TinyCert – Become Your Own PKI/CA Authority in a Matter of Minutes (opens in new tab)

(tinycert.org)

74 pointskolev10y ago38 comments

38 comments

While not the only one out there[1], I've been hacking a cli tool written in bash[2] to streamline the OpenSSL commands geared toward a PKI/CA workflow. I started it mainly for my overall learning of OpenSSL from nothing and for my small scale needs with my CoreOS servers.

What I learned from this exercise, is that it's not the complexity of the commands that is the issue with OpenSSL, it's:

1) The importance of consistent naming schemes (for the humans) and PKI hierarchy design (the nuances of keyUsage, basicConstraints, and extendedKeyUsage)

2) consistent execution of commands; typos are more likely the more you have to put in the CLI manually

3) good configuration files aren't utilized enough in most of the tutorials I found. They can streamline use, archive procedure, and prevent typos as in point #2.

4) The importing of certs and keys in an automatic way is a sort of dark corner of the tutorial world. But permissions are super important! I came up with an import strategy that I think works pretty well.[3] Please examine and break it!

[1]https://github.com/OpenVPN/easy-rsa

[2]https://github.com/brianclements/pkictl

[3]https://github.com/brianclements/pkictl#import

ivanr10y ago

I quite like the idea of TinyCert and often wanted to do something similar myself. Although creating a private CA is not a lot of work initially, maintaining it is a hassle, especially when you'd rather be doing something else. TinyCert could be useful for development teams (and other similar non-security-critical uses) to get rid of self-signed certificates altogether.

However, for me, the fact that they have all the private keys is a deal breaker. Further, I'd like to see the certificates name-constrained to specific development hostnames. And I don't like the fact that the keyUsage and extendedKeyUsage fields are not locked down. If I am going to install a private CA root, I want to have the smallest possible attack surface.

Overall, if they offer this as something that can be locally installed, it could be a useful product. Especially if it integrates with a low-cost HSM, for example https://www.nitrokey.com/

In the meantime, for anyone looking for good documentation on how to achieve the same using just OpenSSL on the command line, I have an easy-to-follow guide as part of my OpenSSL Cookbook:

https://www.feistyduck.com/library/openssl-cookbook/online/c...

methou10y ago

I agree with maintaining is a hassle, but creating a private CA is also not that easy. I was building up my own CA, there was still a lot of stuff to take care of, from policies/keyUsages to CRL/OCSP/SECP, when ECC comes in, encryption and decryption usages sometimes could be separated. There's whole lot of tiny little details somewhere makes me to rebuild the CA. I'm on G32 revision.

And the nitrokeys are great, I've never expected an affordable HSM for home/private use, thank you for mentioning it. I think I'm going to roll out G33 ;p

nspassov10y ago

The fact that they keep your private keys in their database is what makes this a bad idea to use.

Cannot see what kind of people this service is targeted to, since the ones who understand what a CA is and need to sign their own certificates probably already know how to use OpenSSL.

superuser210y ago

OpenSSL's CLI is pretty annoying, and for many (like me!) it mostly consists of copy-pasting commands into a text editor, modifying them slightly, and pasting them into a terminal. Could be better. But yeah, trusting a third party with your private keys isn't an answer.

ollybee10y ago

Maybe look at Dogtag Certificate System

raidan10y ago

I believe this was mentioned last time TinyCert appeared on HN, but a self-hosted version of this would be more ideal.

I personally use etcd-ca[0] to ease management of my own certificates.

[0] https://github.com/coreos/etcd-ca

radiac10y ago

As you say, I'd prefer to run this sort of thing locally - half the point of running your own CA is that you have full control over it.

I wrote caman (https://github.com/radiac/caman), a bash script wrapper for openssl with what looks like a similar syntax to etcd-ca. I posted about it on HN a while back, but it now also supports SAN certificates and intermediate CAs.

strommen10y ago

So just to be clear: whatever you do with the keys generated by this service is trivially pwn-able by TinyCert.

Maybe you trust TinyCert not to be malicious. But do you think they're completely unhackable? A database full of private keys is a mighty tempting reward for attackers.

I wouldn't touch private-key-generation-as-a-service with a 10-foot pole.

sneak10y ago

First, they have to care. Second, they'd have to MITM your network connection. The chance of a single party being able to do both of those is very, very low.

Sure, it's not best practices. Is it better than what R&D teams are doing now? (Unvalidated self-signed certs, or no encryption at all.) Absolutely.

People complaining about this are like people who complain about invalid cert warnings not being strong enough (or too easy to disable) while half the world still browses with http with no warnings.

It's a significant improvement over the status quo.

