rootninja

The s_client and s_server options provide a way to launch SSL-enabled command-line clients and servers

If you’re trying to configure a service that includes a TLS/SSL handshake and you want to know if the problem you’re experiencing is related to the application, firewall, certificate trust, misconfiguration, etc. here’s a way to eliminate TLS/SSL from your list of usual suspects.

I’m trying to use an Active Directory Domain Controller to supply a list of objects for an application running on a Linux machine, and I want to make sure the TLS/SSL is working, is trusted, and has nothing to do with the problem i’m having. The only thing the app tells me is “Unable to read schema”

First i’ll verify that my certificate is trusted. Lets see who issued my certificate.

# openssl x509 -noout -in rootninja.crt -issuer

issuer= /DC=com/DC=DOMAIN/CN=rootserver

Now I know which CA this came from, i’ll make sure I use that CA instead of whatever default one it might look at

# openssl verify -CApath /etc/pki/tls/ -CAfile rootserver.pem

rootserver.crt: OK

So now I know this certificate is blessed by my client, I can try to use it to connect. But let’s say I try to use a self-signed certificate or another cert that’s not trusted…

If it’s a trust issue, perhaps the certificate is valid, but it just can’t find the CA or intermediate certificate.

$ openssl s_client -connect rootserver.rootninja.com:636

CONNECTED(00000003)
depth=0 /CN=domainCA.rootninja.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /CN=domainCA.rootninja.com
verify error:num=27:certificate not trusted
verify return:1
depth=0 /CN=domainCA.rootninja.com
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
 0 s:/CN=domainCA.domain.com
   i:/DC=com/DC=domain/CN=dc1.domain.com
-----BEGIN CERTIFICATE-----
...

...
Verify return code: 21 (unable to verify the first certificate)
---

And using a self-signed certificate, you should see something like this.

CONNECTED(00000003)
depth=0 /C=US/ST=State/L=City/O=organization/CN=ldap01.rootninja.com
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=US/ST=State/L=City/O=organization/CN=ldap01.rootninja.com
verify return:1
...

...
No client certificate CA names sent
---
SSL handshake has read 983 bytes and written 331 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 1024 bit
...

...
    Verify return code: 18 (self signed certificate)
---

But, if everythings working correctly, your client should connect just fine. And it will look something like this, with a big fat Verify return code: 0 (ok) at the end.

CONNECTED(00000003)
depth=2 /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
verify return:1
depth=1 /C=US/ST=Az/O=GoDaddy.com/OU=http://certs.godaddy.com/repository/CN=Go Daddy CA/serial=007
verify return:1
depth=0 /CN=rootserver.rootninja.com/OU=Domain Control Validated
verify return:1
---
Certificate chain
 0 s:/CN=rootserver.rootninja.com/OU=Domain Control Validated
   i:/C=US/ST=Az/O=GoDaddy.com/OU=http://certs.godaddy.com/repository/CN=Go Daddy CA/serial=007
 1 s:/C=US/ST=Az/O=GoDaddy.com/OU=http://certs.godaddy.com/repository/CN=Go Daddy CA/serial=007
   i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
...

...
-----END CERTIFICATE-----
subject=/CN=rootserver.rootninja.com/OU=Domain Control Validated
issuer=/C=US/ST=Az/O=GoDaddy.com/OU=http://certs.godaddy.com/repository/CN=Go Daddy CA/serial=007
---
Acceptable client certificate CA names
/CN=rootserver.rootninja.com/OU=Domain Control Validated
/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
/C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root
/OU=Copyright (c) 1997 Microsoft Corp./OU=Microsoft Corporation/CN=Microsoft Root Authority
/DC=com/DC=microsoft/CN=Microsoft Root CA
/CN=NT AUTHORITY
---
SSL handshake has read 4561 bytes and written 355 bytes
---
New, TLSv1/SSLv3, Cipher is AES128-SHA
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : AES128-SHA
    Session-ID: 7407077777C77707177C7
    Session-ID-ctx:
    Master-Key: 7A97FE707C7078797B7437075E7F7267F5787E
    Key-Arg   : None
    Krb5 Principal: None
    Start Time: 1234567890
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---

http://www.openssl.org/

howto, security certificate, handshake, https, ldap, ldaps, openldap, openssl, self-signed certificate, ssl, s_client, tls

I’m going to test on a remote machine that I have a shell on, so lets see how many processors it has.

