Here is how to create and use digital certificates to protect software application data. This is a companion page on private key architecture kerberos using Cryptography, a superset of what Amazon AWS uses.
“Badges? We don't need no stinking badges!” —from "BLAZING SADDLES" movie
Topics this page:
More and more organizations require that communication with them be protected in several ways:
So skill at dealing with digital certificates is becoming a common part of working software programs.
Uses for digital certificates are specified by the Extended Key Usage (EKU) and OID (object ID) numbers used by Microsoft:
How do I encrpyt an email?
First, Who's Your Certificate Authority?Each CA presents its own Certification Practice Statement (CPS). Make sure you reference the correct version and update:
Exchange of Bodily InformationThe first step in Thawte's process was to create an ID number containing a country code and the national identifcation code (a Social Security Number in the US).
I hesitated about giving out my social security number to yet another organization. I thought about what I was trusting:
So I opted to give them my drivers license instead of my social security number. That's actually a state identity number, not a national number. But that didn't occur to me until after I pressed the send button.
Email Identity & ClientWhat ever identity number I gave Thawte, that number is associated with the email account in the certificate.
This can't be a web-based mail account such as hotmail or Yahoo mail. The email I use must be a POP3 mail account such as Earthlink. (I don't know about AOL)
The bottom line is that I must use a mail client which does S/MIME processing, such as Outlook or Eudora Pro. I don't like Outlook 2000 because it's too slow and (by default) makes me go down 3 levels of pull down menus to select the action I use 99% of the time.
So I keep a list of where I've signed up, and encrypt it with a password I haven't used on anything else.
I've gone to using programs to generate password generation passwords and passphrases.
Copy of Certificate In a Safe PlaceIn case I'm hit by that perverbial truck, I printed out a screen image, wrote down the password, and filed the paper in the portable box where I keep unused credit cards, my passport, birth certificate, diplomas, Prometric score reports, and other valuables.
BTW, I should keep originals in a bank safe deposit box in case my home burns down, and only keep copies in the house.
Step 2: First Time Entry Into Personal Certification Home Page
After Thawte made sure that no one else was using the identity information I supplied, they made sure that I could remember what I entered.
I could use this link from Thawte to access my account (given that I can remember my email address and password).
To access a Windows 2000 server (for example, “Certx”) hosting Web Enrollment Support:
Step 3: Confirm Ownership with Email Pong
Step 4: Request Certificate
Now that Thawte considers my email address "trusted", I could request, view, and revoke my certificates from Thawte's Certificate Manager page at https://www.thawte.com/cgi/personal/cert/contents.exe
A different X.509 certificate is needed for each email client. The options:
Cryptographic Service ProviderI had to choose a CSP (Cryptographic Service Provider):
By US export regulations U.S. Department of Justice FAQ on Encryption Policy April 24, 1998 the “Base DSS and Diffie-Hellman Cryptographic Provider” and Microsoft Enhanced Cryptographic Provider can only be used in the United States. In the US, export controls on commercial encryption products are administered by the Bureau of Export Administration (BXA) in the U.S. Department of Commerce.
Next, I clicked OK to this pop-up window:
Step 5: Install Certificates
After I clicked OK, an email from Thawte notified me:
“You need to be running the same browser, on the same machine, logged in as the same user, as you were when you made the request."
To confirm that the certificate was really installed in MSIE 5, select Tools -> Internet Options... -> Content tab -> Certificates... button.
Clicking on the "View" button, I notice in the Details section that the Public key is 1024 bits and the thumbprint (hash) algorithm is SHA1.
Step 6: Backup, Export, and Restore PFX file via CER DER
If (when) my computer (eventually) crashes, I will need to be able to restore the keys. I also want to prevent access to my private key by deleting the .pfx file from the computer's hard disk, and importing the keys to the recovery agent account from a USB thumb drive or diskette I can take away with me.
Key Export FormatsBut first I must export the certificate to that a removeable media and store it somewhere safe (in my lockbox or on a physically secure stand-alone computer for recovery operations) so that I don't have to go through the hassle of requesting another from the CA (Thawte).