IgorPartola10y ago

Come on over to my place. I won't MITM you, I promise :). Or we could go down to the coffee shop down the street. They have free Wi-Fi there too. Or maybe you'd like to visit my favorite co-working space. How about a conference room at my corporate office? Or maybe I'm your friendly $DAY_JOB firewall guy with a hankering to read your email. Perhaps I am your crazy ex working for $ISP. Or maybe I am on the same public cloud as your server and my VM just happens to be hosted on the same physical box as yours. There are lots of ways to MITM a connection that don't require you to do Mission Impossible style of break ins to tap into the backbone.

1 more reply

stengaard10y ago

From their FAQ: "Your certificate authorities' and certificates' private keys are generated on the TinyCert servers and stored in the database."

andmarios10y ago

It seems nice! A few days back I was playing a bit with golang's crypto and examples and I created a small cli app[1] to generate CAs and private key - certificate pairs signed by them. I wanted to create a small web service on top too (no need for sign up though, just check some fields and download a zip with your files) but haven't find time.

The most difficult problem imo, remains the management and not the creation of the keys and certs. I occasionally use them to connect backend services securely, so I have to install the root cert to every server OS and every JVM based app (here we create a keystore). Then I have to install each private key and certificate to the appropriate service. If the service is JVM based we also have to adjust its command line switches. Should a private key get stolen and we have one root CA for all services, we should delete and recreate everything. PKI is complex and with tens or hundreds of services its almost impossible to manage. Even the simplest task, like downloading a file from a nexus repository by a JVM based app using https and a free StartSSL certificate is very hard, since Oracle doesn't include StartCom's root CA.

[1] https://github.com/andmarios/quickcert

vdm10y ago

Posted today: http://techblog.netflix.com/2015/09/introducing-lemur.html

chatu10y ago

This is exactly what I needed. Easy to use and you are still in control.

n1x0n99710y ago

As others said, the whole point of having your own CA is that you have full trust and control over it. If you give someone your root ca private key then you may as well not have your own PKI at all (I can't see the point).

re cli - pain^2 , I ended up using xca

throwaway776710y ago

This is insane. It's a service that generates private keys for you and stores copies.

Why would anyone want this? Or is my sarcasm detector way off?

peterwwillis10y ago

It could be i'm totally missing the use-case for this, but personally I think if you can't take the 30 minutes to google one of the hundreds of guides that use OpenSSL commands and precompiled win32 binaries to generate three files you shouldn't be trusted with providing security for a website. Who are these people who need SSL and don't have 30 minutes to learn this once?

There are tons of scripts and other tools that handle the commands for you, too. Do I really need to sign up for yet another website just to perform one operation? (No, and neither should you)

userbinator10y ago

The trend these days seems to be turning everything into a service.

xorcist10y ago

There is CA functionality included in basic OpenSSL:

https://www.openssl.org/docs/manmaster/apps/ca.html

robzyb10y ago

We know. They say very clearly on the front page that one of their advantages is:

> Generate and manage SSL certificates quickly and easily without looking up complex OpenSSL commands.

tzakrajs10y ago

But openssl commands aren't complex. Confusion ensues.

2 more replies

mkesper10y ago

They mention StartSSL for production certificates. Beware that while creating certificates with them is gratis, REVOKING them will cost you money. https://www.techdirt.com/articles/20140409/11442426859/shame...

0XAFFE10y ago

They actually have the most reasonable business model, as they only charge you for services where human interaction is required (fe checking your credentials or adding your certificate to the revocation list), anything else like signing your certificate is free.

dchest10y ago

Note that StartSSL certificates are only free for "non-commercial" use, where "non-commercial" is not a clearly defined term, e.g. if you domain name contains businessy terms , such as "sell", they will refuse to issue a free cert.

devNoise10y ago

I tried to setup some a SSL cert through StartSSL and hit the paywall when I wanted to create a cert for a sub domain. The fees to get class 2 verification cost more than buying a basic SSL elsewhere.

r1ch10y ago

You can do subdomains, but with only class 1 verification you are limited to one subdomain per cert and the root domain is also included.

fidget10y ago

Not open source.

kolevOP10y ago

I know. I've discussed this with the author, there are some IP issues he's trying to resolve. Outside of this obstacle, his desire is to open-source it.

z9210y ago

It's like self signed certificate. From their FAQ:

"...but any regular user's browser will rightly put up a big fat warning message as they do not trust the root certificate of your TinyCert CAs."

helb10y ago

Not sure i got it right – is it some kind of self-signed/untrusted certificate generation as-a-service?

kolevOP10y ago

Pretty much, yes. It has an API as well. You have to accept the root certificate of the authority you create in the browser and then you don't have do accept all self-signed certificates based on it. It's aiming to ease development, it's not to be used in production.

berzemus10y ago

There's no such thing as "quick and easy" security..

smegel10y ago

yum install tinyca

j / k navigate · click thread line to collapse

38 comments

brianclements10y ago

What I learned from this exercise, is that it's not the complexity of the commands that is the issue with OpenSSL, it's:

1) The importance of consistent naming schemes (for the humans) and PKI hierarchy design (the nuances of keyUsage, basicConstraints, and extendedKeyUsage)

2) consistent execution of commands; typos are more likely the more you have to put in the CLI manually

3) good configuration files aren't utilized enough in most of the tutorials I found. They can streamline use, archive procedure, and prevent typos as in point #2.

