WASD Hypertext Services - Technical Overview

This section is not a tutorial on SSL. It contains only information relating to WASD's use of it. Refer to the listed references, 17.6 - SSL References, for further information on SSL technology.

The Secure Sockets Layer protocol (SSL) is designed to provide a secure channel between two communicating applications, in the case of HTTP between the browser (client) and the HTTPd (server). It also authenticates server and optionally client identity. SSL operates by establishing an encrypted communication path between the two applications, "wrapping" the entire application protocol inside the secure link, providing complete privacy for the entire transaction. In this way security-related data such as user identification and password, as well as sensitive transaction information can be effectively protected from unauthorized access while in transit.

SSL functionality is not supplied with the basic WASD package. In part this is due to the relative bulk of this component, but also considers potential patent issues and export restrictions on some cryptography technology in some jurisdictions.

WASD implements SSL using a freely available software toolkit supported by the OpenSSL Project, in particular the VMS port, to which Richard Levitte (levitte@lp.se) and Robert Byer (ByerRA@aol.com) have been significant contributors.

OpenSSL is a continuing development of the SSLeay toolkit (pronounced "S-S-L-E-A-Y", i.e. all letters spelt), authored by Eric Young and Tim Hudson. OpenSSL licensing allows unrestricted commercial and non-commercial use. This toolkit is in use regardless of whether the WASD OpenSSL package, HP SSL for OpenVMS Alpha, IA64 and (now - late 2003) VAX product, or other stand-alone OpenSSL environment is installed.

It is always preferable to move to the latest support release of OpenSSL as known bugs in previous versions are progressively addressed (ignoring the issue of new bugs being introduced ;^).

Cryptography Software

Be aware that export/import and/or use of cryptography software, or even just providing cryptography hooks, is illegal in some parts of the world. When you re-distribute this package or even email patches/suggestions to the author or other people PLEASE PAY CLOSE ATTENTION TO ANY APPLICABLE EXPORT/IMPORT LAWS. The author of this package is not liable for any violations you make here.

Some Thoughts From R. S. Engelschall

Ralf S. Engelschall (rse@engelschall.com) is the author of the popular Apache mod_ssl package. This section is taken from the mod_ssl read-me and is well-worth some consideration for this and software security issues in general.

You should be very sensible when using cryptography software, because just running an SSL server DOES NOT mean your system is then secure! This is for a number of reasons. The following questions illustrate some of the problems. SSL itself may not be secure. People think it is, do you? Does this code implement SSL correctly? Have the authors of the various components put in back doors? Does the code take appropriate measures to keep private keys private? To what extent is your cooperation in this process required? Is your system physically secure? Is your system appropriately secured from intrusion over the network? Whom do you trust? Do you understand the trust relationship involved in SSL certificates? Do your system administrators? Are your keys, and keys you trust, generated careful[ly] enough to avoid reverse engineering of the private keys? How do you obtain certificates, keys, and the like, securely? Can you trust your users to safeguard their private keys? Can you trust your browser to safeguard its generated private key? If you can't answer these questions to your personal satisfaction, then you usually have a problem. Even if you can, you may still NOT be secure. Don't blame the authors if it all goes horribly wrong. Use it at your own risk!

SSL Overhead

SSL adds a significant overhead to an HTTP transaction for the following reasons.

• An initial connection establishment, where the client and server exchange cryptographic data and authorize the transaction.

• The transaction transfer, where all application data must be processed by the CPU into an encrypted stream, and back ... very expensive processes.

• The encrypted data contains more bytes than the raw data, increasing network transfer time.

• Other miscellaneous SSL handshaking for the life of the transaction.

For these reasons SSL HTTP is slower and has far greater impact on the server system CPU than standard HTTP and therefore should only be used when transaction privacy is required, not as a general HTTP service. Also, if a general HTTP and an SSL HTTP service is provided on a multi-processor system, with one or other or both experiencing significant traffic, then the two services should be run in separate processes.

Interoperability

WASD SSL has been used against a wide variety of browsers and certificates. Most combinations work. Some do not, usually related to the level of encryption required by some certificates precluding export-grade browsers from connecting.

To date OpenSSL certificates, and those from Thawte and VeriSign have been deployed on WASD servers.

WASD supports both 40bit, USA "export-grade" encryption, as well as 128-bit, full-strength, USA "domestic-grade" encryption. Note that as of early 2000, 128-bit USA domestic-grade encryption has been generally available due to changes in USA Federal Government export restriction policy. Netscape Navigator 4.73 and Microsoft Internet Explorer 5.5 and later now provide this level of encryption as standard.

The "/SSL" qualifier controls which version(s) of the SSL protocol the server will support; "2", "3" or "23" (i.e. versions 2 and 3, also the default). Using /NOSSL disables the SSL functionality of an SSL executable. There are also per-service configuration directives for tailoring the protocol version.

HTTP-to-SSL Gateway

The WASD proxy service can provide an HTTP-to-SSL gateway, allowing standard HTTP clients to connect to Secure Sockets Layer services. See 16.5.4 - Originating SSL.

17.1 - SSL Functionality Sources

Secure Sockets Layer functionality is easily integrated into WASD and is available from one (or more) of three sources. See 17.2 - WASD SSL Quick-Start for the basics of installing WASD SSL and 17.3 - SSL Configuration for configuration of various aspects.

1. The HP SSL (Secure Sockets Layer) for OpenVMS Alpha/IA64/VAX product

   http://www.openvms.compaq.com/openvms/products/ssl/ssl.html

   This is provided from the directory

   SYS$COMMON:[SSL]

   containing shared libraries, executables and templates for certificate management, etc. If this product is installed and started up the WASD installation and update procedures should detect it and provide the option of compiling and/or linking WASD against it's sharable libraries.

2. As a separate, easily integrated WASD OpenSSL package, with OpenSSL object libraries, OpenSSL utility object modules for building executables and WASD support files. It requires no compilation, only linking, and is available for Alpha, IA64 (Itanium) and VAX for VMS version 6.0 up to current. Obtain these from the same source as the main package.

   WASD SSL installation creates an OpenSSL directory in the source area

   HT_ROOT:[SRC.OPENSSL-n_n_n]  (look for it here)

   containing the OpenSSL copyright notice, object libraries, object modules for building executables, example certificates, and some other support files and documentation.

3. Using a locally compiled and installed OpenSSL toolkit.

SSL functionality can be installed with a new package, or with an update, or it can be added to an existing non-SSL enabled site. The following steps give a quick outline for support of SSL.

1. If using the HP SSL for OpenVMS Alpha/IA64/VAX product or an already installed OpenSSL toolkit go directly to step 2. To install the WASD OpenSSL package the ZIP archive needs to be restored.
   • The ZIP archive will contain brief installation instructions. Use the following command to read this and any other information provided.

