OpenSSL实战指南：透彻解析与常用命令

openssl

4星 · 超过85%的资源需积分: 49 69 浏览量更新于2024-07-21 2 收藏 1.56MB PDF 举报

身份认证购VIP最低享 7 折!

30元优惠券

"openssl-cookbook.pdf - 这是一本由OpenSSL官方推荐的英文书籍，深入讲解了OpenSSL的常用特性和命令。作者是Ivan Ristić，内容涵盖广泛，适合系统管理员、开发者和IT安全专业人士阅读，帮助读者理解和防御窃听及冒充攻击。" 《OpenSSL Cookbook》是由Ivan Ristić编著的第二版书籍，它详细介绍了OpenSSL最常用的功能和命令。OpenSSL是一个强大的安全套接层（SSL）和传输层安全（TLS）协议库，广泛用于加密网络通信，确保数据在互联网上传输时的安全性。这本书主要面向系统管理员、开发者以及IT安全领域的专业人士，提供了理解并部署SSL/TLS和公钥基础设施（PKI）所需的所有知识。SSL/TLS是互联网上广泛采用的加密协议，用于保护用户与服务器之间的通信，防止中间人攻击和数据被窃取。PKI则是一个用于验证数字证书和密钥的框架，它是实现SSL/TLS安全性的基础。通过阅读本书，读者将能够学习如何： 1. 安装和配置OpenSSL：了解安装过程，配置选项，以及如何在不同操作系统上进行操作。 2. 生成和管理密钥对：学习如何创建RSA、DSA等类型的密钥，以及证书请求（CSR）的生成。 3. 创建自签名证书和CA：理解如何建立自己的证书颁发机构（CA），以进行内部网络的安全通信。 4. 验证和调试SSL/TLS连接：学习使用OpenSSL命令行工具进行连接测试，识别潜在的安全问题。 5. 配置服务器：掌握如何在HTTP服务器（如Apache、Nginx）上正确设置SSL/TLS，包括支持最新的加密标准和最佳实践。 6. 处理SSL/TLS的性能和优化：了解如何平衡安全性和性能，减少握手延迟，提高大规模服务的处理能力。 7. 了解PKI原理：深入理解证书生命周期，撤销列表（CRL）和在线证书状态协议（OCSP）的工作机制。此外，书中还涵盖了最新的安全威胁和最佳实践，例如防范BEAST、POODLE等已知漏洞，以及如何应对SSL/TLS的未来挑战。作者Ivan Ristić以其丰富的经验和深入的研究，为读者提供了最全面、最新且实用的信息。《OpenSSL Cookbook》是一本实用的指南，它将帮助读者掌握OpenSSL的各个方面，确保其系统和服务能够提供最高级别的安全防护。对于任何希望在互联网上提供安全服务的人来说，这都是一本不可或缺的参考书籍。

资源详情

资源推荐

6 Chapter 1: OpenSSL

cast5-cbc cast5-cfb cast5-ecb cast5-ofb

des des-cbc des-cfb des-ecb

des-ede des-ede-cbc des-ede-cfb des-ede-ofb

des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb

des-ofb des3 desx rc2

rc2-40-cbc rc2-64-cbc rc2-cbc rc2-cfb

rc2-ecb rc2-ofb rc4 rc4-40

seed seed-cbc seed-cfb seed-ecb

seed-ofb zlib

Building a Trust Store

OpenSSL does not come with any trusted root certiﬁcates (also known as a trust store), so if

you’re installing from scratch you’ll have to ﬁnd them somewhere else. One possibility is to

use the trust store built into your operating system. This choice is usually ﬁne, but default

trust stores may not always be up to date. A better choice—but one that involves more work

—is to turn to Mozilla, which is putting a lot of effort into maintaining a robust trust store.

For example, this is what I did for my assessment tool on SSL Labs.

Because it’s open source, Mozilla keeps the trust store in the source code repository:

https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins…

/certdata.txt

Unfortunately, their certiﬁcate collection is in a proprietary format, which is not of much

use to others as is. If you don’t mind getting the collection via a third party, the Curl project

provides a regularly-updated conversion in Privacy-Enhanced Mail (PEM) format, which you

can use directly:

http://curl.haxx.se/docs/caextract.html

But you don’t have to write a conversion script if you’d rather download directly from Mozilla.

Conversion scripts are available in Perl or Go. I describe both in the following sections.

Note

If you do end up working on your own conversion script, note that Mozilla’s root

certiﬁcate ﬁle actually contains two types of certiﬁcates: those that are trusted and

are part of the store and also those that are explicitly distrusted. They use this

mechanism to ban compromised intermediate CA certiﬁcates (e.g., DigiNotar’s old

certiﬁcates). Both conversion tools described here are smart enough to exclude dis-

trusted certiﬁcates during the conversion process.

8 Chapter 1: OpenSSL

Key and Certiﬁcate Management

Most users turn to OpenSSL because they wish to conﬁgure and run a web server that sup-

ports SSL. That process consists of three steps: (1) generate a strong private key, (2) cre-

ate a Certiﬁcate Signing Request (CSR) and send it to a CA, and (3) install the CA-provided

certiﬁcate in your web server. These steps (and a few others) are covered in this section.

Key Generation

The ﬁrst step in preparing for the use of public encryption is to generate a private key. Before

you begin, you must make several decisions:

Key algorithm

OpenSSL supports RSA, DSA, and ECDSA keys, but not all types are practical for use in

all scenarios. For example, for web server keys everyone uses RSA, because DSA keys are

effectively limited to 1,024 bits (Internet Explorer doesn’t support anything stronger)

and ECDSA keys are yet to be widely supported by CAs. For SSH, DSA and RSA are

widely used, whereas ECDSA might not be supported by all clients.

