The PKIX certificate with racoon

Shoichi Sakane, KAME Project 
$Id: index.html,v 1.3 2002/08/27 05:55:16 sakane Exp $

Introduction

This document is described how to use the PKIX certificate with racoon, IKE daemon. IKE allows to use several certificate for encryption and authentication. At the moment, racoon only supports RSA signature authentication method in all modes of phase 1 exchanges. For example, the certificates are exchanged by 5th and 6th messages in the case of the main mode. Both the initiator and the responder have to prepare own certificate before sending it. The certificate is placed to the certificate repository in PEM format. Racoon can get it from the local file system at the moment. SCEP may be supported in the future.
The version of racoon included in kame-20001113-*-snap or later is required. But it is recommended to use latest version of KAME stack. Racoon leaves all cryptographic algorithm with libcrypto.a of OpenSSL. The version of OpenSSL0.9.5a or later is required. We don't support OpenSSL0.9.4. There are some trouble about X.509v3 certificate handling in OpenSSL0.9.4.

What can racoon do ?

Configuration

To use RSA signature authentication method, you have to define the following directives in a configuration file of racoon. For example, negotiation the IPsec keys with 194.100.55.1 (isakmp-test.ssh.fi), with UserFQDN "sakane@kame.net" as subjectAltNameas. 
	path certificate "/usr/local/openssl/certs";
	remote 194.100.55.1
	{
		exchange_mode main;
		certificate_type x509 "sakane@kame.net.cert" "sakane@kame.net.priv";
		my_identifier asn1dn;
		proposal {
			encryption_algorithm des;
			hash_algorithm md5;
			authentication_method rsasig;
			dh_group 1;
		}
	}
The first line specifies the directory of the certificate repository to be put all certificates. You have to put your certificate, your private key and all of issuer's certificate. In the following description, the directory is called "CERT directory" for convenience.
certificate_type directive specifies the type of certificate. You have to define the type x509 when you want to use a X.509 certificate, and the both file name of own certificate/private key. You have to put them into CERT directory before the negotiation will begin.
my_identifier directive specifies the type of your identifier value, and its type if needed. It is carried onto the peer by the ID payload. The peer may compare between the value and the subjectName if the type is ASN.1 DN. Else the peer may compare between the value and one of the subjectAltName in the certificate. asn1dn is defined in the above example as ASN.1 DN will be used.
authentication_method directive specifies the authentication method in use. When you use a X.509 certificate, you have to define rsasig.

The following is another example. 

	path certificate "/usr/local/openssl/certs";
	remote 194.100.55.1
	{
		exchange_mode main;
		certificate_type x509 "sakane@kame.net.cert" "sakane@kame.net.priv";
		peers_certfile "isakmp-test@ssh.fi.cert";
		my_identifier user_fqdn "sakane@kame.net";
		verify_cert no; 
		send_cert no;
		proposal {
			encryption_algorithm des;
			hash_algorithm md5;
			authentication_method rsasig;
			dh_group modp768;
		}
	}
You can get the certificate from your local disk even if the peer would not send any certificate. peers_certfile directive can allow it. When you want to use a E-mail address as your identifier, and there is your E-mail address in the subjectAltName of your certificate, you can set user_fqdn and your E-mail address to my_identifier. If you don't want to verify the certificate then you have to set "no" into verify_cert directive. If you don't want to send the certificate, you have to set no into send_cert directive.

To get your cert

This section is described how to get a certificate by OpenSSL0.9.5a.
  1. Make the PKCS#10 request for getting your certificate, which will be sent to the CA. for example, RSA key 1024 bits and SHA1 as the signature algorithm: 
      % openssl req -new -nodes -newkey rsa:1024 -sha1 -keyform PEM -keyout privkey.pem -outform PEM -out request.pem
  Using configuration from /usr/local/openssl/openssl.cnf
  Generating a 1024 bit RSA private key
  .........................+++++
  ........+++++
  writing new private key to 'privkey.pem'
  -----
  You are about to be asked to enter information that will be incorporated
  into your certificate request.
  What you are about to enter is what is called a Distinguished Name or a DN.
  There are quite a few fields but you can leave some blank
  For some fields there will be a default value,
  If you enter '.', the field will be left blank.
  -----
  Country Name (2 letter code) [AU]:JP
  State or Province Name (full name) [Some-State]:Kanagawa
  Locality Name (eg, city) []:Fujisawa
  Organization Name (eg, company) [Internet Widgits Pty Ltd]:WIDE Project
  Organizational Unit Name (eg, section) []:KAME Project
  Common Name (eg, YOUR name) []:Shoichi Sakane
  Email Address []:sakane@ydc.co.jp
  
  Please enter the following 'extra' attributes
  to be sent with your certificate request
  A challenge password []:
  An optional company name []:
  2. Send the PKCS#10 request to the CA. Then retrieve your authorized certificate and stored into the certificate repository. For example to use the ssh certificate testing site. Connect to below URL. 
    	http://isakmp-test.ssh.fi/cgi-bin/nph-real-cert/cert.pem
    And copy and paste the content of request.pem into the form. Don't forget to input your subjectAltName.
  3. Alternatively, you can sign your certificate by yourself. For example, reqest.pem is the PKCS#10 request file in PEM format. 
      % openssl x509 -req -in request.pem -signkey privkey.pem -out cert.pem

Issuer's certificate

You have to put some issuer's certificates into CERT directory. It is a unique method to save them in OpenSSL. For example, the filename of the certificate is ssh-ca1.pem. You have to type the following magic word after changing CERT directory. 
  % ln -s ssh-ca1.pem `openssl x509 -noout -hash -in ssh-ca1.pem`.0