Learn how to create server and client SSL certificates using the free CACert certificate authority.
Connecting to a standard Web page can be fraught with peril. The
simplicity of the HTTP protocol leaves it
open to eavesdropping, or worse yet, man-in-the-middle attacks.
Thankfully, though, the Secure Sockets Layer
(SSL) authenticates Web sites and encrypts Web traffic. Whether
you’re paying with a credit card or working with your bank
account balance, SSL provides something priceless: piece of
But what exactly is SSL? How does it protect credit card numbers
from being stolen?
SSL encrypts traffic between your Web browser and a Web server,
encoding and decoding sensitive data. Even if a miscreant
eavesdrops on an SSL connection, he or she would see nothing but
oodles of gibberish.
Beyond encyption though, it’s also necessary to verify the
identity of the Web server. Without some proof, a rogue server
could impersonate a retailer or bank, establish an ersatz
connection, and capture our data nonetheless. Instead, SSL ensures
that the server is authentic.
The Role of the Certificate Authority
While encryption is simple to understand, at least conceptually,
authentication can be somewhat more elusive. Just because a server
says it is amazon.com doesn’t mean it
In real life, when you want to verify someone’s identity,
you have two choices: You can either have someone you trust
introduce you, or you can check the stranger’s identity
documentation, such as a passport or drivers license. Both methods
share the same basic fundamental assumption: Rather than trying to
authenticate an identity by yourself, you delegate that task to a
SSL authentication operates the same way. Instead of making you
verify the identity of every Web site you visit, your browser
delegates that task to one of several trusted third-parties. In the
case of identity documents, your federal, state, or municipal
government is the third-party. In the case of SSL, your browser is
preloaded with several certificate
authorities (CA) that act as trusted third-parties.
Certificate authorities use public key cryptography to perform
identity verification. Public key cryptography provides two keys,
generally called the public key and
private key. Either key can be used to
encrypt messages, and anything encrypted with one key can be
decrypted with the other. In general, though, messages are
encrypted with private keys; public keys are disseminated to allow
others to decrypt messages.
A certificate authority vouches for a Web site’s identity
by signing — or encrypting with a private key — a Web
site’s SSL certificate. Your browser comes preloaded with the
CA’s public key, and if the decrypted certificate matches a
site’s unencrypted certificate, the site can be trusted to be
This is a very simplified explanation of how SSL uses public key
cryptography to allow authentication, but it will serve for our
purposes. Just remember that a certificate authority signs a
website’s SSL certificate to vouch for their identity.
Historically, certificate authorities paid large sums of money
to be included by default in a certain browser. CA’s were
also expected to comply with certain security practices, most
notably one called WebTrust. The high fees
charged kept the number of certificate authorities low, allowing
them to charge high prices for SSL certificates.
But what do you charge if the browser is free, open source
software? In the case of Mozilla, for
example, the policy (available at at
is simple: no fees are charged for inclusion in the browser, but
the CA must pass an independent security audit. So, if the browser
is free, and inclusion is the browser is free, shouldn’t SSL
certificates be free as well? Indeed, that’s the charter of
What is CACert?
"story_link">http://www.cacert.org/) is an independent
certificate authority established to provide security at the right
price: free! CACert believes that SSL certificates shouldn’t
cost an arm and a leg, and that everyone should be able to have
To date, CACert is not yet included in the main browsers like
Firefox, but the organization is actively
working to meet the criteria set by Mozilla. (Because of this,
using CACert requires an extra setup step, which is described
momentarily.) Another one of CACert’s main goals is “to
provide a trust mechanism to go with the security aspects of
encryption.” It accomplishes this mainly through the CACert
Identity Verification Program.
Let’s look at how CACert works.
Before CACert issues you an SSL certificate. it verifies your
identity. There are three options:
1.If another recognized CA has
already verified your identity, CACert accepts that
2.You can have a Notary Public
verify your identity and send that documenation to CACert.
