3

Today one of our certificates expired and I needed to order a new one. When collecting all the data needed to create a new one, I got the idea that all needed information is already contained in the expired existing certificate.

Are there any security threats when sending a expired certificate (x.509, private key) to someone else so they can extract all the information they need from this expired certificate for any reason?

Does it make any difference if they create a new certificate(We need a certificate for user ABC just like this expired one from user XYZ) or if they renew the old one in this context?

Chrᴉz remembers Monica
  • 133
  • 6
  • 3
    Why would you ever want to do this.... just use a variant of `openssl x509 -x509toreq -in certificate.crt -out CSR.csr -signkey privateKey.key` Source: https://www.sslshopper.com/article-most-common-openssl-commands.html – LvB Sep 11 '19 at 12:58
  • 2
    @LvB Please post this as an answer, not as a comment. –  Sep 11 '19 at 13:53
  • 1
    Sending the expired certificate isn't dangerous, the certificate is sent over in every connection handshake anyway. Sending the private key though, isn't necessary and causes several security issues, so don't. – Lie Ryan Sep 11 '19 at 23:46

3 Answers3

4

It's fine to reuse the data from the old certificate, but do NOT send anyone your new private key. The convention is to send a certificate authority a CSR (certificate signing request), which will contain the client's public key, start date, end date and distinguished name (country, common name, organization name, etc.). The only thing missing is the certificate authority's signature, which they will append to your CSR, thereby making it an actual certificate.

Irfan434
  • 719
  • 5
  • 7
  • For what evil purposes can the private key of an expired certificate be used? Isn't it worthless as it belongs to a expired or revoked certificate? – Chrᴉz remembers Monica Sep 11 '19 at 12:25
  • 1
    You're right. I meant the private key of the new certificate. The old private key doesn't matter, so you don't need to send it to the CA. – Irfan434 Sep 11 '19 at 12:27
  • 5
    @Chrᴉz: If a certificate gets renewed the private key of the previous certificate often gets reused. Also, the CA does not need to the private key in the first place. – Steffen Ullrich Sep 11 '19 at 12:48
  • 1
    @SteffenUllrich _If a certificate gets renewed the private key of the previous certificate often gets reused_ Thanks, that's what I wanted to know. – Chrᴉz remembers Monica Sep 11 '19 at 12:50
  • 1
    @Ahmad: Depending on your encryption settings, if someone MITM-ed your connection in the past and recorded the encrypted data packets, they may be now able to decrypt those packets if they now gain your private keys. You can protect against this by ensuring that all your ciphers have the property of perfect forward secrecy, but most systems usually aren't configured to only allow PFS connections. – Lie Ryan Sep 11 '19 at 23:43
  • 2
    **A certificate is NOT a signed CSR.** The CSR does contain the publickey (in a format that identifies the algorithm and parameters if any as well as the actual key) and usually contains a DN (which the CA can change), but does _not_ contain the validity period (which is selected by the CA) _nor_ numerous other values in the cert (mostly selected by the CA, although SAN is usually based on other input from the applicant/subject). Dump out a CSR and the cert resulting from it and it's easy to see the many differences. – dave_thompson_085 Sep 12 '19 at 04:15
  • @dave_thompson_085 SANs can be included in the CSR itself, although many CAs would ignore them. See https://security.stackexchange.com/a/154942/60335 – kubanczyk Feb 15 '20 at 12:24
2

Why would you ever want to do this. You can use the existing certificate as a template to generate a new Certificate Signing Request with one command:

openssl x509 -x509toreq -in certificate.crt -out CSR.csr -signkey privateKey.key

Here's an explanation of what all the arguments do:

  • -x509toreq: This instructs that you would like to use an existing x.509 certificate to generate a new signing request.
  • -in certificate.crt: This is the certificate you would like to use as a template. Of course, certificate.crt is a placeholder for the actual certificate.
  • -out CSR.csr: This is the resulting certificate signing request. Just like above, CSR.csr is a placeholder for the actual output file.
  • -signkey privateKey.key: This is the private key which is used to sign the new Certificate Signing Reqest.

Source: sslshopper.com/article-most-common-openssl-commands.html

LvB
  • 8,217
  • 1
  • 26
  • 43
1

There is no security risk here for if you're using a directory identity source, you will need to own the domain in order to use the cert. So even if one copies any information contained in the cert, an outside computer system or attacker doesn't have any needed information to authenticate or use that information adversely.

Leon B
  • 17
  • 2