> On Apr 5, 2017, at 10:33 PM, Alice Wonder <al...@domblogger.net> wrote:
>
> I just updated one of my mail servers to self-signed. The signed certificate
> expires in few weeks so I can switch back if I did something wrong.
>
> https://ssl-tools.net/mailservers/deviant.email
>
> That gives a red flag for Unknown Authority. Which being self-signed it is,
> so I assume that red flag is meaningless?
Yes, largely meaningless. There is a handful of broken sending systems that
abort TLS when the peer certificate does not verify, and achieve their lofty
security goals by sending in the clear instead. Go figure. Just ignore them.
> I know most SMTP servers never bother with validating CA certificates, I have
> personally found many that even have hostname mismatch yet other SMTP servers
> still connect to them securely, so I think I am fine.
Yes.
> However is there a way to check that my self-signed cert "does things right"
> as far as what *should* be in a SMTP self-signed cert?
For best interoperability its subjectAltNames should include any DNS name of
the host that is used in the MX records of any domain. The public should be
RSA (or you can deploy both RSA and ECDSA keys), a popular strength is 2048
bits. The signature algorithm should be SHA2-256.
What I see with your certificate (trimmed of all hex data key and signature
data) is:
Certificate:
Data:
Version: 1 (0x0)
Serial Number:
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=California, L=Redding, O=Alice Wonder Miscreations,
CN=mail.deviant.email/emailAddress=ad...@librelamp.com
Validity
Not Before: Apr 5 12:31:43 2017 GMT
Not After : Apr 5 12:31:43 2018 GMT
Subject: C=US, ST=California, L=Redding, O=Alice Wonder Miscreations,
CN=mail.deviant.email/emailAddress=ad...@librelamp.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
You should probably switch from SHA1 to SHA2-256, and mint a version 3,
certificate. For extensions, I'd set subjectAltName, basicConstraints
and extendedKeyUsage. A "bash" "one-liner" for all the above is:
$ (
umask 077
fqdn=mail.deviant.email
rm certkey.pem; exec >> certkey.pem
openssl req \
-new -newkey rsa:2048 -nodes -keyout /dev/stdout \
-x509 -days 36525 -extensions ext \
-config <(
echo "[req]"
echo "prompt = no"
echo "distinguished_name = dn"
echo "[dn]"
echo "CN = $fqdn"
echo "[ext]"
echo "basicConstraints = critical,CA:false"
echo "extendedKeyUsage = serverAuth,clientAuth"
echo "subjectAltName = @san"
echo "[san]"
echo "DNS.1 = $fqdn"
)
)
which yields a certificate resembling:
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=mail.deviant.email
Validity
Not Before: Apr 6 03:20:52 2017 GMT
Not After : Apr 7 03:20:52 2117 GMT
Subject: CN=mail.deviant.email
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Subject Alternative Name:
DNS:mail.deviant.email
Signature Algorithm: sha256WithRSAEncryption
--
Viktor.
