PKI 10.9 Certificate Transparency - dogtagpki/pki GitHub Wiki

Overview

A basic version of Certificate Transparency (CT) V1 support (rfc 6962) is offered in this release. It has the capability of issuing certificates with embedded Signed Certificate Time stamps (SCTs) from any trusted log where each deployment site chooses to have its root CA cert included. The system can also be configured to support multiple CT logs. Minimum of one trusted CT log is required for this feature to work.

Setup

For testing purposes, one could setup a PKI CA while follow the procedure documented under "test Logs" of http://www.certificate-transparency.org/known-logs to have your test root added to the Google Testtube.

The rest of this document assumes that you already set up your root CA with all your desired CT log servers.

Configuration

There are three Certificate Transparency modes:
    disabled: issued certs will not carry SCT extension
    enabled: issued certs will carry SCT extension
    perProfile: certs enrolled through those profiles
        that contain the following policyset
        will carry SCT extension
           SignedCertificateTimestampListExtDefaultImpl
default is disabled
if unknown mode then error will be thrown.

Here is a quick example on how to set up with 3 test CT logs where only two of them are enabled:

Add the following in CA’s CS.cfg:

ca.certTransparency.mode=enabled
ca.certTransparency.log.1.enable=true
ca.certTransparency.log.1.pubKey=MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEw8i8S7qiGEs9NXv0ZJFh6uuOmR2Q7dPprzk9XNNGkUXjzqx2SDvRfiwKYwBljfWujozHESVPQyydGaHhkaSz/g==
ca.certTransparency.log.1.url=http://ct.googleapis.com:80/testtube/
ca.certTransparency.log.1.version=1
ca.certTransparency.log.2.enable=true
ca.certTransparency.log.2.pubKey=MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEKATl2B3SAbxyzGOfNRB+AytNTGvdF/FFY6HzWb+/HPE4lJ37vx2nEm99KYUy9SoNzF5VyTwCQG5nL/c5Q77yQQ==
ca.certTransparency.log.2.url=http://ct.googleapis.com:80/logs/crucible/
ca.certTransparency.log.2.version=1
ca.certTransparency.log.3.enable=false
ca.certTransparency.log.3.pubKey=MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEiKfWtuoWCPMEzSKySjMjXpo38WOdZr6Yq0WYa2JQOv1uVMxkqHywf9Gz1kGeRLq/Rz3tVVvXgqb4jQ1UqKVKnw==
ca.certTransparency.log.3.url=http://ct.googleapis.com:80/logs/solera2020/
ca.certTransparency.log.3.version=1
ca.certTransparency.log.num=3

Restart the CA

Quick Test

A more comprehensive test procedure would involve setting up a TLS server and test for its cert’s inclusion from it’s specified CT logs. However, the following is a quick test method that I conduct during development just to test for inclusion of the SCT extension.

  • Generate a CSR, e.g.:

$ PKCS10Client -d . -p passwd -l 2048 -n "cn=ladycfu.test.redhat.com,OU=ladycfu-TEST,O=TestDomain" -o pkcs10-TLS.req

  • Submit the CSR to an enrollment profile depending on the CT mode in CS.cfg:

    • if (ca.certTransparency.mode=enabled)

      • use any enrollment profile

    • if (ca.certTransparency.mode=perProfile)

      • using one of the CT profiles, e.g. caServerCertWithSCT

  • Verify the SCT extension using openssl:

    • Copy the issued b64 cert into a file, e.g. ct1.pem

    • Convert the pem to binary: AtoB ct1.pem ct1.bin

    • openssl x509 -noout -text -inform der -in ct1.bin

      • Observe that the SCT extension is present, e.g.:

            CT Precertificate SCTs:
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : B0:CC:83:E5:A5:F9:7D:6B:AF:7C:09:CC:28:49:04:87:
                                2A:C7:E8:8B:13:2C:63:50:B7:C6:FD:26:E1:6C:6C:77
                    Timestamp : Jun 11 23:07:14.146 2020 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:6E:E7:DC:D6:6B:A6:43:E3:BB:8E:1D:28:
                                63:C6:6B:03:43:4E:7A:90:0F:D6:2B:E8:ED:55:1D:5F:
                                86:0C:5A:CE:02:20:53:EB:75:FA:75:54:9C:9F:D3:7A:
                                D4:E7:C6:6C:9B:33:2A:75:D8:AB:DE:7D:B9:FA:2B:19:
                                56:22:BB:EF:19:AD
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : C3:BF:03:A7:E1:CA:88:41:C6:07:BA:E3:FF:42:70:FC:
                                A5:EC:45:B1:86:EB:BE:4E:2C:F3:FC:77:86:30:F5:F6
                    Timestamp : Jun 11 23:07:14.516 2020 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:4A:C9:4D:EF:64:02:A7:69:FF:34:4E:41:
                                F4:87:E1:6D:67:B9:07:14:E6:01:47:C2:0A:72:88:7A:
                                A9:C3:9C:90:02:20:31:26:15:75:60:1E:E2:C0:A3:C2:
                                ED:CF:22:A0:3B:A4:10:86:D1:C1:A3:7F:68:CC:1A:DD:
                                6A:5E:10:B2:F1:8F

Or I could do asn1 dump like this: openssl asn1parse -i -inform der -in ct1.bin, and observe the hex dump. E.g.

  740:d=4  hl=4 l= 258 cons:     SEQUENCE
  744:d=5  hl=2 l=  10 prim:      OBJECT            :CT Precertificate SCTs
  756:d=5  hl=3 l= 243 prim:      OCTET STRING      [HEX DUMP]:0481F000EE007500B0CC83E5A5F97D6BAF7C09CC284904872AC7E88B132C6350B7C6FD26E16C6C7700000172A5A32D62000004030046304402206EE7DCD66BA643E3BB8E1D2863C66B03434E7A900FD62BE8ED551D5F860C5ACE022053EB75FA75549C9FD37AD4E7C66C9B332A75D8ABDE7DB9FA2B195622BBEF19AD007500C3BF03A7E1CA8841C607BAE3FF4270FCA5EC45B186EBBE4E2CF3FC778630F5F600000172A5A32ED4000004030046304402204AC94DEF6402A769FF344E41F487E16D67B90714E60147C20A72887AA9C39C90022031261575601EE2C0A3C2EDCF22A03BA41086D1C1A37F68CC1ADD6A5E10B2F18F
Tip
 To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis.
⚠️ **GitHub.com Fallback** ⚠️