Setting-up a Simple CA Using the strongSwan PKI Tool » History » Version 30

Version 29 (Noel Kuntze, 25.04.2016 00:25) → Version 30/40 (Noel Kuntze, 25.04.2016 00:42)

{{title(Setting-up a Simple CA Using the strongSwan PKI Tool)}}

h1. Setting-up a Simple CA Using the strongSwan PKI Tool


This how-to sets up a Certificate Authority using strongSwan's [[IpsecPKI|PKI tool]] (available since [[4.3.5]]), keeping it as simple as possible.

h2. CA Certificate

First, [[IpsecPKIGen|generate]] a private key, the default generates a 2048 bit RSA key (if this command blocks, refer to [[IpsecPKIGen#Problems-on-Hosts-with-Low-Entropy|this note about hosts with low entropy]]):
ipsec pki --gen > caKey.der

For a real-world setup, make sure to keep this key absolutely private.

Now [[IpsecPKISelf|self-sign]] a CA certificate using the generated key:
ipsec pki --self --in caKey.der --dn "C=CH, O=strongSwan, CN=strongSwan CA" --ca > caCert.der

Adjust the _distinguished name (DN)_ to your needs, it will be included in all issued certificates.

That's it, your CA is ready to issue end-entity certificates.

h2. End Entity Certificates

For *each* peer, i.e. for all VPN clients and VPN gateways in your network, generate an individual private key and [[IpsecPKIIssue|issue]] a matching certificate using your new CA:

ipsec pki --gen > peerKey.der

ipsec pki --pub --in peerKey.der | ipsec pki --issue --cacert caCert.der --cakey caKey.der \
--dn "C=CH, O=strongSwan, CN=peer" > peerCert.der

The second command [[IpsecPKIPub|extracts the public key]] and [[IpsecPKIIssue|issues a certificate]] using your CA.

If you want to add _subjectAltName_ extensions to your certificates use the _--san_ option (can be provided multiple times), for instance, @--san or @--san It is recommended to include the hostname of a gateway as _subjectAltName_ in its certificate.

Depending on your clients there may be additional requirements imposed on gateway certificates, for instance, the [[Win7CertReq|Windows 7 certificate requirements]] or those for [[IOS_(Apple)#Certificate-requirements-for-iOS-interoperability|iOS and Mac OS X clients]].

Distribute each private key and matching certificate to the corresponding peer.

h2. Certificate Revocation Lists (CRL)

In case end entity certificates have to be revoked, Certificate Revocation Lists (CRLs) may be generated with the [[IpsecPkiSigncrl|ipsec pki --signcrl]] command:

ipsec pki --signcrl --cacert caCert.der --cakey caKey.der --reason superseded --cert peerCert.der > crl.der

The certificate given with @--cacert@ must be either a CA certificate or a certificate with the _crlSign_ extended key usage (@--flag crlSign@).

When [[IpsecPKIIssue|issuing certificates]] an URL to a CRL may be added with the @--crl@ argument.

h2. Install certificates

On *each* peer store the following certificates and keys in the [[IpsecDirectory|/etc/ipsec.d/]] subdirectory tree:

* *[[/IpsecDirectoryPrivate|/etc/ipsec.d/private/]]peerKey.der* holds the private key of the given peer.
* *[[/IpsecDirectoryCerts|/etc/ipsec.d/certs/]]peerCert.der* holds the end entitity certificate of the given peer.
* *[[/IpsecDirectoryCacerts|/etc/ipsec.d/cacerts/]]caCert.der* holds the CA certificate which issued and signed all peer certificates.

Never store the private key *caKey.der* of the Certification Authority (CA) on a host with constant direct access to the Internet (e.g. a VPN gateway), since a theft of this master signing key will completely compromise your PKI.

Optionally, the CRL may be stored in the following directory (if the certificate contains an URL to a CRL, it will be fetched on demand):

* *[[/IpsecDirectoryCrls|/etc/ipsec.d/crls/]]crl.der* holds the CRL signed by the CA (or a certificate containing the _crlSign_ EKU).

h3. Install certificates in Android

To import certificates into the strongSwan Android app, they must be bundled together with the required CA certificate and private key into a @PKCS#12@ file.
needs certificates and the private key have to be in @PEM@ format for @openssl pkcs12@ to find them acceptable. @DER@ format is not accepted by it.
The files
PKCS#12 format. You can be bundled into a @PKCS#12@ file by replacing convert the file names from the following examples: certificates/keys created above to PKCS#12:

To convert a @X.509@ certificate from @DER@ to @PEM@
openssl x509 -inform der -outform pem -in caCert.der -out caCert.pem
</pre> openssl x509 -inform der -outform pem -in peerCert.der -out peerCert.pem
To convert a @RSA@ key from @DER@ to @PEM@
openssl rsa -inform der -outform pem -in peerKey.der -out peerKey.pem
To package all of the files into a @PKCS#12@ archive
openssl pkcs12 -in peerCert.pem -inkey peerKey.pem -certfile caCert.pem -export -out peer.p12

The @peer.p12@ file peer.p12 can then be imported in the Android app and contains everything needed by the strongSwan app. StrongSwan client.