Different export formats can be specified during drag-and-drop copy (in the MSIE "Advanced Options" window):
Importing CertificatesImporting a certificate into my certificate store is easy. (Maybe too easy?) On my Windows machine, I just double click on (or a link to) a .cer file, such as GlobalSign's root CA certificate for this pop-up to select type of Trust. (When prompted, click "Open this file from its current location", then the "Install Certificate..." button)
Root CA on Microsoft IE7 browsers include:
Root CA on Firefox browsers include:
Note: Windows 2000 SP2 added several CA root certificates.
Step 7: Configure Email Client
Notice that I left the default selections of SHA and DES based on my earlier observations.
I chose not to sign all my emails. That would seem rather pretentious and a bit too nerdly for internet dating emails.
Step 8: Send Signed Email to someone
"No. Now you can tell whether a email is really from me." I explained.
"I can always tell it's from you. It's got your name at the top." she said rather impatiently.
"But what if someone forged my name?"
"I'll still know because no one is as disrespectful to his mother as you are." ;)
Anyway, Hotmail and other web-based email cannot accept certificates. A client program such as Microsoft Outlook, Outlook Express, or Eudora is required. Gmail can accept certs.
Step 9: What Was Your Name Again?
I noticed on Thawte page that the trust level is marked "Freemail" and the Certificate Distinguished Name (formal notation describing the holder of a particular certificate) contains my email address, not my name. That's because the CA can't confirm whether someone was impersonating me or not.
So in order for Thawte to really associate my name with the email address, I have to physically present my picture ID's to someone trusted by Thawte.
Thawte uses a "web of trust" -- a transitive trust based on the reputation of individuals.
Thawte required that I get at least 2 notaries to verify my ID. I could use two highly trusted notaries or several less trusted ones. Thawte uses a point system based on the number of identities a notary verifies.
Step 10: Add Another Email
"many mail clients will only recognize the FIRST email address in the certificate. The best strategy is thus to obtain different certificates for your different email accounts."
Step 11: Employment and Extranet Membership Verification
This would allow single sign-on capability to access several websites with mutual trusts.
Signing DocumentsWith an X.509, I could use the PrivaSeal product from Aliroo.com or Docutouch.com to sign an entire document or paragraphs in a document. Multiple users can sign the same paragraph (to provide non-repudiation of them personally reading it). The product can also maintain an extensive audit log. To validate a document signed by PrivaSeal, double-click on the signature to evoke a green "Valid" or a red "Invalid" notation. A right-button mouse click leads to the signer's digital certificate information for identity verification purposes.
Organizational MembershipTo access corporate extranets, I need to positively identify myself and obtain a certificate from a Corporate CA.
Clients can trust a CA only if a copy of the CA root certificate is in the trusted root certificate store.
Import DoD Root Certificates from dodpki.c3pki.chamb.disa.mil
These are by default created in the more common PEM (Privacy Enhanced Mail) format or between these two lines:
-----END RSA PRIVATE KEY-----
NOTE: There is also a NET format for older Netscape and IIS servers which uses unsalted ARC4 for its encryption, which is not secure. So its used is avoided.
To convert a PEM-format key to a DER-format one within Unix:
# openssl rsa -in host.key -outform DER -out host.der
DoD Configuration Firefox3 add-on does all this for you.
Import DoD Certificate Revocation Lists (in binary form) from
CA SignatureIn order to establish whether the CA behind a certificate is genuine, a hash of that CA's own Private Key -- the CA Signature -- accompanies the cipher text as part of encrypted envelopes sent.
CA Signature Hash
SHA1: 135CEC36 F49CB8E9 3B1AB270 CD808846 76CE8F33 MD5: A61B375E 390D9C36 54EEBD20 31461F6B SHA1: BC:89:78:19:8C:3D:2B:2D:3B:58:5F:0C:A3:A5:86:3C:5C:E3:AE:18 MD5: 52:A5:D3:C9:19:84:FE:CF:A4:AD:AE:69:33:36:95:6D
The receiver of a CA Signature can verify its authenticity by going to that CA's public website.
The SignTool utility verify command determines whether the signing certificate was issued by a trusted authority, whether the signing certificate has been revoked, and, optionally, whether the signing certificate is valid for a specific policy.
