Previous: RoutingUp: Networking

TLS

Table of Contents

TLS superseeds SSL, it's used to encrypt communication between two parties, often over the transport layer (e.g. TCP). OpenSSL is a common implementation of both SSL and TLS used on linux platforms.

1. Certificate Authorities

The OpenSSL configuration files live in /etc/ssl, notably /etc/ssl/certs which holds a list of trusted certificates for the platform.

The certificates will most likely be in PEM (Privacy Enhanced Mail) format (essentially the file has a -----BEGIN XYZ----- header, and a -----END XYZ----- footer and the content is base64 encoded). For example, the root certificate for the DigiCert CA: 

$ cat /etc/ssl/certs/DigiCert_Assured_ID_Root_CA.pem
-----BEGIN CERTIFICATE-----
MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl
# more output omitted
-----END CERTIFICATE-----

Encoded here is the contents of a x.509 certificate, a format which defines an identity (e.g. hostname) and a public key: 

$ openssl x509 -noout -text -in /etc/ssl/certs/DigiCert_Assured_ID_Root_CA.pem

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Assured ID Root CA
        Validity
            Not Before: Nov 10 00:00:00 2006 GMT
            Not After : Nov 10 00:00:00 2031 GMT
        Subject: C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Assured ID Root CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus: ...
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier: 
                45:EB:A2:AF:F4:92:CB:82:31:2D:51:8B:A7:A7:21:9D:F3:6D:C8:0F
            X509v3 Authority Key Identifier: 
                45:EB:A2:AF:F4:92:CB:82:31:2D:51:8B:A7:A7:21:9D:F3:6D:C8:0F
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value: ...

A certificate will either be signed by a CA or self signed.

In linux, SSL certificates are found in /etc/ssl/certs, which are generated by running update-ca-certificates which looks at every line of /etc/ca-certificates.conf: a file describing which files in usr/local/share/ca-certificates should be trusted.

See also: https://manpages.ubuntu.com/manpages/xenial/man8/update-ca-certificates.8.html.

2. Digital Certificates

Communication starts with the client and server agreeing to use a certain cipher suite. The server will then provide its Digital Certificate: 

import ssl
# https://github.com/mcepl/M2Crypto
import M2Crypto

certificate = ssl.get_server_certificate(('www.gnu.org', 443))
x509 = M2Crypto.X509.load_cert_string(certificate)
x509.get_issuer.as_text()
# "C=US, O=Let's Encrypt, CN=R3"
x509.get_subject().as_text()
# "CN=wildebeest1p.gnu.org"

Note x.509 is the format used in TLS/SSL certificates. In the above snippet we obtain information about the certificate of 'www.gnu.org'. There are two principals associated with a certificate: the issuer and the subject.

First of all we obtain information about the issuer:

  • C=US tells us that the issuer is located in the US
  • O=Let's Encrypt is the organisation distributing the certificate (Let's Encrypt)

  • CN=R3 R3 is an intermediate certificate (CN stands for "Common Name"), we will need to follow the certificate chain to fully verify this certificate: 

    $ openssl s_client -showcerts -servername www.gnu.org -connect www.gnu.org:443 </dev/null

CONNECTED(00000003)
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R11
verify return:1
depth=0 CN = wildebeest1p.gnu.org
verify return:1
---
Certificate chain
 0 s:CN = wildebeest1p.gnu.org
   i:C = US, O = Let's Encrypt, CN = R11
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   v:NotBefore: Nov 13 08:04:26 2024 GMT; NotAfter: Feb 11 08:04:25 2025 GMT
-----BEGIN CERTIFICATE-----
MIIJoTCCCImgAwIBAgISBPmzdvDVwW++ut5BlSysPQhvMA0GCSqGSIb3DQEBCwUA
...
-----END CERTIFICATE-----
 1 s:C = US, O = Let's Encrypt, CN = R11
   i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   v:NotBefore: Mar 13 00:00:00 2024 GMT; NotAfter: Mar 12 23:59:59 2027 GMT
-----BEGIN CERTIFICATE-----
MIIFBjCCAu6gAwIBAgIRAIp9PhPWLzDvI4a9KQdrNPgwDQYJKoZIhvcNAQELBQAw
...
-----END CERTIFICATE-----
---
Server certificate
subject=CN = wildebeest1p.gnu.org
issuer=C = US, O = Let's Encrypt, CN = R11
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 4324 bytes and written 397 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
DONE

Next we obtain information about the subject:

  • CN=wildebeest1p.gnu.org this is the entity to whom the certificate is assigned

Author: root

Created: 2025-10-07 Tue 15:40

Validate