8

I know that OpenSSL requires the CSR to be signed for a reason: to assure CSR validity, the fact that it was requested by the actual private key owner of the attached public key. It is absolutely fine, but in theory a CA can assure validity in other ways, especially when the CSR is never in transit. This is the case with self signed certificates, e.g. with locally issued and used company certs. In my case I would like to create certs without the private keys because they are generated on smart cards and they cannot be exported ever. And no, cards do not generate CSR during key generation.

I have not found any option in OpenSSL create a certificate from the sole public key. Despite in theory it is very well possible.

Is there an option in OpenSSL to do so? Any other means? I need to create X509 certificates.

Thanks

StackzOfZtuff
  • 17,783
  • 1
  • 50
  • 86
djozsef
  • 161
  • 1
  • 1
  • 8
  • 2
    Can't you use the smart card to sign the CSR? Simply produce the unsigned CSR and then submit it to the card for signing. Signing is typically a feature of a smart card since without being able to sign, it can't prove to anything that it has the private key. – AJ Henderson Feb 22 '15 at 16:33
  • The cards are OpenPGP and I need x509 certificates. Well, you got a point btw! GnuPG and X509 being so much different worlds made me forget that it may be possible in some twisted way. Will look into it. Thanks! – djozsef Feb 22 '15 at 22:10

2 Answers2

6

Yes you can circumvent this fact.

  1. create a fake csr with ANY private key
  2. the CA can use the force_pubkey flag (as mentioned here: https://www.openssl.org/docs/manmaster/man1/x509.html) to sign it even if the provided public key isn't the one that belongs to the private key you used when generating the csr.
  3. you have your X509 with your desired public key
Valentin Bossi
  • 63
  • 1
  • 4
  • Current link: https://www.openssl.org/docs/manmaster/man1/openssl-x509.html . Shouldn't the `-new` option in combination with `-force_pubkey` work as well, without creating a CSR first? – Perseids May 17 '22 at 11:41
  • 1
    maybe in newer versions of openssl other ways are possible yes. back 2018 this was a way to go. – Valentin Bossi May 17 '22 at 12:31
5

As AJ Henderson suggested, the perfect solution would be to have the OpenPGP card sign the CSR. It turned out that is possible with the gpgsm CLI tool. Damien Goutte-Gattat from the GnuPG-user mailing list answered the question:

Is there any way to create an X509 CSR signed with the private key stored on the card?

Yes, you can use the gpgsm(1) tool for that.

Make sure your card is in the card reader, then:

 $ gpgsm --armor --output mycsr.pem --gen-key

You’ll be prompted to select what kind of key you want, choose "Existing key from card" (make sure your card is in the reader). Then select which of the card keys you want to use (the signing key, the encryption key, or the authentication key) and the intended use of the future certificate.

At the end of the procedure, you’ll be prompted for your PIN in order to sign the CSR.

The documentation of Scute has a complete example (it uses gpgsm-gencert.sh, a deprecated helper script, instead of the above command, but the procedure is almost the same).

So there is no need to circumvent the CSR, you can make a valid X509 cert with GnuPG.

Community
  • 1
djozsef
  • 161
  • 1
  • 1
  • 8
  • See my comments under https://security.stackexchange.com/a/31131/24620 for reasons why you would not want to use gpgsm. I recommend openssl+libp11+opensc, OP can sign CSR with private key from openpgp card. – youfu Jul 01 '21 at 07:03