
TinyCert – Become Your Own PKI/CA Authority in a Matter of Minutes - kolev
https://www.tinycert.org/
======
brianclements
While not the only one out there[1], I've been hacking a cli tool written in
bash[2] to streamline the OpenSSL commands geared toward a PKI/CA workflow. I
started it mainly for my overall learning of OpenSSL from nothing and for my
small scale needs with my CoreOS servers.

What I learned from this exercise, is that it's not the complexity of the
commands that is the issue with OpenSSL, it's:

1) The importance of consistent naming schemes (for the humans) and PKI
hierarchy design (the nuances of keyUsage, basicConstraints, and
extendedKeyUsage)

2) consistent execution of commands; typos are more likely the more you have
to put in the CLI manually

3) good configuration files aren't utilized enough in most of the tutorials I
found. They can streamline use, archive procedure, and prevent typos as in
point #2.

4) The _importing_ of certs and keys in an automatic way is a sort of dark
corner of the tutorial world. But permissions are super important! I came up
with an import strategy that I think works pretty well.[3] Please examine and
break it!

[1][https://github.com/OpenVPN/easy-rsa](https://github.com/OpenVPN/easy-rsa)

[2][https://github.com/brianclements/pkictl](https://github.com/brianclements/pkictl)

[3][https://github.com/brianclements/pkictl#import](https://github.com/brianclements/pkictl#import)

------
ivanr
I quite like the idea of TinyCert and often wanted to do something similar
myself. Although creating a private CA is not a lot of work initially,
maintaining it is a hassle, especially when you'd rather be doing something
else. TinyCert could be useful for development teams (and other similar non-
security-critical uses) to get rid of self-signed certificates altogether.

However, for me, the fact that they have all the private keys is a deal
breaker. Further, I'd like to see the certificates name-constrained to
specific development hostnames. And I don't like the fact that the keyUsage
and extendedKeyUsage fields are not locked down. If I am going to install a
private CA root, I want to have the smallest possible attack surface.

Overall, if they offer this as something that can be locally installed, it
could be a useful product. Especially if it integrates with a low-cost HSM,
for example [https://www.nitrokey.com/](https://www.nitrokey.com/)

In the meantime, for anyone looking for good documentation on how to achieve
the same using just OpenSSL on the command line, I have an easy-to-follow
guide as part of my OpenSSL Cookbook:

[https://www.feistyduck.com/library/openssl-
cookbook/online/c...](https://www.feistyduck.com/library/openssl-
cookbook/online/ch-openssl.html#openssl-private-ca)

~~~
methou
I agree with maintaining is a hassle, but creating a private CA is also not
that easy. I was building up my own CA, there was still a lot of stuff to take
care of, from policies/keyUsages to CRL/OCSP/SECP, when ECC comes in,
encryption and decryption usages sometimes could be separated. There's whole
lot of tiny little details somewhere makes me to rebuild the CA. I'm on G32
revision.

And the nitrokeys are great, I've never expected an affordable HSM for
home/private use, thank you for mentioning it. I think I'm going to roll out
G33 ;p

------
nspassov
The fact that they keep your private keys in their database is what makes this
a bad idea to use.

Cannot see what kind of people this service is targeted to, since the ones who
understand what a CA is and need to sign their own certificates probably
already know how to use OpenSSL.

~~~
superuser2
OpenSSL's CLI is pretty annoying, and for many (like me!) it mostly consists
of copy-pasting commands into a text editor, modifying them slightly, and
pasting them into a terminal. Could be better. But yeah, trusting a third
party with your private keys isn't an answer.

~~~
ollybee
Maybe look at Dogtag Certificate System

------
raidan
I believe this was mentioned last time TinyCert appeared on HN, but a self-
hosted version of this would be more ideal.

I personally use etcd-ca[0] to ease management of my own certificates.

[0] [https://github.com/coreos/etcd-ca](https://github.com/coreos/etcd-ca)

~~~
radiac
As you say, I'd prefer to run this sort of thing locally - half the point of
running your own CA is that you have full control over it.

I wrote caman
([https://github.com/radiac/caman](https://github.com/radiac/caman)), a bash
script wrapper for openssl with what looks like a similar syntax to etcd-ca. I
posted about it on HN a while back, but it now also supports SAN certificates
and intermediate CAs.

------
strommen
So just to be clear: whatever you do with the keys generated by this service
is trivially pwn-able by TinyCert.

Maybe you trust TinyCert not to be malicious. But do you think they're
completely unhackable? A database full of private keys is a mighty tempting
reward for attackers.

I wouldn't touch private-key-generation-as-a-service with a 10-foot pole.

~~~
sneak
First, they have to care. Second, they'd have to MITM your network connection.
The chance of a single party being able to do both of those is very, very low.

Sure, it's not best practices. Is it better than what R&D teams are doing now?
(Unvalidated self-signed certs, or no encryption at all.) Absolutely.

People complaining about this are like people who complain about invalid cert
warnings not being strong enough (or too easy to disable) while half the world
still browses with http with no warnings.

It's a _significant_ improvement over the status quo.