       $ UNZIP -z device:[dir]archive.ZIP
     

   • UNZIP the WASD SSL package.

       $ SET DEFAULT HT_ROOT:[000000]
       $ UNZIP "-V" device:[dir]archive.ZIP
     

2. It is then necessary to build the HTTPd SSL executables. This can be done in either of two ways.
   • During an original INSTALL or subsequent UPDATE of the entire package. As of v8.1 these procedures detect a suitable SSL toolkit and prompt the user whether an SSL enabled server should be built.

   • To to add SSL functionality to an existing but non-SSL site just the SSL components can be built using the following procedure.

       $ @HT_ROOT:[INSTALL]UPDATE SSL
     

3. Once linked the UPDATE.COM procedure will prompt for permission to execute the demonstration/check procedure.

   It is also possible to check the SSL package at any other time using the server demonstration procedure. It is necessary to specify that it is to use the SSL executable. Follow the displayed instructions.

     $ @HT_ROOT:[INSTALL]DEMO.COM SSL
   

4. Modification of server startup procedures should not be necessary. If an SSL image is detected during startup it will be used in preference to the standard image.

5. Modify the HTTPD$CONFIG configuration file to specify an SSL service. For example the following creates both a standard HTTP service on the default port 80 and an SSL service on the default port 443

     [Service]
     the.host.name
     https://the.host.name
   

6. Shutdown the server completely, then restart.

     $ HTTPD /DO=EXIT
     $ @HT_ROOT:[STARTUP]STARTUP
   

7. To check the functionality (on default ports) access the server via

   Standard HTTP

     http://the.host.name/
   

   SSL HTTP

     https://the.host.name/
   

8. Once the server has been proved functional with the example certificate it is recommended that a server-specific certificate be created using the tools described in 17.4 - Certificate Management. This may then be used by placing it in the appropriate local directory, assigning the WASD_SSL_CERT symbol appropriately before startup.

The example HTTPd startup procedure already contains support for the SSL executable. If this has been used as the basis for startup then an SSL executable will be started automatically, rather than the standard executable. The SSL executable supports both standard HTTP services (ports) and HTTPS services (ports). These must be configured using the [service] parameter. SSL services are distinguished by specifying "https:" in the parameter. The default port for an SSL service is 443.

WASD can configure services using the HTTPD$CONFIG [service] directive, the HTTPD$SERVICE configuration file, or even the /SERVICE= qualifier.

17.3.1 - HTTPD$CONFIG [Service]

The following example illustrates creating two services using the HTTPD$CONFIG [Service] directive; a standard HTTP service on the default port 80, and an SSL service on the default port 443.

  [Service]
  alpha.host.name
  https://alpha.host.name

The one further requirement of an SSL server is a certificate. By default this is located using the HTTPD$SSL_CERT logical name during startup, however if required, each SSL service can have an individual certificate configured against it using the syntax shown in this example.

  [Service]
  alpha.host.name
  https://alpha.host.name;cert=ht_root:[local]alpha.pem
  https://beta.host.name;cert=ht_root:[local]beta.pem

SSL service configuration using the HTTPD$SERVICE configuration is slightly simpler, with a specific configuration directive for each aspect. See 9 - Service Configuration. This example illustrates configuring the same services as used in the previous section.

  [[http://alpha.host.name:80]]
 
  [[https://alpha.host.name:443]]
  [ServiceSSLcert]  ht_root:[local]alpha.pem
 
  [[https://beta.host.name:443]]
  [ServiceSSLcert]  ht_root:[local]beta.pem

The server certificate is used by the browser to authenticate the server against the server certificate Certificate Authority (CA), in making a secure connection, and in establishing a trust relationship between the browser and server. By default this is located using the HTTPD$SSL_CERT logical name during startup, however if required, each SSL service can have an individual certificate configured against it as shown above.

17.3.4 - SSL Private key

The private key is used to validate and enable the server certificate. A private key is enabled using a secret, a password. It is common practice to embed this (encrypted) password within the private key data. This private key can be appended to the server certificate file, or it can be supplied separately. If provided separately it is by default located using the HTTPD$SSL_KEY logical, though can be specified on a per-service basis. When the password is embedded in the private key information it becomes vulnerable to being stolen as an enabled key. For this reason it is possible to provide the password separately and manually.

If the password key is not found with the key during startup the server will request that it be entered at the command-line. This request is made via the HTTPDMON "STATUS:" line (23.8 - HTTPd Monitor), and if any OPCOM category is enabled via an operator message (6.10 - OPCOM Logging). If the private key password is not available with the key it is recommended that OPCOM be configured, enabled and monitored at all times.

When a private key password is requested by the server it is supplied using the /DO=SSL=KEY=PASSWORD directive (5.5.2 - Server Command Line Control). This must be used at the command line on the same system as the server is executing. The server then prompts for the password.

  Enter private key password []:

Multiple virtual SSL services (https:) sharing the same certificate (and other characteristics) can essentially be configured against any host name (unique IP address or host name alias) and/or port in the same way as standard services (http:). Services requiring unique certificates can only be configured for the same port number against individual and unique IP addresses (i.e. not against aliases).

This is not a WASD restriction, it applies to all servers for significant technical reasons. Secure Sockets Layer is designed to wrap an entire application protocol (in this case HTTP). HTTP virtual services use the "Host:" field of the request header to determine which service the client intended to use. This requires the network connection established and at least the request header transfered and processed. For an SSL service establishing the connection requires a complex transaction involving, amongst other things, certificate exchange. Hence, the certificate (and all other SSL parameters) must be determined at the time the server accepts the initial connection request. At that point the only defining characteristics can be IP address and port, and therefore services requiring unique certificates must be unique either by address or port. Services sharing certificates do not have this restriction and so may be configured against host name aliases.

For example, unique certificates for https://www.company1.com:443/ and https://www.company2.com:443/ can be configured only if COMPANY1 and COMPANY2 have unique IP addresses. If COMPANY2 is an host name alias for COMPANY1 they must share the same certificate. During startup service configuration the server checks for such conditions, forces subsequent services to use the same SSL characteristsics as the first configured, and issues a warning about this "sharing".

17.3.6 - SSL Access Control

When authorization is in place (15 - Authentication and Authorization) access to username/password controlled data/functionality benefits enormously from the privacy of an authorization environment inherently secured via the encrypted communications of SSL. In addition there is the possibility of authentication via client X.509 certification (17.3.7 - Authorization Using X.509 Certification). SSL may be used as part of the site's access control policy, as whole-of-site, see 15.2 - Authentication Policy, or on a per-path basis, see 13.7 - Conditional Mapping and Access Restriction List.

