Category Archives: security

Certificate without subjectAltName causes NET::ERR_CERT_COMMON_NAME_INVALID error on Chrome

When I visited a site that uses a self-signed SSL certificate for development environment with Chrome, "Your connection is not private. NET::ERR_CERT_COMMON_NAME_INVALID" error occurred.

Although I use a self-signed certificate, I installed it for the clients and trusted it. (Keychain Access on Mac and Certificate Manager on Windows.)
The CN(Common Name) also matches the host name being accessed.

There is no problem with browsers other than Chrome.
Even Chrome could access without problems, but suddenly it got an error.

There is "[missing_subjectAltName]" in the error, so I thought the certificate without subjectAltName caused the error.

Cause

For Chrome 58 and later, only the subjectAlternativeName extension, not commonName, is used to match the domain name and site certificate.

https://support.google.com/chrome/a/answer/7391219?hl=en

Workaround

Create self-signed certificate with subjectAltName extension

Copy openssl.cnf and set subjectAltName, use it on creating certificate.

  1. Copy openssl.cnf(Below is example on Red Hat family. Change the path to openssl.cnf for other platforms.)
    $ cp /etc/pki/tls/openssl.cnf my-server.example.com.cnf
    
  2. x509_extensions in [ req ] section is v3_ca. So it seems I should add subjectAltName in [ v3_ca ] section.
    $ vi my-server.example.com.cnf
    
    [ req ]
    ...
    x509_extensions = v3_ca # The extentions to add to the self signed cert
    ...
    

    Add subjectAltName in [ v3_ca ] section.

    [ v3_ca ]
    ...
    subjectAltName=DNS.1:my-server.example.com
    ...
    

    You can also set multiple subjectAltNames.

    subjectAltName=DNS.1:my-server.example.com,DNS.2:my-server2.example.com
    

    See `man 5 x509v3_config` for detail.

  3. Create private key
    $ openssl genrsa -out my-server.example.com.key 2048
    
  4. Create certificate(Specify your cnf file for the -config option
    $ openssl req -new -x509 -days 36500 -sha256 -config my-server.example.com.cnf -key my-server.example.com.key -out my-server.example.com.crt
    

How to make sure that password authentication is disabled on SSH

After I have disabled password authentication on SSH, I want to attempt to connect with password authentication so that I confirm that password authentication is certainly disabled.

With -o option set PreferredAuthentications to password.

$ ssh -o PreferredAuthentications=password xxxx@example.com
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

If you see "Permission denied", it's OK.

Testing SSL certificate with OpenSSL commands

Before installing SSL certificate and Intermediate CA certificate on Web server such as Apache, you may want to verify them.
You can do it using OpenSSL openssl command.

Start SSL/TLS server using openssl s_server

s_server implements a generic SSL/TLS server which accepts connections from remote clients speaking SSL/TLS.

openssl s_server -cert <path/to/certificate> -key <path/to/private key> -CAfile <path/to/Intermediate CA certificate>

Example:

$ openssl s_server -cert server.crt -key server.key -CAfile intermediate.crt 
Using default temp DH parameters
Using default temp ECDH parameters
ACCEPT

Test with openssl s_client

Connect to the server using openssl s_client and verify certificates.
s_client implements a generic SSL/TLS client which can establish a transparent connection to a remote server speaking SSL/TLS.

openssl s_client -connect localhost:4433 -CAfile <path/to/CA certificate>

Example of CA certificate:

  • Mac OS X
    /etc/openssl/cert.pem
    /opt/local/etc/openssl/cert.pem、/opt/local/share/curl/curl-ca-bundle.crt (with MacPorts)
  • Ubuntu (You need to install ca-certificates using apt)
    /etc/ssl/certs/ca-certificates.crt
  • CentOS
    CA certificate id in /etc/pki/tls/certs/ca-bundle.crt but you don't have to specify it.

