= phenomenon = The https://koji.fedoraproject.org server certificate is signed with MD5. Signing certificates with MD5 is no longer recommended due to [http://www.win.tue.nl/hashclash/rogue-ca/ a successful collision attack]. While this attack probably doesn't apply to the Fedora CA (since user certificates use SHA-1), the need to access Koji prevents paranoid users like me from globally disabling the use of MD5 with NSS_HASH_ALG_SUPPORT=-MD5 .
= recommendation = Please re-issue the certificate with a better hash function (presumably SHA-1).
Any update on this? This actually looks relatively reasonable and easy to do.
I can do this, but no access on koji.fedoraproject.org.
the best way I know, is this:[[BR]] Step 1: convert koji x509 certificate (the md5 hashed one) to a certification request with sha1 hash:[[BR]]
{{{ openssl x509 -x509toreq -in koji-md5.crt -signkey koji.key -sha1 -out koji-sha1.req }}}
Step 2: issue the certification request with Fedora CA certificate:[[BR]]
{{{ openssl x509 -req -in koji-sha1.req -CA Fedora-CA.crt -CAkey Fedora-CA.key -CAcreateserial -out koji-sha1.crt }}}
as you may know, private key is not a subject of modification. we can still use koji-md5.crt as a secondary certificate, but I prefer to revoke it after we made sure that everything is ok.
we have a helper script we use when we need to manually generate certs. it writes out a config file on the fly, and what it writes out defaults to md5. ive generated a new cert that has sha1 sum and put it in place. fixing the script permanently now.
ow, you have generated a complete new certificate! anything that has signed with the previous key is now INVALID! doesn't this make any problem?! I were trying to reissue without invalidating previous issued subjects ...
Login to comment on this ticket.