17.3.7 - Authorization Using X.509 Certification

The server access control functionality (authentication and authorization) allows the use of public key infrastructure (PKI) X.509 v3 client certificates for establishing identity and based on that apply authorization constraints. See 15 - Authentication and Authorization for general information on WASD authorization and 15.4 - Authorization Configuration File for configuring a X509 realm. 17.6 - SSL References provides introductory references on public-key cryptography and PKI.

A client certificate is stored by the browser. During an SSL transaction the server can request that such a certificate be provided. For the initial instance of such a request the browser activates a dialog requesting the user select one of any certificates it has installed. If selected it is transmitted securely to the server which will usually (though optionally not) authenticate it's Certificate Authority to establish it's integrity. If accepted it can then be used as an authenticated identity. This obviates the use of username/password dialogs.

Important

---

Neither username/password nor certificate-based authentication addresses security issues related to access to individual machines and stored certificates, or to password confidentiality. Public-key cryptography only verifies that a private key used to sign some data corresponds to the public key in a certificate. It is a user responsibility to protect a machine's physical security and to keep private-key passwords secret.

---

The initial negotiation and verification of a client certificate is a relatively resource intensive process. Once established however, OpenSSL sessions are stored in a cache, reducing subsequent request overheads significantly. Each cache entry has a specified expiry period after which the client is forced to negotiate a new session. This period is adjustable using the "[LT:integer]" and "[TO:integer]" directives described below.

17.3.8 - Features

WASD provides a range of capabilities when using X.509 client certificates.

• By Service - all SSL connections to such a service will be requested to supply a client certificate during the initial SSL handshake. This is more efficient than requesting later in the transaction, as happens with per-resource authorization. A client cannot connect successfully to this type of service without supplying an acceptable certificate.

• By Resource - using authorization rules in the HTTPD$AUTH file specifying a path against an [X509] realm causes the server to suspend request processing and renegotiate with the client to supply a certificate. If a suitable certificate is supplied the request authorization continues with normal processing. This obviously incurs an additional network transaction.

• Optional access control - once an acceptable certificate is supplied it can be subject to further access control by matching against its contents. The Issuer (CA) and the Subject (client) Distinguished Name (DN) has various components including the name of the organization providing the certificate (e.g. "VeriSign", "Thawte"), location, common name, email address, etc. Those certificates matching or not matching the parameters are allowed or denied access.

• Certificate verification - by default supplied certificates have their CA verified by comparing to a list of recognised CA certificates stored in a server configuration file. If the CA component of the client certificate cannot be verified the connection is terminated before the HTTP request can begin. Although this is obviously required behaviour for authentication there may be other circumstances where verification is not required, a certificate content display service for instance. WASD optionally allows non-verified certificates to be used on a per-resource basis.

• "Fingerprint" REMOTE_USER - when a certificate is accepted by the server it generates a unique fingerprint of the certificate. By default, this 32 digit hexadecimal number is used by the server as an effective username, one that would normally be supplied via a username/password dialog (as an alternative see the section immediately below). This effective username becomes that available via the CGI variable REMOTE_USER. Although a 32 digit number is not particularly site-administrator friendly it is a unique representation (MD5 digest) of the individual certificate and can be used in HTTPD$AUTH access-restriction directives and included in group lists and databases for full WASD authorization control.

• DN record REMOTE_USER - provides an alternative to using a "fingerprint" REMOTE_USER. Using the [RU:/record=] conditional (see below) is becomes possible to specify that the remote-user string be obtained from the specified record of the client certificate subject field. Note that there is a (fairly generous) size limitation on the user name and that any white-space in such a record is converted to underscores. Although any record can be used the more obvious candidates are /O=, /OU=, /CN=, /S=, /UID= and /EMAIL=. Note that (even with the default CA verfication) the certificate CAs that this is possible against should be further constrained through the use of a [IS:/record=string] conditional (see example below).

Of course, the WASD SSL component must be installed and in use to apply client X.509 certificate authorization. There is general server setup, then per-service and per-resource configuration.

General Setup

Client certificate authorization has reasonable defaults. If some aspect requires site refinement the following /SSL= qualifier parameters can provide per-server defaults.

• (CACHE=integer) sets the session size (128 entries by default)

• (CAFILE=file-name) sets the location of the CA verification store file (also can be set via HTTPD$SSL_CAFILE logical).

• (TIMEOUT=integer) sets the session expiry period in minutes (5 by default)

• (VERIFY=integer) sets the depth to which client certificate CAs are verified (default is 2)

The location of the CA verification file can also be determined using the logical name HTTPD$SSL_CAFILE. The order of precedence for using these specifications is

1. per-service configuration using HTTPD$SERVICE or HTTPD$CONFIG

2. per-server using /SSL=CAFILE=filename

3. per-server using HTTPD$SSL_CAFILE

To enable client certification for all requests on a per-service basis the following HTTPD$CONFIG directive may be used. A non-default CA verification file can also optionally be supplied.

  [Service]
  https://the.host.name;verify
  https://the.host.name;cafile=HT_ROOT:[LOCAL]CA_THE_HOST_NAME.TXT

When HTTPD$SERVICE is in use a service-specific directive is provided for both per-service verification and per-service CA file specification (allowing different services to accept a different mix of CAs).

  [[https://the.host.name:443]]
  [ServiceSSLclientVerifyRequired]  enabled
  [ServiceSSLclientCAfile]  HT_ROOT:[LOCAL]CA_THE_HOST_NAME.TXT

Client certificate authorization is probably most usefully applied on a per-resource (per-request-path) basis using HTTPD$AUTH configuration file rules. Of course, per-resource control also applies to services that always require a client certificate (the only difference is the certificate has already been negotiated for during the initial connection handshake). The reserved realm name "X509" activates client certificate authentication when a rule belonging to that realm is triggered. The following example shows such a rule providing read access to those possessing any verified certificate.

  [X509]
  /path/requiring/cert/* r

Optional directives may be supplied to the X.509 authenticator controlling what mode the certificate is accepted in, as well a further access-restriction rules on specifically which certificates may or may not be accepted for authorization. Such directives are passed via the "param=" mechanism. The following real-life example shows a script path requiring a mandatory certificate, but not necessarily having the CA verified. This would allow a certificate display service to be established, the "[to:EXPIRED]" directive forcing the client to explicitly select a certificate with each access.

  [X509]
  /cgi-bin/client_cert_details r,param="[vf:OPTIONAL][to:EXPIRED]"

A number of such directives are available controlling some aspects of the certificate negotiation and verification. The "[LT:integer]" directive causes a verified certificate selection to continue to be valid for the specified period as long as requests continue during that period (lifetime is reset with each access).