Microsoft Windows stores each user's certificates in its Windows system registry with Name Blob (REG_BINARY data type) under the keys
The CA store contains less frequently used certification authorities.
The My store contains the CURRENT USER's personal certificates.
The AddressBook store contains Trusted People and Trusted Publisher (other people's) certificates.
PKI provides for five standard certificate stores:
Windows Server by default store certificates provided by CAAuths in folder
OpenBSD machine by default store SSL private keys in a directory readable only by root:
/etc/ssl containing public keys should theoretically be world readable (but writeable only by root)
Passwords are stored in a digital certificate, which is a container for one or more digital signatures -- forms of ID such as a birth certificate, drivers license, or passport -- bound to a public key. Extensible fields in the certificate delineate group memberships and object permissions.
A digital signature which meets ITU (International Telecommunications Union) Telecommunication Standardization (ITU-T) PKIX X.509 version 3 [RFC 2459] standard is generated based on
PKI automates the process of verifying whether certificates are valid. It provides the capability to easily publish, manage, and use public keys.
Getting a digital certificate from a trusted CA is like getting a passport, drivers license, or identification card from a governmental entity or some trusted third party (TTP). Like a Notary Public, the CA verifies that you are who you say you are.
Each CA has its own CA Public Key which is used to determine the CA's own identity.
The terms "encipher" and "encrypt" are synonymous, as are the terms "decipher" and "decrypt".
Microsoft Office applications such as Excel by default operates in "Medium" setting for Tools -> Macros -> Security. A setting of "Low" trusts all macros and add-ins, which is not recommended but useful during initial development of macros.
In shared production usage of a macro, scripts should be signed. We don't want anyone getting access to the scripts and altering them, so the execution policy is set to Allsigned so that whenever a signed script is changed it will not be allowed to be executed until it is signed again.
An authenticode is a digital signature that verify software origin, authenticity, and integrity for "code signing".
To digitally sign Excel macros (to keep them from triggering security messages), Microsoft provides its
makecert.exe, Microsoft's Certificate Creation Tool (invoked from Windows console command utility) should be used to code sign executable files larger than 300 megabytes. This is according to KB 922225.
To use Makecert to create a self-signed certificate for development:
makecert -r -pe -n "CN=Wilson Mar" -eku 184.108.40.206.220.127.116.11.3 -ss My
-pe = Mark generated private key as exportable
-n "CN=Wilson Mar" = Issuer's certificate common name
-eku 18.104.22.168.22.214.171.124.3 = enhanced key usage OIDs that enable programs to determine whether a certificate is valid for a particular use. The set of numbers here is for a self-signed cert.
-ss My = The MY Certificate Store
The example above assumes these defaults:
-e 01/01/2039 = End of [NotAfter] validity period; defaults to 2039
-a <algorithm> = The signature algorithm <md5|sha1> defaults to 'md5'
# openssl x509 -req -days 365 -in /etc/ssl/private/host.csr \ -signkey /etc/ssl/private/host.key -out /etc/ssl/host.crt
x509 is the type of output (a signed X.509 public-key certificate)
In the Project Explorer window (by default on the upper right), select the VBA macro project that you want to digitally sign.
In the VBA menu bar, open menu item "Tools" --> "Digital Signature"
Simply select your own certificate and sign your macro.
Close Excel. When Excel opens again, choose "Always trust this publisher".
To export your certificate from your first computer and import it onto each of the other computers. Save the file to your other computers (email it maybe). Then on the other computers, go to the control panel, same location, and select "Import certificate".
On Firfox browsers, select menu Tools > Options > Advanced > Encryption tab > View Certificates. On IE7 browsers, select menu Tools > Internet Options > Content tab > Certificates.
Certificate requests can also be created and installed using Microsoft's
The version in Windows 2003 is 123,904 bytes.
The version in Vista 32 is 215,040 bytes.
The version in C:\Windows\winsxs\x86_microsoft-windows-certificaterequesttool_31bf3856ad364e35_6.0.6001.18000_none_6810938417684464 is 215,040 bytes.
To enable revocation-checking through web browsers executing .Asp tasks, go to a CLI command prompt on the CA and use this:
Windows 200x uses xenroll.dll for certificate enrollment.