# grep Intel /proc/cpuinfo

vendor_id       : GenuineIntel
model name      : Intel(R) Core(TM)2 Duo CPU     E6750  @ 2.66GHz
vendor_id       : GenuineIntel
model name      : Intel(R) Core(TM)2 Duo CPU     E6750  @ 2.66GHz

It’s a dual core, so i’ll use -multi 2 so it will work them both, otherwise i’ll only get 1/2 the performance.

# openssl speed rsa4096 -multi 2

Forked child 0
Forked child 1
+DTP:4096:private:rsa:10
+DTP:4096:private:rsa:10
+R1:331:4096:10.02
+DTP:4096:public:rsa:10
+R1:326:4096:10.03
+DTP:4096:public:rsa:10
+R2:22973:4096:10.00
+R2:22932:4096:10.00
Got: +F2:3:4096:0.030755:0.000436 from 0
Got: +F2:3:4096:0.030269:0.000435 from 1
OpenSSL 0.9.8g 19 Oct 2007
built on: Wed Jan  7 10:26:51 EST 2009
options:bn(64,64) md2(int) rc4(ptr,int) des(idx,cisc,16,int) aes(partial) blowfish(ptr2)
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -I/usr/kerberos/include -DL_ENDIAN -DTERMIO -Wall -DMD32_REG_T=int -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wa,--noexecstack -DMD5_ASM
available timing options: TIMES TIMEB HZ=100 [sysconf value]
timing function used:
                  sign    verify    sign/s verify/s
rsa 4096 bits 0.015255s 0.000218s     65.6   4592.4

I wonder how many connections it can handle with its current 1024 bit certificate. You could test by retrieving a file accessible from the encrypted web server if you wanted (to see how many requests for something specific that the server can handle for example) I’ll try this from a different machine.

# openssl s_time -connect webserver.domain.com:443 -www /

No CIPHER specified
Collecting connection statistics for 30 seconds
tttttttttttttttttttttttttttttttttttttttttttttttttttttttttttt
tttttttttttttttttttttttttttttttttttttttttttttttttttttttttttt
8534 connections in 2.94s; 2902.72 connections/user sec, bytes read 0
8534 connections in 31 real seconds, 0 bytes read per connection
Now timing with session id reuse.
starting
rrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
rrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
23061 connections in 3.86s; 5974.35 connections/user sec, bytes read 0
23061 connections in 31 real seconds, 0 bytes read per connection

If you’ve got a few minutes to spare and like lots of pretty numbers, you could test all the encryption algorithms to see which ones work fastest:

# openssl speed

built on: Wed Jan  7 10:26:51 EST 2009
options:bn(64,64) md2(int) rc4(ptr,int) des(idx,cisc,16,int) aes(partial) blowfish(ptr2)
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -I/usr/kerberos/include -DL_ENDIAN -DTERMIO -Wall -DMD32_REG_T=int -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wa,--noexecstack -DMD5_ASM
available timing options: TIMES TIMEB HZ=100 [sysconf value]
timing function used: times
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
md2               2458.07k     5089.37k     6894.93k     7590.23k     7841.31k
mdc2                 0.00         0.00         0.00         0.00         0.00
md4              47327.87k   151968.15k   386570.75k   621349.55k   763865.77k
md5              35986.46k   110714.13k   261389.74k   395455.15k   468353.02k
hmac(md5)        38959.56k   112169.51k   262056.62k   395517.95k   465447.59k
sha1             35669.73k   100816.87k   215981.99k   300893.18k   339815.08k
rmd160           26496.42k    67477.06k   129295.87k   167140.69k   183642.79k
rc4             189715.02k   205440.73k   208567.21k   209034.92k   209436.67k
des cbc          46232.50k    48165.20k    48471.04k    48689.49k    48750.59k
des ede3         18221.70k    18466.13k    18522.28k    18549.42k    18557.61k
idea cbc             0.00         0.00         0.00         0.00         0.00
seed cbc         54065.39k    55218.54k    56056.32k    55951.36k    56126.12k
rc2 cbc          26351.53k    26860.07k    27004.42k    27230.89k    27241.13k
rc5-32/12 cbc        0.00         0.00         0.00         0.00         0.00
blowfish cbc     86801.48k    94550.31k    96936.53k    97497.43k    97853.44k
cast cbc         69679.26k    73961.77k    75234.65k    75818.81k    75751.42k
aes-128 cbc     130082.66k   138499.11k   141378.95k   139385.86k   140429.99k
aes-192 cbc     115406.87k   121816.87k   123616.34k   121751.21k   123030.19k
aes-256 cbc     103143.77k   108549.31k   109794.73k   108976.47k   110164.59k
camellia-128 cbc    82057.05k    86232.21k    88002.13k    88119.30k    88394.41k
camellia-192 cbc    63719.78k    66243.14k    66918.40k    66911.23k    67059.71k
camellia-256 cbc    62688.63k    66469.99k    66919.08k    66896.90k    67048.79k
sha256           23866.99k    55023.55k    96156.50k   119234.90k   127945.39k
sha512           17457.25k    70387.97k   115490.47k   169411.58k   197104.98k
aes-128 ige     133509.02k   143881.15k   146220.29k   145246.55k   145932.29k
aes-192 ige     118329.85k   124980.84k   127653.12k   127013.67k   127183.53k
aes-256 ige     106322.68k   111628.44k   113122.90k   112395.95k   112984.06k
                  sign    verify    sign/s verify/s
rsa  512 bits 0.000214s 0.000015s   4663.7  67323.3
rsa 1024 bits 0.000832s 0.000040s   1201.9  25101.5
rsa 2048 bits 0.004717s 0.000128s    212.0   7793.0
rsa 4096 bits 0.030215s 0.000436s     33.1   2293.0
                  sign    verify    sign/s verify/s
dsa  512 bits 0.000154s 0.000166s   6497.6   6035.4
dsa 1024 bits 0.000395s 0.000465s   2530.2   2150.9
dsa 2048 bits 0.001244s 0.001484s    803.9    673.7

