0

To generate self signed certificate for AES128-SHA256 cipher using openssl, following commands are used.

AES128-SHA256 cipher commands :-

 openssl genrsa -aes128 -out 1.key 2048 
 openssl req -config csr.conf -new -key 1.key -out 1.csr 
 cp -f 1.key orig.1.key 
 openssl rsa -in orig.1.key -out 1.key 
 openssl x509 -req -in 1.csr -signkey 1.key -out 1.crt 
 openssl x509 -inform PEM -in 1.crt -outform DER -out rsacert.der

cat csr.conf file as below

[ req ]
default_bits        = 1024
default_keyfile     = server.key
distinguished_name  = req_distinguished_name
attributes      = req_attributes
prompt          = no
output_password = mypass

[ req_distinguished_name ]
C           = US
ST          = California
L           = San Francisco
O           = My Corporation
OU          = Engineering
CN          = webapp.securitydemos.net
emailAddress        = info@myserver.com

[ req_attributes ]
challengePassword       = A challenge password

Can anyone help to know parameters to generate self signed certificate for AES128-GCM-SHA256 cipher suite certificate which I can test using openssl s_server and s_client?

Following command is used to run s_server 

$ openssl s_server -key 1.key -cert 1.crt -accept 1440 -www -cipher AES128-SHA256

s_client also pointing same certificate, it works well. Similarly I would like do for "AES128-GCM-SHA256". Main intention for this task is to understand algorithm flow for each cipher.

Sachin
  • 501
  • 10
  • 18
  • ***`CN=webapp.securitydemos.net`*** is probably wrong. Hostnames always go in the *SAN*. If its present in the *CN*, then it must be present in the *SAN* too (you have to list it twice in this case). For more rules and reasons, see [How do you sign Certificate Signing Request with your Certification Authority](http://stackoverflow.com/a/21340898/608639) and [How to create a self-signed certificate with openssl?](http://stackoverflow.com/q/10175812/608639) You will also need to place the self-signed certificate in the appropriate trust store. – jww Jul 06 '17 at 00:13
  • Also, the TLS cipher suite, like `AES128-SHA256`, is mostly independent of the X509 certificate. In your case, it is independent. During channel setup, the server will use the X509 certificate to identify itself. TLS (and other protocols) with use a cipher suite during channel is setup. Finally, `AES128-SHA256` is usually a server configuration option. – jww Jul 06 '17 at 00:16
  • CN=webapp.securitydemos.net is not wrong, because I am testing by running s_server and s_client on my machine for testing. This exercise is to understand things not for production. Main motivation is I would like test individual cipher "openssl s_server -key 1.key -cert 1.crt -accept 1440 -www -cipher AES128-GCM-SHA256" – Sachin Jul 06 '17 at 16:03
  • *"CN=webapp.securitydemos.net is not wrong because I am testing by running `s_server` and `s_client` on my machine..."* - Well, it sure sounds fishy to me. But I don't have access to your configuration, so I'll take your word for it. You might want to try with `curl` or `wget`. They perform hostname matching (unlike most versions of `s_client`). Browsers have their own set of rules. Also see [How X509 Certificates are used for Encryption](https://security.stackexchange.com/q/31139/29925) on the InfoSec.SE. Maybe Thomas can convince you certificates and cipher suites are disjoint. – jww Jul 06 '17 at 23:27

0 Answers0