CA enrollment uses transport-independent message formats that support PKCS (Public Key Cryptographic Standards):
Legal information about certificates from a CA is described in that CA's Issuer Policy statement.
In Windows 200x, Kerberos is the default SSP and SNEGO (IETF's Security Negotiation Mechanism) for GSS-API [RFC 2478] extend SSP interoperability. SSPI uses the Negotiate SSP to match security levels within a security provider exchange.
Windows 200x uses Active Directory to map information about users to digital certificates based on X.500.
Updating CA root cert on IBM Workplace Collaboration Services makes use of keytool.
You can import a trusted root certificate from several types of files:
SGC certificates are obtained only from a commercial CA (such as Verisign), not from an Enterprise CA or stand-alone CA.
After the SGC certificate has been installed, select the IIS 5.0 SSL “Secure Communications” dialog box.
To request a certificate using a command line utility:
Certificate TraceabilityA certificate is only as good as the Certificate Authority behind it. A certificate could be issued by a rogue Certificate Authority (e.g., citibank.biz).
Certificate Expiration and RevocationThe life expectancy of the certificate issued to a Windows 2000 machine is stored in its registry key
Recipients of signed documents should check if the certificate has been revoked by its CA after issuance. This could occur if a certificate was found to have been issued to an imposter. This has occured even with certificates issued to Microsoft.
To revoke a certificate use the Certification Authority console GUI or a command line utility specify the serial number:
To prevent the CA certificate from expiring, you must manually renew the certificate. Stop the Certificate Services service. Enter the Certification Authority console and select the Renew CA Certificate option.
Additional Decryption Keys (ADKs)Pressure from government bodies led to the creation of Additional Decryption Keys (ADKs), which are added to the public key certificate and allow a third party to also decrypt emails that were encrypted by the public key. If a user agrees to an ADK being added to his public key, it is placed within the secure area of the certificate.
A server accelerator card is also known as an SSL card because it is used to generate encryption keys for secure transactions on e-commerce Web sites.
Microsoft TechNet article: Helping to Secure Communication: Client to Front-End Server
When a secure transaction is initiated, the Web site's server sends its certificate, which has been provided by a certifying authority, to the client machine to verify the Web site's authenticity. After this exchange, a secret key is used to encrypt all data transferred between sender and receiver so that all personal and credit card information is protected. This process can severely overload a server resulting in fewer transactions processed per second, which means fewer sales. The server accelerator card takes over this process, thus reducing the load on the server. Server accelerator cards support a number of security protocols including Secure Sockets Layer (SSL) and Secure Electronic Transaction (set).
The server accelerator card is installed into a (PCI) slot of a server. A software driver is loaded, and the server is ready to receive orders. This is much easier and more cost-effective than buying additional servers. Additional cards can be installed as the server's secure transactions increase.
SSL acceleration appliances are external units that have server accelerator cards installed inside them. The unit is then plugged into the server. When a secure transaction is detected, the transaction is routed to the SSL acceleration unit for processing. SSL accelerator appliances can be added together as needed by clustering them together.
On Sun Solaris 8 machines, Sun offers its Crypto Accelerator 500 Daughterboard, the Crypto Crypto Accelerator 1000 PCI board, and Crypto Accelerator 4000 Board.
The F5 Networks offers its Big-IP FIPS SSL Accelerator.
Check Point's VPN-1 Accelerator Card III delivers over 400 Mbps 3DES VPN throughput.
The QuickSafe SSL Accelerator from Cryptographic Appliances outscales any dedicated SSL accelerator on the market with (1024 bit) SSL operations a second. Their appliance is situated behind web servers (and thus less open to attacks). This allows the maintainance of a session cache (for "true" load balancing) and only a single certificate rather than distributing certificate keys on multiple encryption devices.
The HP/Atalla AXL600L SSL Accelerator Card is only for HP's Proliant servers run by Windows or Linux. This 33-MHz 32-bit device incorporates a dual voltage signal bus.
The CacheFlow card caches what flows through it — a speed-enhancing feature other products do not offer.
The Alteon Switch Alteon iSD-SSL Accelerator.