3.You can be verified by a
CACert Assurer. This is also referred to as the “Web of
Trust” (or WoT).
The third option is the one used most often. However, since the
quality of verification by any given assurer might vary, CACert
uses a point system that requires you to be assured by more than
one person before you can do certain things. The point system
breaks out as follows:
points. Someone at this level is considered
points. You can have your full name on a client certificate.
You can get server certificates that are valid for 24 months and
CACert will sign your GPG key, if you have
points. This is the highest score you can get through the
Web of Trust. At this point, you can apply for a code signing
certificate and you can start assuring other people.
points. At this level, you are fully assured. You can now
issue up to 35 points for each assurance you make.
points. This level can only be reached by a temporary
increase from the CACert board. It is used for special events and
to “seed” areas that do not have many assurers. An
assurer with this many points is also called a “super
assurer” and can grant an instant 150 points on the spot.
This increase expires after six weeks.
Once you reach 100 points you can start assuring other people.
CACert, however, recognizes that new assurers may need to go
through the process a few times before getting it completely
correct. Therefore, a new assurer with 100 points can only issue 10
points to someone it assures. The assurer, however, gets 2 points
for each assurance performed, and for each 10 points earned, the
number of points they can issue goes up by 5. Here’s a table
that illustrates that:
points you can issue
By limiting the amount of points an assurer can issue, CACert
makes you get assured by more than one person. The hope is that if
something is wrong with your documentation, having more than one
pair of eyes look over it helps find errors. Also, the sliding
scale guarantees that if you only have new assurers in your area,
you will need to visit more of them before you reach 100
But, enough about how CACert is set up, let’s find out how
to use it.
How To Use CACert
Since the CACert root certificate isn’t in the major
browsers, the first thing you need to do is to import it. Point
your browser at
"story_link">http://www.cacert.org/ and click on the
“Root Certificate” link at the left. If you are using
Firefox, click the link that says
“Root Certificate (PEM Format) ”. It brings up a window
You have been asked to trust a new Certificate
Authority(CA).Do you want to trust “CA Cert Signing
Authority” for the following purposes? Trust this CA to
identify web sites. Trust this CA to identify email users. Trust
this CA to identify software developers. Before trusting this CA
for any purpose, you should examine its certificate and its policy
and procedures(if available).
Click the “View” link to examine the certificate and
check the fingerprints on the certificate. The strings should match
SHA1 Fingerprint: 13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33
MD5 Fingerprint: A6:1B:37:5E:39:0D:9C:36:54:EE:BD:20:31:46:1F:6B
If and only if the fingerprints match, close that window and
chose what you want to trust the CACert Root Certificate to do. At
the very least, check the box to let it identify web sites and
click “Ok”. Firefox imports the CACert Root Certificate
into its data store and can now make use of it to verify
CACert-signed Web sites. (You can check that it was correctly
imported by going to the Firefox preferences, selecting
“Advanced” then “Security,” clicking the
“View Certificates” button, and finally selecting the
“Authorities” tab and scrolling down to “Root
CA”. Firefox should show the “CA Cert Signing
Authority” as a “Software Security Device”. Other
certificate authorities will show up as “Builtin Object
If you’re stuck using Microsoft Windows and Active
Directory, do not despair. You can use the Group Policy Object to
add the CACert Root Certificate to the list of Trusted Root
Certification Authorities and then publish that to all clients in
the directory. This allows system administrators to force Windows
clients to trust the CACert Root Certificate. That way, even though
CACert is not included by default in Internet Explorer, you can
still use it on internal servers without loading the root
certificate on each and every client machine.
Now that the CACert root certificate is imported, let’s
see what we can do with it.
To start, let’s create a client
certificate. While most SSL certificates are server
certificates, the specification also allows clients to also
identify with a certificate. You can use this to log into the
CACert-signed site without using a password.