[1]https://github.com/OpenVPN/easy-rsa

[2]https://github.com/brianclements/pkictl

[3]https://github.com/brianclements/pkictl#import

ivanr10y ago

Overall, if they offer this as something that can be locally installed, it could be a useful product. Especially if it integrates with a low-cost HSM, for example https://www.nitrokey.com/

In the meantime, for anyone looking for good documentation on how to achieve the same using just OpenSSL on the command line, I have an easy-to-follow guide as part of my OpenSSL Cookbook:

https://www.feistyduck.com/library/openssl-cookbook/online/c...

methou10y ago

And the nitrokeys are great, I've never expected an affordable HSM for home/private use, thank you for mentioning it. I think I'm going to roll out G33 ;p

nspassov10y ago

The fact that they keep your private keys in their database is what makes this a bad idea to use.

Cannot see what kind of people this service is targeted to, since the ones who understand what a CA is and need to sign their own certificates probably already know how to use OpenSSL.

superuser210y ago

ollybee10y ago

Maybe look at Dogtag Certificate System

raidan10y ago

I believe this was mentioned last time TinyCert appeared on HN, but a self-hosted version of this would be more ideal.

I personally use etcd-ca[0] to ease management of my own certificates.

[0] https://github.com/coreos/etcd-ca

radiac10y ago

As you say, I'd prefer to run this sort of thing locally - half the point of running your own CA is that you have full control over it.

strommen10y ago

So just to be clear: whatever you do with the keys generated by this service is trivially pwn-able by TinyCert.

Maybe you trust TinyCert not to be malicious. But do you think they're completely unhackable? A database full of private keys is a mighty tempting reward for attackers.

I wouldn't touch private-key-generation-as-a-service with a 10-foot pole.

sneak10y ago

First, they have to care. Second, they'd have to MITM your network connection. The chance of a single party being able to do both of those is very, very low.

Sure, it's not best practices. Is it better than what R&D teams are doing now? (Unvalidated self-signed certs, or no encryption at all.) Absolutely.

People complaining about this are like people who complain about invalid cert warnings not being strong enough (or too easy to disable) while half the world still browses with http with no warnings.

It's a significant improvement over the status quo.

IgorPartola10y ago

1 more reply

stengaard10y ago

From their FAQ: "Your certificate authorities' and certificates' private keys are generated on the TinyCert servers and stored in the database."

andmarios10y ago

[1] https://github.com/andmarios/quickcert

vdm10y ago

Posted today: http://techblog.netflix.com/2015/09/introducing-lemur.html

chatu10y ago

This is exactly what I needed. Easy to use and you are still in control.

n1x0n99710y ago

re cli - pain^2 , I ended up using xca

throwaway776710y ago

This is insane. It's a service that generates private keys for you and stores copies.

Why would anyone want this? Or is my sarcasm detector way off?

peterwwillis10y ago

There are tons of scripts and other tools that handle the commands for you, too. Do I really need to sign up for yet another website just to perform one operation? (No, and neither should you)

userbinator10y ago

The trend these days seems to be turning everything into a service.

xorcist10y ago

There is CA functionality included in basic OpenSSL:

https://www.openssl.org/docs/manmaster/apps/ca.html

robzyb10y ago

We know. They say very clearly on the front page that one of their advantages is:

> Generate and manage SSL certificates quickly and easily without looking up complex OpenSSL commands.

tzakrajs10y ago

But openssl commands aren't complex. Confusion ensues.

2 more replies

mkesper10y ago

0XAFFE10y ago

dchest10y ago

devNoise10y ago

r1ch10y ago

You can do subdomains, but with only class 1 verification you are limited to one subdomain per cert and the root domain is also included.

fidget10y ago

Not open source.

kolevOP10y ago

I know. I've discussed this with the author, there are some IP issues he's trying to resolve. Outside of this obstacle, his desire is to open-source it.

z9210y ago

It's like self signed certificate. From their FAQ:

"...but any regular user's browser will rightly put up a big fat warning message as they do not trust the root certificate of your TinyCert CAs."

helb10y ago

Not sure i got it right – is it some kind of self-signed/untrusted certificate generation as-a-service?

kolevOP10y ago

berzemus10y ago

There's no such thing as "quick and easy" security..

smegel10y ago

yum install tinyca

j / k navigate · click thread line to collapse