• [DP:integer] verify certificate CA chain to this depth (default 10)

• [LT:integer] verified certificate lifetime in minutes (disabled by default)

• [RU:/record=] derive the remote-user name from the specified certificate subject field DN record

• [TO:integer] session cache entry timeout in minutes (default 5)

• [TO:EXPIRED] session cache entry is forced to expire (initating renegotiation)

• [VF:NONE] no certificate is required (any existing is cancelled)

• [VF:OPTIONAL] certificate is required, CA verification is not required

• [VF:REQUIRED] the certificate must pass CA verification (the default)

Optional "param=" passed conditionals may also be used to provide additional filtering on which certificates may or may not be used against the particular path. This is based on pattern matching against client certificate components.

• [CI:string] transaction cipher

• [IS:/record=string] specified Issuer (CA) DN record only

• [IS:string] entire Issuer (CA) DN

• [KS:integer] minimum key size

• [SU:/record=string] specified Subject (client) DN record only

• [SU:string] entire Subject (client) DN

These function and can be used in a similar fashion to mapping rule conditionals (13.7 - Conditional Mapping). This includes the logical ORing, ANDing and negating of conditionals. Asterisk wildcards match any zero or more characters, percent characters any single character. Matching is case-insensitive.

Note that the "IS:" and "SU:" conditionals each have a specific-record and an entire-field mode. If the conditional string begins with a slash then it is considered to be a match against a specified record contents within the field. If it begins with a wildcard then it is matched against the entire field contents. Certificate DN records recognised by WASD,

/C= countryName

/ST= stateOrProvinceName

/SP= stateOrProvinceName

/L= localityName

/O= organizationName

/OU= organizationalUnitName

/CN= commonName

/T= title

/I= initials

/G= givenName

/S= surname

/D= description

/UID= uniqueIdentifier

/Email= pkcs9_emailAddress

The following (fairly contrived) examples provide an illustration of the basics of X509 conditionals. When matching against Issuer and Subject DNs some knowlege of their contents and structure is required (see 17.6 - SSL References for some basic resources).

  [X509]
  # only give "VeriSign"ed ones access
  /controlled/path1/* r+w,param="[IS:/O=VeriSign\ Inc.]"
  # only give non-"VeriSign"ed ones access
  /controlled/path2/* r+w,param="[!IS:/O=VeriSign\ Inc.]"
  # only allow 128 bit keys using RC4-MD5 access
  /controlled/path3/* r+w,param="[KS:128][CI:RC4-MD5]"
  # only give a "Thawte"-signed client based in Australia
  # with the following email address access
  /controlled/path4/* r+w,param="\
  [IS:*/O=Thawte\ Consulting\ cc/*]\
  [SU:*/C=AU/*/Email=mark.daniel@wasd.vsm.com.au*]"
  # use the subject DN common-name record as the remote-user name
  # furthermore, restrict the CA's allowed to be used this way
  /VMS/* r+w,param="[RU:/CN=][IS:/O=WASD\ HTTPd\ CA\ Cert]"

Of course, access control via group membership is also available. The effective username for the list is the 32 digit fingerprint of the client certificate (shown as REMOTE_USER IN the first example of 17.3.11 - X.509 Authorization CGI Variables), or the Subject DN record as specified using the [RU:/record=] directive. This may be entered into simple lists as part of a group of which membership then controls access to the resource. The following examples show the contents of simple list files containing the X.509 fingerprints, derived remote-user names, and the required HTTPD$AUTH realm entries.

  # FINGERPRINTS.$HTL
  # (a file of X.509 fingerprints for access to "/path/requiring/cert/")
  106C8342890A1703AAA517317B145BF7  mark.daniel@wasd.vsm.com.au
  6ADA07108C20338ADDC3613D6D8B159D  just.another@where.ever.com
 
  # CERT_CN.$HTL
  # (a file of X.509 remote-user names derived using [RU:/CN=]
  Mark_Daniel mark.daniel@wasd.vsm.com.au
  Just_Another just.another@where.ever.com
 
  [X509;FINGERPRINTS=list]
  /path/requiring/cert/* r+w
 
  [X509;CERT_CN=list]
  /path/requiring/cn/* r+w

In a similar fashion the effective username can be placed in an access restriction list. The following configuration would only allow the user of the certificate access to the specified resources. Other verified certificate holders would be denied access.

  [X509]
  /httpd/-/admin/* ~106C8342890A1703AAA517317B145BF7,r+w
  /ht_root/local/* ~106C8342890A1703AAA517317B145BF7,r+w
 
  /other/path/* ~Mark_Daniel,r+w,param="[ru:/cn=]"
  /yet/another/path/* ~Just_Another,r+w,param="[ru:/cn=]"

For the CA certificate component of the client certificate to be verified as being what it claims to be (and thus establishing the integrity of the client certificate) a list of such certificates must be provided for comparison purposes. For WASD this list is contained in a single, plain-text file variously specified using either the HTTPD$SSL_CAFILE logical or per-service ";cafile=" or "[ServiceSSLclientCAfile]" directives.

Copies of CA certificates are available for such purposes. The PEM copies (base-64 encoded versions of the binary certificate) can be placed into this file using any desired text editor. Comments may be inserted by prefixing with the "#" or "!" characters. For WASD this would be best stored in the HT_ROOT:[LOCAL] directory, or site equivalent.

An example of how such a file appears is provided below (ellipses inserted to reduce the bulk of example). There is one of these per certificate authority.

  ################################################################
 
  Verisign Class 1 Public Primary Certification Authority
  =======================================================
  MD5 Fingerprint: 97:60:E8:57:5F:D3:50:47:E5:43:0C:94:36:8A:B0:62
  PEM Data:
  -----BEGIN CERTIFICATE-----
  MIICPTCCAaYCEQDNun9W8N/kvFT+IqyzcqpVMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
  BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
  c3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
   ...
  FvjqBUuUfx3CHMjjt/QQQDwTw18fU+hI5Ia0e6E1sHslurjTjqs/OJ0ANACY89Fx
  lA==
  -----END CERTIFICATE-----
  Certificate Ingredients:
      Data:
          Version: 1 (0x0)
          Serial Number:
              cd:ba:7f:56:f0:df:e4:bc:54:fe:22:ac:b3:72:aa:55
          Signature Algorithm: md2WithRSAEncryption
          Issuer: C=US, O=VeriSign, Inc., OU=Class 1 Public Primary
   ...
          35:b0:7b:25:ba:b8:d3:8e:ab:3f:38:9d:00:34:00:98:f3:d1:
          71:94
 
  ################################################################

The WASD SSL package provides an example CA verification file constructed from all the certificates provided in Netscape Navigator CERT7.DB file. This has been generated for and obtained from the Apache mod_ssl package, being used for the same purpose with that. The WASD file name is CA-BUNDLE_CRT.TXT and is usually located in HT_ROOT:[LOCAL]. The exact date and mod_ssl version it was obtained from can be found in the opening commentary of the file itself. The contents of this file can easily be pared down to the minimum certificates required for any given site. The more certificates in the file the greater the overhead in verifying any given client.