Log into the CACert website as normal and select “Client
Certificates” from the right hand menu. Click
“New” and select what email address you want included
in the certificate. If you have at least 50 points, you can can
also elect to include your name on the certificate.
After setting the options you want, hit the “Next”
button, select what keysize you want, and then press the button
labeled “Create Certificate Request.” A dialog box
appears, asking you to wait while the certificate is generated.
After a bit, your browser shows a page with a link to the client
certificate. Click that link to load the certificate.
(Unfortunately, if you’re using Firefox, it will appear as if
nothing happened. No feedback at all is generated. If you open the
“View Certificates” window again, however, and select
“Your Certificates” you should see that the certificate
was imported correctly. You can now log out of the CACert website
and try a certificate login.)
Click the “Logout” link at the top right and then
look for the “Cert Login” link under “My
Account”. This allows you to log in using the client
certificate you just imported into your browser. Click it and
marvel at not having to enter a username and password to log
Generating and using a server certificate is a bit more
complicated. The instructions here assume you are using the
Apache HTTP server and
"i">OpenSSL. (Other packages will be slightly different but
follow the same basic procedure.) In a nutshell, you must first
generate a certificate and a special certificate
signing request (or CSR). CACert then signs the certificate
signing request and sends it back to you. You can then install the
SSL certificate where Apache can make use of it.
Before you can generate a server certificate, CACert must verify
that a domain belongs to you. On the CACert site, click
“Domains” and then “Add” to add a domain to
your account. Enter the domain into the input box and hit the
“Add” button. CACert then brings up a list of
“authority email addresses”. These include
"c">webmaster@, and any address included in your
domain’s whois information. Choose an
address that you can receive email at and click the
“Probe” button. CACert adds the domain to your account
and sends an email to the specified address. Inside the e-mail is a
link you can click to verify the domain is yours. You can now
create a certificate signing request and generate an SSL
certificate for your domain.
To create the certificate signing request, create a directory no
one else can access and type this command:
openssl req –nodes -new –keyout private.key –out server.csr
OpenSSL asks you a few questions. The only important one is
“Common Name” since all the rest will be discarded by
CACert since it cannot verify the information. Common Name must be
the hostname of the server that will use the SSL certificate. Make
sure you only hit Return when asked for “extra
opsenssl creates both a private key
(called private.key) and a certificate
signing request (called server.csr). If you
cat the CSR, it should look like this:
-----BEGIN CERTIFICATE REQUEST-----
-----END CERTIFICATE REQUEST-----
Log into the CACert website and select “New” under
“Server Certificates.” There should be an input box to
paste the CSR into. Paste it there and then decide if you want the
SSL certificate signed by the Class 1 root certificate (the one you
imported into Firefox) or the Class 3 root certificate. The Class 3
root certificate requires more setup in Apache, but is considered
For now, just pick “Class 1” and continue. Hit the
“Submit” button and verify that the information
submitted is correct. If the common name matches the correct
hostname, press “Submit” again to generate your server
certificate. It should look like this, some 1,000 characters or
Copy the server certificate to a file like
"i">server.crt in the same directory as your CSR and private
key. Place these where your Apache Web server can read them and
specify the certificate and private key in your apache config file
(A full discussion of how to setup SSL in apache is beyond the
scope of this article, so make sure to check the Apache
documentation for full details.)
In addition to SSL certificates for single hostnames, CACert
also supports embedding multiple hostnames into an SSL certificate
using the “SubjectAltName” field of a CSR. This allows
you to host multiple SSL Web sites on a single IP address. See
"story_link">http://wiki.cacert.org/wiki/VhostsApache for more
information on how to set this up.
CACert allows anyone to generate and use SSL certificates for
free. Enjoy world class security at that right price: nothing! In
the process, you can also learn more about how security works and
how to make your Web site more secure.
Along with the community built by the CACert assurance process,
CACert provides a service unmatched by most other available
Need something here.