~~~
IgorPartola
Come on over to my place. I won't MITM you, I promise :). Or we could go down
to the coffee shop down the street. They have free Wi-Fi there too. Or maybe
you'd like to visit my favorite co-working space. How about a conference room
at my corporate office? Or maybe I'm your friendly $DAY_JOB firewall guy with
a hankering to read your email. Perhaps I am your crazy ex working for $ISP.
Or maybe I am on the same public cloud as your server and my VM just happens
to be hosted on the same physical box as yours. There are lots of ways to MITM
a connection that don't require you to do Mission Impossible style of break
ins to tap into the backbone.

~~~
sneak
Good thing you don't run TinyCert. Please resume missing my point.

------
stengaard
From their FAQ: "Your certificate authorities' and certificates' private keys
are generated on the TinyCert servers and stored in the database."

------
andmarios
It seems nice! A few days back I was playing a bit with golang's crypto and
examples and I created a small cli app[1] to generate CAs and private key -
certificate pairs signed by them. I wanted to create a small web service on
top too (no need for sign up though, just check some fields and download a zip
with your files) but haven't find time.

The most difficult problem imo, remains the management and not the creation of
the keys and certs. I occasionally use them to connect backend services
securely, so I have to install the root cert to every server OS and every JVM
based app (here we create a keystore). Then I have to install each private key
and certificate to the appropriate service. If the service is JVM based we
also have to adjust its command line switches. Should a private key get stolen
and we have one root CA for all services, we should delete and recreate
everything. PKI is complex and with tens or hundreds of services its almost
impossible to manage. Even the simplest task, like downloading a file from a
nexus repository by a JVM based app using https and a free StartSSL
certificate is very hard, since Oracle doesn't include StartCom's root CA.

[1]
[https://github.com/andmarios/quickcert](https://github.com/andmarios/quickcert)

------
vdm
Posted today: [http://techblog.netflix.com/2015/09/introducing-
lemur.html](http://techblog.netflix.com/2015/09/introducing-lemur.html)

~~~
chatu
This is exactly what I needed. Easy to use and you are still in control.

------
n1x0n997
As others said, the whole point of having your own CA is that you have full
trust and control over it. If you give someone your root ca private key then
you may as well not have your own PKI at all (I can't see the point).

re cli - pain^2 , I ended up using xca

------
throwaway7767
This is insane. It's a service that generates private keys for you and stores
copies.

Why would anyone want this? Or is my sarcasm detector way off?

------
peterwwillis
It could be i'm totally missing the use-case for this, but personally I think
if you can't take the 30 minutes to google one of the hundreds of guides that
use OpenSSL commands and precompiled win32 binaries to generate three files
you shouldn't be trusted with providing security for a website. Who are these
people who need SSL and don't have 30 minutes to learn this once?

There are tons of scripts and other tools that handle the commands for you,
too. Do I really need to sign up for yet another website just to perform one
operation? (No, and neither should you)

~~~
userbinator
The trend these days seems to be turning _everything_ into a service.

------
xorcist
There is CA functionality included in basic OpenSSL:

[https://www.openssl.org/docs/manmaster/apps/ca.html](https://www.openssl.org/docs/manmaster/apps/ca.html)

~~~
robzyb
We know. They say very clearly on the front page that one of their advantages
is:

> Generate and manage SSL certificates quickly and easily without looking up
> complex OpenSSL commands.

~~~
tzakrajs
But openssl commands aren't complex. Confusion ensues.

~~~
M2Ys4U
I tried generating a self-signed certificate that had multiple SANs the other
day and just gave up because I couldn't get it working.

~~~
xorcist
It doesn't sound like you had trouble with the CA part of OpenSSL if you
created a self-signed cert from the command line.

It might be that there's no (that I know of!) convenient way to specify
extensions such as SAN on the command line. You have to do it via a
configuration file, which you in turn pass as an argument. And that's probably
the way you want to do it anyway if you script things!

As long as you do it that way there should be no problems with signing
certificates, with or without extensions.

------
mkesper
They mention StartSSL for production certificates. Beware that while creating
certificates with them is gratis, REVOKING them will cost you money.
[https://www.techdirt.com/articles/20140409/11442426859/shame...](https://www.techdirt.com/articles/20140409/11442426859/shameful-
security-startcom-charges-people-to-revoke-ssl-certs-vulnerable-to-
heartbleed.shtml)

~~~
0XAFFE
They actually have the most reasonable business model, as they only charge you
for services where human interaction is required (fe checking your credentials
or adding your certificate to the revocation list), anything else like signing
your certificate is free.

~~~
dchest
Note that StartSSL certificates are only free for "non-commercial" use, where
"non-commercial" is not a clearly defined term, e.g. if you domain name
contains businessy terms , such as "sell", they will refuse to issue a free
cert.

------
fidget
Not open source.

~~~
kolev
I know. I've discussed this with the author, there are some IP issues he's
trying to resolve. Outside of this obstacle, his desire is to open-source it.

------
z92
It's like self signed certificate. From their FAQ:

"...but any regular user's browser will rightly put up a big fat warning
message as they do not trust the root certificate of your TinyCert CAs."

------
helb
Not sure i got it right – is it some kind of self-signed/untrusted certificate
generation as-a-service?

~~~
kolev
Pretty much, yes. It has an API as well. You have to accept the root
certificate of the authority you create in the browser and then you don't have
do accept all self-signed certificates based on it. It's aiming to ease
development, it's not to be used in production.

------
berzemus
There's no such thing as "quick and easy" security..

------
smegel
yum install tinyca