17.3.11 - X.509 Authorization CGI Variables

CGI variables specific to client certificate authorization are always generated for use by scripts and SSI documents. These along with the general WASD authorization variables are shown in the example below. Note, that due to length of particular items some in this example are displayed wrapped.

  WWW_AUTH_ACCESS == "READ+WRITE"
  WWW_AUTH_GROUP == ""
  WWW_AUTH_REALM == "X509"
  WWW_AUTH_REALM_DESCRIPTION == "X509 Client Certs"
  WWW_AUTH_TYPE == "X509"
  WWW_AUTH_USER == "Mark Daniel, mark.daniel@wasd.vsm.com.au"
  WWW_AUTH_X509_CIPHER == "RC4-MD5"
  WWW_AUTH_X509_FINGERPRINT == "10:6C:83:42:89:0A:17:03:AA:A5:17:31:7B:14:5B:F7"
  WWW_AUTH_X509_ISSUER == "/O=VeriSign, Inc./OU=VeriSign Trust
  Network/OU=www.verisign.com/repository/RPA Incorp. By
  Ref.,LIAB.LTD(c)98/CN=VeriSign Class 1 CA Individual Subscriber-Persona Not
  Validated"
  WWW_AUTH_X509_KEYSIZE == "128"
  WWW_AUTH_X509_SUBJECT == "/O=VeriSign, Inc./OU=VeriSign Trust
  Network/OU=www.verisign.com/repository/RPA Incorp. by
  Ref.,LIAB.LTD(c)98/OU=Persona Not Validated/OU=Digital ID Class 1 - Netscape
  /CN=Mark Daniel/Email=mark.daniel@wasd.vsm.com.au"
  WWW_REMOTE_USER == "106C8342890A1703AAA517317B145BF7"

Other CGI variables optionally may be enabled using HTTPD$MAP mapping rules. See 17.5 - SSL CGI Variables. Specific client certificate variables providing the details of such certificates are available with SSLCGI=apache_mod_ssl. These are of course in addition to the more general apache_mod_ssl variables described in the above section. Note that where some ASN.1 records are duplicated (as in SSL_CLIENT_S_DN) some variables will contain newline characters (0x10) between those elements (e.g. SSL_CLIENT_S_DN_OU). The line breaks in this example do not necesarily reflect those characters.

  WWW_SSL_CLIENT_A_KEY == "rsaEncryption"
  WWW_SSL_CLIENT_A_SIG == "md5WithRSAEncryption"
  WWW_SSL_CLIENT_I_DN == "/O=VeriSign, Inc./OU=VeriSign Trust Network
  /OU=www.verisign.com/repository/RPA Incorp. By Ref.,LIAB.LTD(c)98
  /CN=VeriSign Class 1 CA Individual Subscriber-Persona Not Validated"
  WWW_SSL_CLIENT_I_DN_CN == "VeriSign Class 1 CA Individual Subscriber-Persona
  Not Validated"
  WWW_SSL_CLIENT_I_DN_O == "VeriSign, Inc."
  WWW_SSL_CLIENT_I_DN_OU == "VeriSign Trust Network
  www.verisign.com/repository/RPA Incorp. By Ref.,LIAB.LTD(c)98"
  WWW_SSL_CLIENT_M_SERIAL == "0BF233D4FE232A90F3F98B2CE0D7DADA"
  WWW_SSL_CLIENT_M_VERSION == "3"
  WWW_SSL_CLIENT_S_DN == "/O=VeriSign, Inc./OU=VeriSign Trust Network
  /OU=www.verisign.com/repository/RPA Incorp. by Ref.,LIAB.LTD(c)98
  /OU=Persona Not Validated/OU=Digital ID Class 1 - Netscape
  /CN=Mark Daniel/Email=mark.daniel@wasd.vsm.com.au"
  WWW_SSL_CLIENT_S_DN_CN == "Mark Daniel"
  WWW_SSL_CLIENT_S_DN_EMAIL == "mark.daniel@wasd.vsm.com.au"
  WWW_SSL_CLIENT_S_DN_O == "VeriSign, Inc."
  WWW_SSL_CLIENT_S_DN_OU == "VeriSign Trust Network
  www.verisign.com/repository/RPA Incorp. by Ref.,LIAB.LTD(c)98
  Persona Not Validated.Digital ID Class 1 - Netscape"
  WWW_SSL_CLIENT_V_END == "Feb 10 23:59:59 2001 GMT"
  WWW_SSL_CLIENT_V_START == "Dec 12 00:00:00 2000 GMT"

This is not a tutorial on X.509 certificates and their management. Refer to the listed references, 17.6 - SSL References, for further information on this aspect. It does provide some basic guidelines.

Certificates identify something or someone, associating a public cryptographic key with the identity of the certificate holder. It includes a distinguished name, identification and signature of the certificate authority (CA, the issuer and guarantor of the certificate), and the period for which the certificate is valid, possibly with other, additional information.

The three types of certificates of interest here should not be confused.

• CA - The Certificate Authority identifies the authority, or organization, that issues a certificate.

• Server - Identifies a particular end-service. It's value as an guarantee of identity is founded in the authority of the organization that issues the certificate. It is the certificate specified to the server at startup.

• Client - Identifies a particular client to a server via SSL (client authentication). Typically, the identity of the client is assumed to be the same as the identity of a human being. Again, it's value as an guarantee of identity is founded in the authority of the organization that issues the certificate.

The various OpenSSL tools are available for management of all of these certificate types in each of the three SSL environments.

• The HP SSL for OpenVMS Alpha/IA64/VAX product provides the "SSL Certificate Tool" procedure can be used to perform most required certificate management tasks from a menu-driven interface.

    $ @SSL$COM:SSL$CERT_TOOL.COM
   
             S S L   C e r t i f i c a t e   T o o l
   
                             Main Menu
   
        1. View a Certificate
        2. View a Certificate Signing Request
        3. Create a Certificate Signing Request
        4. Create a Self-Signed Certificate
        5. Create a CA (Certification Authority) Certificate
        6. Sign a Certificate Signing Request
        7. Hash Certificates
        8. Hash Certificate Revocations
        9. Exit
   
       Enter Option:
  

• The WASD OpenSSL kit provides elementary DCL procedures and brief notes in the

  HT_ROOT:[SRC.OPENSSL-n_n_n.WASD]  (look for it here)

  directory for some procedure-driven support of these activities.