Key size

The default key sizes might not be secure, which is why you should always explicitly

conﬁgure key size. For example, the default for RSA keys is only 512 bits, which is simply

insecure. If you used a 512-bit key on your server today, an intruder could take your

certiﬁcate and use brute force to recover your private key, after which he or she could

impersonate your web site. Today, 2,048-bit RSA keys are considered secure, and that’s

what you should use. Aim also to use 2,048 bits for DSA keys and at least 256 bits for

ECDSA.

Passphrase

Using a passphrase with a key is optional, but strongly recommended. Protected keys

can be safely stored, transported, and backed up. On the other hand, such keys are

inconvenient, because they can’t be used without their passphrases. For example, you

might be asked to enter the passphrase every time you wish to restart your web server.

For most, this is either too inconvenient or has unacceptable availability implications.

In addition, using protected keys in production does not actually increase the security

much, if at all. This is because, once activated, private keys are kept unprotected in

program memory; an attacker who can get to the server can get the keys from there

with just a little more effort. Thus, passphrases should be viewed only as a mechanism

for protecting private keys when they are not installed on production systems. In other

Key Generation 9

words, it’s all right to keep passphrases on production systems, next to the keys. If you

need better security in production, you should invest in a hardware solution.

To generate an RSA key, use the genrsa command:

$ openssl genrsa -aes128 -out fd.key 2048

Generating RSA private key, 2048 bit long modulus

....+++

...................................................................................…

+++

e is 65537 (0x10001)

Enter pass phrase for fd.key: ****************

Verifying - Enter pass phrase for fd.key: ****************

Here, I speciﬁed that the key be protected with AES-128. You can also use AES-192 or AES-256

(switches -aes192 and -aes256, respectively), but it’s best to stay away from the other algo-

rithms (DES, 3DES, and SEED).

Warning

The e value that you see in the output refers to the public exponent, which is set to

65,537 by default. This is what’s known as a short public exponent, and it signiﬁcantly

improves the performance of RSA veriﬁcation. Using the -3 switch, you can choose 3

as your public exponent and make veriﬁcation even faster. However, there are some

unpleasant historical weaknesses associated with the use of 3 as a public exponent,

which is why generally everyone recommends that you stick with 65,537. The latter

choice provides a safety margin that’s been proven effective in the past.

Private keys are stored in the so-called PEM format, which is just text:

$ cat fd.key

-----BEGIN RSA PRIVATE KEY-----

Proc-Type: 4,ENCRYPTED

DEK-Info: AES-128-CBC,01EC21976A463CE36E9DB59FF6AF689A

vERmFJzsLeAEDqWdXX4rNwogJp+y95uTnw+bOjWRw1+O1qgGqxQXPtH3LWDUz1Ym

mkpxmIwlSidVSUuUrrUzIL+V21EJ1W9iQ71SJoPOyzX7dYX5GCAwQm9Tsb40FhV/

[21 lines removed...]

4phGTprEnEwrffRnYrt7khQwrJhNsw6TTtthMhx/UCJdpQdaLW/TuylaJMWL1JRW

i321s5me5ej6Pr4fGccNOe7lZK+563d7v5znAx+Wo1C+F7YgF+g8LOQ8emC+6AVV

A small number of organizations will have very strict security requirements that require the private keys to be protected at any cost. For them,

the solution is to invest in a Hardware Security Module (HSM), which is a type of product speciﬁcally designed to make key extraction impossi-

ble, even with physical access to the server. To make this work, HSMs not only generate and store keys, but also perform all necessary operations

(e.g., signature generation). HSMs are typically very expensive.

剩余96页未读，继续阅读

cumt_TTR

粉丝: 10
资源: 12

OpenSSL实战指南：透彻解析与常用命令

openssl教程.pdf

openssl编程 pdf格式

OpenSSL-BIGNUM.pdf

openssl-1.1.1w-1.el7.x86-64.rpm

加入patch - 210-openssl-1.1.x-compat.patch

openssl-1.1.1t-1.el7.x86-64.rpm

openssl-3.0.1.tar.gz下载

perl(www::curl::easy) 被 openssl-1.1.1o-1.el7.x86_64 需要

warning: mysql-community-devel-8.0.33-1.el7.x86_64.rpm: Header V4 RSA/SHA256 Signature, key ID 3a79bd29: NOKEY error: Failed dependencies: pkgconfig(openssl) is needed by mysql-community-devel-8.0.33-1.el7.x86_64

openssh-8.3p1.tar.gz、zlib-1.2.11.tar.gz、openssl-1.1.1g.tar.gz

openssl-1.1.1f-2.ky10.x86_64.rpm

openssl-win64-3.0.7.zip

openssl-devel-1.2.7-17.el7.x86_64.rpm

openssl-libs-1.0.2k-16.el7.x86_64.rpm

xmlsec1-openssl-devel-1.2.25-4.el8.x86_64.rpm

https://www.openssl.org/source/openssl-3.3.0.tar.gz1安装部署1、备份原配置文件whereis opensslmv /usr/bin/openssl /usr/bin/openssl_old

openssl-devel-1.0.2k-21.el7_9.x86_64.rpm

openssl-1.1.1w-1.el7.x86_64.rpm

$>openssl pkcs12 -export -clcerts -in xxx/xxx-cert.pem -inkey xxx/xxx-key.pem -out xxx/xxx.pfx

openssl-1.1.1l-1.el6.x86_64.rpm

最新资源