Example:

$ openssl s_client -connect localhost:4433 -CAfile /opt/local/share/curl/curl-ca-bundle.crt
CONNECTED(00000003)
depth=3 (omitted)
verify return:1
depth=2 (omitted)
verify return:1
depth=1 (omitted)
verify return:1
depth=0 (omitted)
verify return:1
---
Certificate chain
 0 s:(omitted)
   i:(omitted)
 1 s:(omitted)
   i:(omitted)
 2 s:(omitted)
   i:(omitted)
 3 s:(omitted)
   i:(omitted)
---
Server certificate
-----BEGIN CERTIFICATE-----
(omitted)
-----END CERTIFICATE-----
subject=(omitted)
issuer=(omitted)
---
No client certificate CA names sent
---
SSL handshake has read 4744 bytes and written 443 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: (omitted)
    Session-ID-ctx: 
    Master-Key: (omitted)
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    (omitted)
    Compression: 1 (zlib compression)
    Start Time: 1421023132
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---

After you have installed certificates on the server, verify them with s_client like below.
-servername is needed for SNI (Server Name Indication).

  • Mac OS X

    $ openssl s_client -connect www.example.com:443 -servername www.example.com -showcerts -CAfile /opt/local/etc/openssl/cert.pem
    
  • CentOS

    $ openssl s_client -connect www.example.com:443 -servername www.example.com -showcerts
    
  • Ubuntu
    (You need to install ca-certificates using apt)

    $ openssl s_client -connect www.example.com:443 -servername www.example.com -showcerts -CAfile /etc/ssl/certs/ca-certificates.crt
    

If you want to show expiring date of certificate,

$ echo | openssl s_client -connect www.example.com:443 -servername www.example.com -showcerts 2>/dev/null | openssl x509 -noout -dates

Set up public key authentication with SSH

1. Generate a keypair using the ssh-keygen

$ ssh-keygen -t rsa

You will be prompted to supply a filename for saving the keypair. Press enter to accept the default filename.
Then enter passphrase twice.
The keypair files below are generated in ~/.ssh.

  • id_rsa
  • id_rsa.pub

2. Add public key to the remote SSH server

Copy the public key file generated in step 1 to the user's home directory of remote server using scp or ftp.

$ scp ~/.ssh/id_rsa.pub user@host:

On remote server register the public key to ~/.ssh/authorized_keys using cat command and redirection.

$ cat id_rsa.pub >> ~/.ssh/authorized_keys

Modify the permissions of ~/.ssh directory and ~/.ssh/authorized_keys to allow only owner of them to read or write.

$ chmod 700 ~/.ssh
$ chmod 600 ~/.ssh/authorized_keys
  • Pay attention to the permission of the user's home directory of client side.
    In case that write permission for other than owner is set, it's bad.
    For example, when file mode of /home/hoge is 777 and you attempt to connect with SSH, you will have an error below.

    Permission denied (publickey,gssapi-with-mic).
    

    In this case the log file of server side (/var/log/secure) says

    Authentication refused: bad ownership or modes for directory /home/hoge
    

    You should set home directory's permissions to 700, 711, or 755.

3. Attempt to log in with public key authentication

$ ssh -l user host

You will be prompted to enter passphrase then enter the passphrase which you specified in executing ssh-keygen command.
Notice the passphrase is NOT a password of the user

4. Client side

Copy private key file (id_rsa) to the client side ~/.ssh

  • Pay attention to the permission of the private key file.
    Below is an error on Mac OS X.

    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    Permissions 0640 for '/Users/xxx/.ssh/id_rsa' are too open.
    It is recommended that your private key files are NOT accessible by others.
    This private key will be ignored.
    bad permissions: ignore key: /Users/xxx/.ssh/id_rsa
    Permission denied (publickey,gssapi-with-mic).
    

    Set the permissions of id_rsa to 600 and it will be OK.

  • If you use cwRsync, copy private key file (id_rsa) in .ssh directory under the HOME environment variable. (Same as directory in which known_hosts is created)

    For example:

    If HOME is /home/pistolfly and cygwin directory is C:\cygwin, use C:\cygwin\home\.ssh.
    (You can also specify path to private key file with -i option in rsync -e or --rsh options)

5. Disable password authentication

Edit /etc/ssh/sshd_config (server side)

Modify

PasswordAuthentication yes

to

PasswordAuthentication no

Disable root login.

PermitRootLogin no

Reload sshd as a root. Don't logout as root yet.

$ /etc/init.d/sshd reload