LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Creating a CSR in the modern era (https://www.linuxquestions.org/questions/linux-server-73/creating-a-csr-in-the-modern-era-896424/)

sneakyimp 08-09-2011 03:42 PM
Creating a CSR in the modern era
 
I've only done this once or twice before, but I'm about to generate a certificate signing request (CSR) so I can install an SSL cert on my domain. I know there are plenty of tutorials out there for this, but a lot of the ones I've seen are quite old, like this one at verisign.com that is from 2007:
https://knowledge.verisign.com/suppo...SLINK&id=AR198

I'm wondering a couple of things in particular:
* is des3 the current best practice?
* is 2048 bits enough?
* what's the best way to handle the passphrase issue: create key pair without passphrase? or remove the passphrase later (I forget how this is done). Obviously, I would like to follow security best practices.

timur91 08-10-2011 06:32 AM
For better security it's best to use des3 but the common practices are to use RSA keys
Yes, 2048 bit keys are what is used most of the times
It does not matter when you remove the passphrase. If you leave the key then you will be asked to enter whenever you want to use it.

java socket

sneakyimp 08-10-2011 02:10 PM
Thanks for your response.

I was wondering if having a passphrase in my key would cause problems for the Certificate Authority when they receive my CSR -- i.e., would *they* be prompted for the passphrase. Or, alternatively, would the cert that they issue require a passphrase if I am to use it with Apache?

I noticed that when I create a CSR that I am prompted for the passphrase so my guess is that it will not. I'm now wondering is it safe to email a certificate signing request to someone? What risk, if any, is introduced if someone obtains a copy of my CSR?

anomie 08-10-2011 02:22 PM
Just to be clear, DES3 (in the example you cited) is used to encrypt the private key itself. If you do so, you'll always need to provide a key (passphrase) when accessing it. Even when you reboot your server. Not practical.

Yes, it's safe to email a CSR, and assume it will be intercepted. It is not safe to email your private key, transfer it clear text in any fashion, or store it unencrypted in a questionable location.

salemeni 08-11-2011 07:50 AM
Quote:
Originally Posted by sneakyimp (Post 4438978)
Thanks for your response.

I was wondering if having a passphrase in my key would cause problems for the Certificate Authority when they receive my CSR -- i.e., would *they* be prompted for the passphrase. Or, alternatively, would the cert that they issue require a passphrase if I am to use it with Apache?

I noticed that when I create a CSR that I am prompted for the passphrase so my guess is that it will not. I'm now wondering is it safe to email a certificate signing request to someone? What risk, if any, is introduced if someone obtains a copy of my CSR?
The CSR contain a public information (public key + infos like CN, O ,OU,) it's safe to send it by mail
But private key must be keeped securily.

generics array

sneakyimp 08-11-2011 09:18 AM
Thanks for the response.

What about DES3? I understand from searching around that DES has been superceded by AES and that DES3 is more or less a band-aid on DES. If I were to prefer AES, I see that openssl has numerous options:
Code:
Cipher commands (see the `enc' command for more details)
aes-128-cbc    aes-128-ecb    aes-192-cbc    aes-192-ecb    aes-256-cbc   
aes-256-ecb    base64        bf            bf-cbc        bf-cfb       
bf-ecb        bf-ofb        cast          cast-cbc      cast5-cbc     
cast5-cfb      cast5-ecb      cast5-ofb      des            des-cbc       
des-cfb        des-ecb        des-ede        des-ede-cbc    des-ede-cfb   
des-ede-ofb    des-ede3      des-ede3-cbc  des-ede3-cfb  des-ede3-ofb 
des-ofb        des3          desx          rc2            rc2-40-cbc   
rc2-64-cbc    rc2-cbc        rc2-cfb        rc2-ecb        rc2-ofb       
rc4            rc4-40
Which ones are stronger? Are any subject to US Export restrictions?

Noway2 08-11-2011 12:03 PM
You might want to look at startssl.com. If you own the domain, you can get a free SSL cert that the browser will actually recognize without issuing warnings.

anomie 08-11-2011 01:51 PM
Quote:
Originally Posted by sneakyimp
What about DES3? I understand from searching around that DES has been superceded by AES and that DES3 is more or less a band-aid on DES. If I were to prefer AES, I see that openssl has numerous options...
Sure, but it's a big, powerful band-aid.

Anyway, as symmetric ciphers go, AES is generally to be preferred. But this is something of a moot point if you're not going to be encrypting your private key.

If you do want to encrypt your private key for the purpose of backups (for instance), then you can use gpg(1)* or openssl's enc(1) with AES. Read this blog entry if you're so inclined.

-------

* Before anyone asks, yes - gpg(1) does support symmetric encryption. :)


All times are GMT -5. The time now is 08:12 PM.