security 1024, benchmark, benchmarking, certificate, encryption, https, openssl, webserver

If you submit an SSL certificate request for your Apache/Lighttpd web server to a Certificate Authority (CA) on a Windows Domain Controller, you might have to convert your resulting binary DER formatted Security Certificate into PEM so Apache or Lighttpd can understand it.

Convert a certificate from DER to PEM

# openssl x509 –in input.crt –inform DER –out output.crt –outform PEM

Convert a certificate from PEM to DER

# openssl x509 –in input.crt –inform PEM –out output.crt –outform DER

Convert a key from DER to PEM

# openssl rsa –in input.key –inform DER –out output.key –outform PEM

Convert a key from PEM to DER

# openssl rsa –in input.key –inform PEM –out output.key –outform DER

If you’re using Lighttpd, concatenate the key and pem cert so they’re both in one file. If your key has a password (openssl probably forced you to supply a password when you created the request), then you need to strip the password from it first unless you don’t mind having to supply the password every time you start the web server. I know most people don’t stop/start their server very often, but what about in a power failure, or in a remote location?

# openssl rsa -in server.key.original -out server.key.nopass
Enter pass phrase for server.key.original:
writing RSA key

howto, security certificate, der, key, openssl, pem, RSA, ssl, x509

This doesn’t have to be complicated at all.  This was what I did on my ldap servers:

That’s it!  No messing with the CA.pl script or running multiple openssl commands for requests, signings, password stripping, and catting keys/crts together.  I tested my LDAP implementation like this and it worked like a charm.  Having a copy of both certificates located at /etc/openldap/cacerts/ on both machines worked for me.  When I set up clients, I put the certs in their cacerts directory and they work just fine with start tls.  If you’re doing this for an openldap implementation, you can make sure it’s working using “ldapsearch -x -ZZ” which requires your encryption to work.

http://blog.rootninja.com/wp-content/uploads/2008/09/rootninja_80×151.jpg“>http://blog.rootninja.com/wp-content/uploads/2008/09/rootninja_80×151.jpg” alt=”root|ninja” width=”80″ height=”15″ />

Linux cert, key, ldap, openldap, openssl, pki, self-signed certificate, ssl, tls

I just got Wordpress installed and completely forgot to change the random password it started me off with to something I might have a chance of remembering.  So to change it, I opened a terminal and changed the password field for the account I just created in mysql.  Here’s how:

First you’ll need to get your password encrypted using openssl.

Copy this hash so you can paste it into your sql statement later.  Now connect to mysql.

If you know the database name you can just connect to it, if your forgot, which I did, just list them all.

Connect to your wordpress database.

And change the password.

And that’s it; all done.  Now you can get back to editing…

Linux forgotten passwords, mysql, openssl, wordpress