SonicWALL SSL Accelerator PCI Card
-- 1. (done one time) is:
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'p@$$WORD1'; GO USE Northwind; ALTER TABLE Orders ADD cc_enc nvarchar(40); -- to hold encrypted credit card key. ALTER TABLE Orders ADD decrypted_cc nvarchar(40); -- to hold decrypted credit card numbers. ALTER TABLE Orders ADD cc nvarchar(40); -- to hold actual credit card number
-- 2. (done one time) To create a symmetric (open) key (symm_1) -- in MS-SQL's sys.openkeys system table.
CREATE SYMMETRIC KEY symm_1 WITH ALGORITHM=DES ENCRYPTION BY PASSWORD='Test1234' SELECT * FROM sys.openkeys OPEN SYMMETRIC KEY symm_1 DECRYPTION BY PASSWORD='Test1234' UPDATE Orders SET cc_enc = ENCRYPTBYKEY(cc_enc)) as decrypted_cc; SELECT *, CONVERT( nvarchar, DECRYPTBYKEY(cc_enc)) as decrypted_cc FROM Orders; SELECT * FROM Orders -- to verify
-- 3. (done one time) To create an asymmetric_keys pair to encrypt the symmetric key -- in MS-SQL's asymmetric_keys system table.
CREATE ASYMMETRIC KEY asymn_2 WITH ALGORITHM=RAS_1024 -- or RSA_512, RSA_2048 SELECT * FROM sys.asymmetric_keys; CREATE SYMMETRIC KEY symm_2 WITH ALGORITHM=DES ENCRYPTION BY ASSYMMETRIC KEY asymm_2 SELECT * FROM sys.symmetric_keys SELECT * FROM Orders; -- to verify
-- 4. When updating with asymmetric key with one-way password:
UPDATE Orders -- do one or the other SET: -- SET cc_enc = NULL -- to clear SET cc_enc = ENCRYPTSYSKEY(KEY_GUID('asymn_1'),cc) SELECT * FROM Orders; -- to verify
-- 5. When starting to read symmetric key:
OPEN SYMMETRIC KEY asymm_2 DECRYPTION BY ASYMMETRIC KEY asymm_2; SELECT * FROM sys.openkeys;
-- 6. When reading:
UPDATE Orders SET cc_enc = ENCRYPTBYKEY(cc_enc)) as decrypted_cc;
-- 7. When done with the:
CLOSE SYMMETRIC KEY symm_2; CLOSE ASYMMETRIC KEY asymn_2;
-- 8. To verify whether sys.openkeys and sys.asymmetric_keys were properly closed:
-- 9. To create digital certificates "cert_1" in sys.certificates system table:
SELECT * FROM sys.certificates; -- before picture CREATE CERTIFICATE cert_2 ENCRYPTION BY PASSWORD = 'P@ssword123' WITH SUBJECT = 'ms sql server certificate test', -- remember the comma here! EXPIRY_DATE = '12/31/2011' -- or one year is default. -- OR -- CREATE cert_1 FROM FILE='' -- from VeriSign, Thawte, etc. SELECT * FROM sys.certificates; -- after picture
-- 10. To use certificate during update:
SELECT * FROM Orders WHERE EmployeeID=5; -- before UPDATE Orders SET cc_enc = NULL; UPDATE Orders SET cc_enc = ENCRYPTBYCERT( CERT_ID('cert_1',cc) ); SELECT *, CONVERT( nvarchar, DECRYPTBYCERT(CERT_ID('cert_1',cc_enc,N'P@ssword123')) as decrypted_cc FROM Orders; SELECT * FROM Orders WHERE EmployeeID=5; -- after
-- 9. To re-open, then remove keys in sys.openkeys and sys.asymmetric_keys:
SELECT * FROM sys.certificates
The keystore is created one time using a command such as:
Private certificates are imported into the keystore using this command:
-import -file privatekeyfile.pem -keypass privatekeypassword
-keystore keystorename -storepass keystorepassword
-import -file privatekeyfile.pem -keypass privatekeypassword
-keystore keystorename -storepass keystorepassword
Java Cryptography Extensions : Practical Guide for Programmers by Jason Weiss
Your first name:
Your family name:
Your location (city, country):
Your Email address:
Top of Page