• The standard OpenSSL toolkit provides a number of command-line tools for creation and management of X.509 certificates.

The server uses a certificate to establish it's identity during the initial phase of the SSL protocol exchange. Each server should have a unique certificate. An example certificate is provided with the WASD SSL package. If this is not available (for instance when using the HP SSL for OpenVMS Alpha/IA64/VAX product) then the server will fallback to an internal, default certificate that allows SSL functionality even when no external certification is available. If a "live" SSL site is required a unique certificate issued by a third-party Certificate Authority is desirable.

A working alternative to obtaining one of these certificates is provided by the WASD support DCL procedures, which are quick hacks to ease the production of certificates on an ad hoc basis. In all cases it is preferable to directly use the utilities provided with OpenSSL, but the documentation tends to be rather sparse.

The first requirement may be a tailored "Certificate Authority" certificate. As the Certificate Authority is non-authoritative (not trying to be too oxymoronic, i.e. not a well-known CA) these certificates have little value except to allow SSL transactions to be established with trusting clients. More commonly "Server Certificates" for specific host names are required.

Loading Authority Certificates

CA certificates can be loaded into browsers to allow sites using that CA to be accessed by that browser without further dialog. Both Netscape Navigator (v3.n & v4.n, v5.n, v6.n) and MS Internet Explorer (v4.n, v5.n) automatically invokes a server certificate load dialog when it encounters a site using a valid but unknown server certificate.

A manual load is accomplished by requesting the certificate in a format appropriate to the particular browser. This triggers a browser dialog with the user to confirm or refuse the loading of that certificate into the browser Certificate Authority database.

To facilitate loading CA certificates into a browser ensure the following entries are contained in the HTTP$CONFIG configuration file:

  [AddIcon]
  /httpd/-/binary.gif  [BIN]  application/x-x509-ca-cert
 
  [AddType]
  .CRT  application/x-x509-ca-cert  -  DER certifcate (MSIE)
  .PEM  application/x-x509-ca-cert  -  Privacy Enhanced Mail certificate

Then just provide a link to the required certificate file(s), and click. Navigator should be able to load using either certificate format. MSIE v3.n will load and report on the ".CRT" certificate quite contentedly, but then will not allow it to be used because it does not represent a well-known Certficate Authority. MSIE v4.n and v5.n seem able to use the ".CRT" certificate.

Changing Server Certificates

If a site's server (or CA certificate) is changed and the server restarted any executing browsers will probably complain (Netscape Navigator reports an I/O error). In this case open the browser's certificate database and delete any relevant, permanently stored certificate entry, then close and restart the browser. The next access should initiate the server certificate dialog, or the CA certificate may be explicitly reloaded.

17.4.2 - Client Certificate

As with server certificates, client certficates are best obtained from a recognised Certificate Authority. However, for testing and experimental purposes WASD provides some elementary CGI scripts and DCL procedures to assist in locally generating X.509 client certificates and installing them into user browsers.

Manual Generation

The OpenSSL CA certificate generation utility can be used at the command line to process a CSR. That CSR could have been generated via an online HTML form.

Semi-Automatic Generation

Using this approach the user generates a Certificate Signing Request (CSR) online, which is then further processed off-line, at the discretion of the site administrator. Only Netscape browsers are supported for what is described below.

1. Provide an HTML form with the appropriate fields for each of the required ASN.1 fields used in X.509 certificates, plus a special, Netscape-sepcific one named <KEYGEN>, which allows the creation of a user's private-key. The user completes the elements of that form and when submitted the contents are emailed to the site administrator. A CSR can be freely transmitted as open text because it is secured by the private-key generated and only stored on the user's local machine.

2. The site administrator receives such a CSR by email. At that person's discretion and availability the CSR is input (cut-and-paste to eliminate errors) to a form activating a local CGI script requiring authorization for activation. The CGI script processes the CSR submitted by the form and creates using the OpenSSL CA certificate signing utility to generate a certificate (or an error if there is a problem).

3. If a client certificate is successfully generated it can either be delivered back to the user via email, for local saving and import, or made available for a short period via the Web for the user to collect (via a file with the content-type of "application/x-x509-user-cert"). Notification of such availability could be made using email.

A basic DCL procedure providing such a facility is

HT_ROOT:[SRC.OPENSSL-n_n_n.WASD]CLIENT_CERT_REQUEST.COM

This semi-automatic method would probably be the author's preference over the on-demand approach (see below).

Generation On-Demand

Automatic, on-demand client certificate generation allows any user (subject to access controls) to generate a client certificate automatically via an online service. While this may not generally be a useful thing for a site to provide there may be occasions for it's use. It is a three part process. Only Netscape browsers are supported for what is described below.

1. As with the semi-automatic approach an HTML form allows a user to input and submit certificate details.

2. The submitted form activates a CGI script which collates the form details generating the Certificate Signing Request (CSR). The CSR is then used directly by the OpenSSL CA certificate signing utility to generate a certificate (or an error if there is a problem).

3. If a client certificate is successfully generated it is delivered back to the browser with a content-type of "application/x-x509-user-cert" which results in the browser installing it in it's certificate database.

HT_ROOT:[SRC.OPENSSL-n_n_n.WASD]CLIENT_CERT_REQUEST.COM

Recognised Certificate Authorities (CAs) such as Thawte and VeriSign publish lists of requirements for obtaining a server certificate. These often include such documents required to prove organisational name and the right to use the domain name being requested. Check the particular vendor for the exact requirements.

In addition, a document containing the site's private key is required. This is known as the Certificate Signing Request (CSR) and must be generated digitally at the originating site.

Using the HP SSL for OpenVMS Alpha/IA64/VAX product "SSL Certificate Tool" described in 17.4 - Certificate Management a CSR can easily be generated using it's menu-driven interface. The alternative is using a command-line interface tool.

The following instructions provide the basics for generating a CSR at the command-line in the WASD and generally the any OpenSSL environment (including the HP SSL for OpenVMS Alpha/IA64/VAX product).

1. Change to a secure directory. The following is a suggestion.

     $ SET DEFAULT HT_ROOT:[LOCAL]
   

2. Assign a foreign verb for the OPENSSL application. The location may vary a little depending on which OpenSSL package you have installed.

     $ OPENSSL == "$HT_ROOT:[SRC.OPENSSL-version.AXP.EXE.APPS]OPENSSL.EXE"
   

   When using the HP SSL for OpenVMS Alpha/IA64/VAX product or other OpenSSL toolkit the verb may already be available.

