跳转至

openssl

OpenSSL 实用程序可在命令行使用,程序也可以调用 OpenSSL 库中的函数。

命令

查看版本:

$ openssl version
OpenSSL 1.0.0-fips 29 Mar 2010

常用:

  • genrsa: 生成 rsa 密钥对
  • rsa: 提取 rsa 私钥对应的公钥
  • req: 生成 csr 文件
  • x509
  • ca

生成 rsa 密钥对

openssl genrsa [args] [numbits]
  • args1 对生成的私钥文件是否要使用加密算法进行对称加密:
    • -des
    • -des3
    • -aes128
    • -aes192
    • -aes256
  • args2 对称加密密码(可以省去 console 交互提示输入密码的环节)
    • -passout pass:password
  • args3 输出文件
    • -out file
  • numbits 密钥长度

生成 2048 bit 的 rsa 私钥:

openssl genrsa -out server.key 2048

openssl genrsa -out private/cakey.pem  3072

在生成 rsa 私钥时使用 aes128 对称密钥算法加密生成的私钥(会提示输入密码,之后使用的时候必须输入该密码)

openssl genrsa -aes128 -out server.key 2048

可以直接指定密码

openssl genrsa -aes128 -passout pass:password -out server.key 2048

提取私钥对应的 ras 公钥:

openssl rsa -in server.key -pubout -out server.pem

公钥/私钥以 pem 格式存储,该格式仅包含文本

生成 csr (certificate sign request) 文件

openssl req [args] outfile

根据私钥生成 csr 文件:

openssl req -new \
    -key ca.key \
    -out ca.csr

openssl req -new \
    -nodes \
    -subj "/CN=localhost"
    -key server.key \
    -out server.csr \

openssl req -new \
    -sha256 \
    -subj "/CN=localhost"
    -key private/cakey.pem \
    -out private/ca.csr \
  • -new: new request
  • -key file: use the private key contained in file

  • -out arg: output file

  • -nodes: don't encrypt the output key

  • -subj arg: set or modify request subject

直接生成自签名证书

openssl req -new \
    -x509 \
    -nodes \
    -subj "/CN=kube-ca" \
    -days 10000 \
    -key ca-key.pem \
    -out ca.pem
  • -x509: output a x509 structure instead of a cert. req.
  • -days: number of days a certificate generated by -x509 is valid for.

直接生成私钥与自签名证书

openssl req -new \
    -x509 \
    -newkey rsa:2048 \
    -sha256 \
    -days 36500 \
    -passout pass:***** \
    -keyout ca-key \
    -out ca-cert
  • -newkey rsa:bits: generate a new RSA key of 'bits' in size
  • -[digest]: digest to sign with (see openssl dgst -h for list)

生成签名证书

用私钥对 csr 文件签名:

自签名

openssl x509 -req \
    -in ca.csr \
    -signkey ca.key \
    -out ca.crt

openssl x509 -req \
    -sha256 \
    -days 365 \
    -in server.csr \
    -signkey server.key \
    -out server.crt

openssl x509 -req \
    -days 3650 \
    -sha256 \
    -extensions v3_ca \
    -in private/ca.csr \
    -signkey private/cakey.pem \
    -out certs/ca.cer

ca 签名

openssl x509 -req \
    -in apiserver.csr \
    -CA ca.pem \
    -CAkey ca-key.pem \
    -CAcreateserial \
    -out apiserver.pem \
    -days 365 \
    -extensions v3_req
  • -req: input is a certificate request, sign and output.
  • -in arg: input file - default stdin
  • -out arg: output file - default stdout

  • -days arg: How long till expiry of a signed certificate - def 30 days

  • -signkey arg: self sign cert with arg

  • -CA arg: set the CA certificate, must be PEM format.

  • -CAkey arg: set the CA key, must be PEM format missing, it is assumed to be in the CA file.
  • -CAcreateserial: create serial number file if it does not exist

密码套件

密码套件

  • 非对称加密算法
  • 对称加密算法
  • 数据摘要算法

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

  • 密钥交换算法(RSA、DH、ECDH、PSK)
  • 身份验证算法(RSA、DSA)
  • 批量加密算法(AES、Camellia、ARIA)
  • 消息身份验证码算法(SHA-256)

问题

ee key too small 问题

原因:OpenSSL 1.1.1k 之后,1024 bit 长度不再被是为安全

3 种解决方法:

  1. 降低 openssl 版本到 1.1.1k 之下
  2. 修改 openssl 配置文件 openssl.cnf,将 CipherString = DEFAULT@SECLEVEL=2 改为 CipherString = DEFAULT@SECLEVEL=1(sed -i 's/DEFAULT@SECLEVEL=2/DEFAULT@SECLEVEL=1/' /etc/ssl/openssl.cnf)
  3. 重新生成证书

参考

  • https://discuss.aerospike.com/t/ssl-key-too-small-error-on-startup/8075 > This is an SSL error message. The reason the error is shown is because as of openSSL 1.1.0k, 1024 bit certificates were no longer considered secure and will therefore be rejected.
  • https://github.com/jfromaniello/selfsigned/issues/33 > Only way around it is to modify: /etc/ssl/openssl.cnf and change: > > CipherString = DEFAULT@SECLEVEL=2 > to > CipherString = DEFAULT@SECLEVEL=1 > > I believe the issue is the referenced issue above and generating the client certificates as 1024 bit. SECLEVEL=2 requires minimum of 2048 bit.
  • https://github.com/debauchee/barrier/issues/126 > It is just a matter of editing file /etc/ssl/openssl.cnf changing last line > from: > CipherString = DEFAULT@SECLEVEL=2 > to > CipherString = DEFAULT@SECLEVEL=1
  • https://unix.stackexchange.com/questions/537279/overriding-openssl-cipherstring-at-a-more-granular-level-in-debian-10
  • https://www.openssl.org/news/cl110.txt

SSL routines:ssl3_get_record:wrong version number

原因:1.1.0 默认禁止使用 DSS cipher

参考

  • https://github.com/openssl/openssl/issues/6289
  • https://github.com/Shopify/sarama/issues/643

md too weak

openssl s_client -connect 120.48.172.55:9099 -cert client.pem -key client.key -CAfile ca.pem -showcerts