client.p12 file. It is in /etc/pki/tls directory.
  • You will be asked to enter the software security device password (i.e., the export password) and the new password used to encrypt certificate backup on the browser.
  • Use the same password we have being using.
    
  • You will be asked to enter password for encrypting certificate backup.
    
  • You will get "Successfully restored your security certificate(s) and private key(s). Click OK.
    
  • Click OK on Certificate Management.
  • Repeat the above to set up the cs591 client certificate.
  • Make sure select the "ask every time" as client certficate selection option. Otherwise a client certificate will be selected automatically for you.
    
• Let us now access the https://fc4.csnet.uccs.edu/secure/ and take a snapshot of the browser. Note that the browser will prompt the user to select client certificate as it is shown with "User Identification Request" window on the right side of the screendump.
  
• Instead of the cs591 client, you should choose your client certificate. Click the drop down list to select the right one.
• Take a snapshort of the client certifciate presented by the browser.
• You should see the secure web page displayed.
  
• On IE, we can import the personal certificate by selecting Toos | Internet Options and select Content tab and certificates button.
• Select personal tab and import button.
• Certificate import wizard will appear. Click browse and select the person certificate file such as chowClient.p12. You may need to change the file type from X509 to personal information exchange (*.pfx, *.p12) to see you .p12 file.
• Click next. Enter the password for protecting the private key. click next, click finish. The certificate is install.
• You can see it installed similar to this
  
• Note that we create two signed personal certificates: chow and cs591 signed by CAfc4.
• When we type "https://athena.uccs.edu/secure/" will be presented with server certificate. IE then receives request from server for client certificate request. The following window appears and ask the user to select the certificate for accessing the web site.
  
• In this case, if we choose chow, we will be granted access immediately.
• If we choose cs591, we will see a dialog box similar to password based secure web access protection using .htaccess control. But no matter what login and password, we will not gain accesss. The same dialog box will keep poping up.
  
• For this exercise, try to create two personal certificates and only enter the subject field of one certificate into the httpd.passwd file. Verify if indeed only one certificate can gain access.
• Emai me the urls to the image files of the client and server certificates presented by the browser.