     $ SHOW SYMBOL OPENSSL
       OPENSSL == "$ SSL$EXE:OPENSSL"
   

3. Specify a source of lots of "random" data (can be any big file for the purposes of this exercise).

     $ RANDFILE = "HT_EXE:HTTPD_SSL.EXE"
   

4. Find the template configuration file. You will need to specify this location in a step described below. Should be something like the following.

     HT_ROOT:[SRC.OPENSSL-version.WASD]TEMPLATE.CNF
   

5. Generate your private key (RANDFILE data is used by this). The output from this looks something like what's shown. Notice the pass phrase prompts. This is your private key, don't forget it!

     $ OPENSSL GENRSA -DES3 -OUT SERVER.KEY 1024
    
     Generating RSA private key, 1024 bit long modulus
     .....++++++
     ......++++++
     e is 65537 (0x10001)
     Enter PEM pass phrase:
     Verifying password - Enter PEM pass phrase:
   

6. Generate the Certificate Signing Request using syntax similar to the following (this is where you are required to specify the location of the configuration template). Note that there are quite a few fields - GET THEM RIGHT! They need to be unique and local - they're your distinguishing name (DN). "Common Name" is the host you want the certificate for. It can be a fully qualifier host name (e.g. "klaatu.local.net"), or a local wildcard (e.g. "*.local.net") for which you may pay more.

     $ OPENSSL REQ -NEW -KEY SERVER.KEY -OUT SERVER.CSR -CONFIG -
     HT_ROOT:[SRC.OPENSSL-0_9_6B.WASD]TEMPLATE.CNF
    
     Using configuration from template.cnf
     Enter PEM pass phrase:
     You are about to be asked to enter information that will be
     incorporated into your certificate request.
     What you are about to enter is what is called a Distinguished Name
     or a DN.
     There are quite a few fields but you can leave some blank
     For some fields there will be a default value,
     If you enter '.', the field will be left blank.
     -----
     Country Name (2 letter code) [AU]:AU
     State or Province Name (full name) [Some-State]:South Australia
     Locality Name (eg, city) []:Adelaide
     Organization Name (eg, company) [Internet Widgits Pty Ltd]:Example
     Organizational Unit Name (eg, section) []:WASD
     Common Name (eg, YOUR name) []:klaatu.local.net
     Email Address []:Mark.Daniel@wasd.vsm.com.au
     Please enter the following 'extra' attributes
     to be sent with your certificate request
     A challenge password []:
     An optional company name []:
   

7. That's it! You should have two files in your default directory.

     SERVER.CSR;1               2  14-MAR-2002 04:38:26.15
     SERVER.KEY;1               2  14-MAR-2002 04:31:38.76
   

   Keep the SERVER.KEY file secure. You'll need it when you receive the certificate back from the CA.

   The SERVER.CSR is what you send to the CA (usually by mail or Web form). It looks something like the following

     $ TYPE SERVER.CSR
     -----BEGIN CERTIFICATE REQUEST-----
     MIIBPTCB6AIBADCBhDELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2Fw
     ZTESMBAGA1UEBxMJQ2FwZSBUb3duMRQwEgYDVQQKEwtPcHBvcnR1bml0aTEYMBYG
     A1UECxMPT25saW5lIFNlcnZpY2VzMRowGAYDVQQDExF3d3cuZm9yd2FyZC5jby56
     YTBaMA0GCSqGSIb3DQEBAQUAA0kAMEYCQQDT5oxxeBWu5WLHD/G4BJ+PobiC9d7S
     6pDvAjuyC+dPAnL0d91tXdm2j190D1kgDoSp5ZyGSgwJh2V7diuuPlHDAgEDoAAw
     DQYJKoZIhvcNAQEEBQADQQBf8ZHIu4H8ik2vZQngXh8v+iGnAXD1AvUjuDPCWzFu
     pReiq7UR8Z0wiJBeaqiuvTDnTFMz6oCq6htdH7/tvKhh
     -----END CERTIFICATE REQUEST-----
   

   You can see the details of this file using

     $ OPENSSL RSA -NOOUT -TEXT -IN SERVER.CSR
   

Once the signed certificate has been issued by the Certificate Authority it can be placed directly into the server configuration directory, usually HT_ROOT:[LOCAL], and configured for use from there. Using the certificate direct from the CA requires that the private key password be given to the server each time (17.3.4 - SSL Private key). It is possible to embed the password into the certificate key so that this is not required.

Remember to keep original files secure, only work on copies!

1. Assign a foreign verb for the OPENSSL application. The location may vary a little depending on which OpenSSL package you have installed.

     $ OPENSSL == "$HT_ROOT:[SRC.OPENSSL-version.AXP.EXE.APPS]OPENSSL.EXE"
   

   When using the HP SSL for OpenVMS Alpha/IA64/VAX product or other OpenSSL toolkit the verb may already be available.

     $ SHOW SYMBOL OPENSSL
       OPENSSL == "$ SSL$EXE:OPENSSL"
   

2. Go to wherever you want to do the work.

     $ SET DEFAULT HT_ROOT:[LOCAL]
   

3. Using the original key file embed your password into a copy. When prompted "Enter PEM pass phrase:" enter the password.

     $ OPENSSL rsa -in SERVER.KEY -out WORK.PEM
   

4. Append this password-embedded key file to your certificate file.

     $ COPY CERTIFICATE.PEM,WORK.PEM CERTIFICATE.PEM;0
   

5. Delete the temporary file.

     $ DELETE WORK.PEM;*
   

CGI variables specific to SSL transactions optionally may be enabled using HTTPD$MAP mapping rules. See 13.4.5 - SET Rule in 13 - Mapping Rules. The may be done on a specific per-path or general CGI basis. Two variations are available, one reflecting Purveyor Secure Web Server style variables, the other the Apache mod_ssl style. In the following examples, due to length of particular items, some in this example are displayed wrapped. Also, where some ASN.1 records are duplicated (as in SSL_CLIENT_S_DN), some variables will contain newline characters (0x10) between those elements (e.g. SSL_CLIENT_S_DN_OU). The line breaks in the examples do not necesarily reflect those characters.

set /path/* SSLCGI=purveyor

  WWW_SECURITY_STATUS == "SSL"
  WWW_SSL_CIPHER == "RC4-MD5"
  WWW_SSL_CIPHER_KEYSIZE == "128"
  WWW_SSL_CLIENT_AUTHENTICATED == "TRUE"
  WWW_SSL_CLIENT_CA == "/O=VeriSign, Inc./OU=VeriSign Trust Network
  /OU=www.verisign.com/repository/RPA Incorp. By Ref.,LIAB.LTD(c)98
  /CN=VeriSign Class 1 CA Individual Subscriber-Persona Not Validated"
  WWW_SSL_CLIENT_DN == "/O=VeriSign, Inc./OU=VeriSign Trust Network
  /OU=www.verisign.com/repository/RPA Incorp. by Ref.,LIAB.LTD(c)98
  /OU=Persona Not Validated/OU=Digital ID Class 1 - Netscape
  /CN=Mark Daniel/Email=mark.daniel@wasd.vsm.com.au"
  WWW_SSL_SERVER_CA == "/C=AU/ST=SA/L=Adelaide/O=WASD HTTPd CA Cert
  /OU=OpenSSL 0.9.6 Testing Only/CN=WASD VMS Hypertext Services
  /Email=Mark.Daniel@wasd.vsm.com.au"
  WWW_SSL_SERVER_DN == "/C=AU/ST=SA/L=Adelaide/O=WASD HTTPd Server Cert
  /OU=OpenSSL 0.9.6 Testing Only/CN=WASD VMS Hypertext Services
  /Email=Mark.Daniel@wasd.vsm.com.au"
  WWW_SSL_VERSION == "SSLv3"

Note that this example also shows SSL_CLIENT_... variables. These will only be present if the request is X.509 certificate authenticated.

set /path/* SSLCGI=apache_mod_ssl

  WWW_SSL_CIPHER == "RC4-MD5"
  WWW_SSL_CIPHER_ALGKEYSIZE == "128"
  WWW_SSL_CIPHER_USEKEYSIZE == "128"
  WWW_SSL_PROTOCOL == "SSLv3"
  WWW_SSL_SERVER_A_KEY == "rsaEncryption"
  WWW_SSL_SERVER_A_SIG == "md5WithRSAEncryption"
  WWW_SSL_SERVER_I_DN == "/C=AU/ST=SA/L=Adelaide/O=WASD HTTPd CA Cert
  /OU=OpenSSL 0.9.6 Testing Only/CN=WASD VMS Hypertext Services
  /Email=Mark.Daniel@wasd.vsm.com.au"
  WWW_SSL_SERVER_I_DN_C == "AU"
  WWW_SSL_SERVER_I_DN_CN == "WASD VMS Hypertext Services"
  WWW_SSL_SERVER_I_DN_EMAIL == "Mark.Daniel@wasd.vsm.com.au"
  WWW_SSL_SERVER_I_DN_L == "Adelaide"
  WWW_SSL_SERVER_I_DN_O == "WASD HTTPd CA Cert"
  WWW_SSL_SERVER_I_DN_OU == "OpenSSL 0.9.6 Testing Only"
  WWW_SSL_SERVER_I_DN_ST == "SA"
  WWW_SSL_SERVER_M_SERIAL == "01"
  WWW_SSL_SERVER_M_VERSION == "3"
  WWW_SSL_SERVER_S_DN == "/C=AU/ST=SA/L=Adelaide/O=WASD HTTPd Server Cert
  /OU=OpenSSL 0.9.6 Testing Only/CN=WASD VMS Hypertext Services
  /Email=Mark.Daniel@wasd.vsm.com.au"
  WWW_SSL_SERVER_S_DN_C == "AU"
  WWW_SSL_SERVER_S_DN_CN == "WASD VMS Hypertext Services"
  WWW_SSL_SERVER_S_DN_EMAIL == "Mark.Daniel@wasd.vsm.com.au"
  WWW_SSL_SERVER_S_DN_L == "Adelaide"
  WWW_SSL_SERVER_S_DN_O == "WASD HTTPd Server Cert"
  WWW_SSL_SERVER_S_DN_OU == "OpenSSL 0.9.6 Testing Only"
  WWW_SSL_SERVER_S_DN_ST == "SA"
  WWW_SSL_SERVER_V_END == "Sep 25 00:03:30 2005 GMT"
  WWW_SSL_SERVER_V_START == "Sep 26 00:03:30 2000 GMT"
  WWW_SSL_SESSION_ID == "344d1b01aa0636cb809eacf270279005f56cd5ebe1154569df810e56003ac70f"
  WWW_SSL_VERSION_INTERFACE == "HTTPd-WASD/7.2.0 OpenVMS/AXP SSL"
  WWW_SSL_VERSION_LIBRARY == "OpenSSL 0.9.6 24 Sep 2000"

The Apache mod_ssl client certificate details described in 17.3.11 - X.509 Authorization CGI Variables above are not shown in the above example but would be included if the request was X.509 authenticated.

17.6 - SSL References

The following provide a starting-point for investigating SSL and OpenSSL further (verified available at time of publication).

• http://www.openssl.org/
  OpenSSL Project. This site is the prime source for the full toolkit, documentation, related links, news and support via mailing lists, etc.

• http://www.openvms.compaq.com/openvms/products/ssl/ssl.html
  The HP SSL (Secure Sockets Layer) for OpenVMS Alpha/IA64/VAX product.
  The "Open Source Security for OpenVMS Alpha, Volume 2: Compaq SSL (Secure Sockets Layer) for OpenVMS Alpha" guide (see next link) available in PDF or HTML from this site (and the OpenVMS 7.3-1 and later documentation CD-ROM) is particularly comprehensive and relevant.

• http://www.openvms.compaq.com:8000/731final/6661/6661pro.htm
  http://www.openvms.compaq.com:8000/731final/documentation/pdf/ovms_731_open_source_ssl.pdf
  Open Source Security for OpenVMS Alpha, Volume 2: Compaq SSL (Secure Sockets Layer) for OpenVMS Alpha

• http://www.openvms.compaq.com/openvms/products/ips/apache/SSL_Resource_Guide.html
  The CSWS SSL Resource Guide. Contains links to a broad range of subjects and organisations.

• http://www.mozilla.org/projects/security/pki/nss/ref/ssl/
  Mozilla.org's SSL Reference

• http://www.rsasecurity.com/standards/ssl/basics.html
  RSA's SSL Basics for Internet Users

• http://www.rsasecurity.com/rsalabs/faq/
  ftp://ftp.rsasecurity.com/pub/labsfaq/rsalabs_faq41.pdf
  RSA's FAQ on Cryptography

• http://docs.sun.com/source/816-6156-10/
  Sun Microsystems' Introduction to SSL

• http://docs.sun.com/source/816-6154-10/
  Sun Microsystems' Introduction to Public-Key Cryptography

• http://www.cs.auckland.ac.nz/~pgut001/links.html
  "Encryption and Security-related Resources" ... an (almost rediculously) exhaustive list of security and cryptography links, including some on SSL.