Transcription
IBM Education Assistance for z/OS V2R2Items: OCSP (Online Certificate Status Protocol)PKCS#12 Certificate KeystoreElement/Component: System SSLMaterial current as of May 2015 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionAgenda Trademarks Presentation Objectives Overview Usage & Invocation Presentation Summary AppendixPage 2 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionTrademarks See url http://www.ibm.com/legal/copytrade.shtml for a list of trademarks.Page 3 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionPresentation Objectives At the end of this presentation, you should have an understanding of theSystem SSL enhancements for:– OCSP (Online Certificate Status Protocol)– PKCS#12 Certificate Keystore How to use these enhancements Understand how these enhancements affect installation and migrationPage 4 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionOverview: OCSP (Online Certificate Status Protocol) Problem Statement / Need Addressed– Need easy and quick manner to determine certificate revocationstatus during the SSL/TLS handshake and when calling CertificateManagement routine gsk validate certificate mode()– System SSL supports the retrieval of Certificate Revocation Lists(CRLs) from an LDAP server to determine revocation status CRLs can be very large which makes retrieval and storing themdifficult CRL must be parsed to determine if the certificate is revoked CRL caching has some limitations:– Unable to set the cache size or the maximum size in bytesof a CRL allowed to be store in the cache– Global cache time out – All CRLs expire at the same timebased upon when the first CRL was added to the cachePage 5 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionOverview: OCSP (Online Certificate Status Protocol) Problem Statement / Need Addressed (continued) CRL caching has some limitations (continued)– LDAP timeout – At the mercy of the LDAP server honoringthe timeout value– Need ability to retrieve CRLs from HTTP servers– Support is needed for OCSP (Online Certificate Status Protocol) –RFC 2560Page 6 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionOverview: OCSP (Online Certificate Status Protocol) Solution– Add support for OCSP (Online Certificate Status Protocol)– Enhancements to LDAP CRL support: Set cache size and cache entry max size Allow CRLs to expire at different times based upon theirindividual expiration time Allow LDAP timeout to be honored in System SSL in case LDAPserver does not respond in a timely manner– Add support for HTTP CRLs retrieval Benefit / Value– Removes restriction that revocation information must be stored inan LDAP directory– Ability to utilize revocation information identified specifically to thecertificate being validated– Timely retrieval of revocation information - OCSPPage 7 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionOverview: OCSP (Online Certificate Status Protocol) Prior to z/OS V2R2, SystemSSL supports certificaterevocation through CRLs storedin a LDAP directory– LDAP Directory ServerName– Userid– Password CRLs are located througheither a x.500 directory namespecified in the certificates CRLDistribution Point Extension orthe certificate's issuer namePage 8 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionOverview: OCSP (Online Certificate Status Protocol) CRLs obtained through anHTTP URI are identified by theCRL Distribution Pointextension within the certificatebeing validated.Page 9 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionOverview: OCSP (Online Certificate Status Protocol) OCSP was created as analternative to certificaterevocation lists (CRLs) Provides a timely retrieval ofrevocation information OCSP Responders (Servers)are identified through either the:– Authority InformationAccess (AIA) extensionwithin the certificate beingvalidated– Locally specified OCSPResponderPage 10 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionOverview: OCSP (Online Certificate Status Protocol) By default no revocation checking is performed Each revocation method must be enabled to be used Default Revocation order when revocation methods are enabled– OCSP URL dedicated responder– Authority Information Access (AIA) extension– CRL Distribution Point (CDP) Extension (HTTP URI)– LDAP Server In storage caching is enabled by default for each enabled revocationmethod Revocation information will be allowed to stay in the cache for its definedvalidity period– For example, nextUpdate value in the OCSP ResponsePage 11 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionOverview: OCSP (Online Certificate Status Protocol) System SSL applications now have the capability to:– Enable all or a subset of the revocation methods– Override the default revocation order– Tailor the size of the internal caches and entries– Customize the communication timeout and data sizes whenretrieving OCSP responses, HTTP CRLs or LDAP CRLs System SSL applications are able to tailor the revocation processingthrough either environment variables or API attribute values Applications using gsk validate certificate mode() have the capability tospecify OCSP, HTTP CDP and LDAP datasources.– New gsk create revocation source() routine has been added toassist with the creation of the revocation data sources.– New gsk free revocation source() routine frees the memoryassociated with the data sources when desired.Page 12 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionOverview: OCSP (Online Certificate Status Protocol) OCSP uses HTTP to communicate with an OCSP responder (server) System SSL in this case is an OCSP client OCSP request contains the serial number of the certificate being checkedfor revocation If OCSP request is well formed, OCSP responder returns the certificaterevocation status:– Good (certificate is not revoked)– Revoked– Unknown (OCSP responder does not know about this particularcertificate)Page 13 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation - OCSP New OCSP related environment variables and attribute types:– GSK OCSP ENABLE [ON OFF]– GSK OCSP URL url – GSK OCSP URL PRIORITY [ON OFF]– GSK OCSP REQUEST SIGKEYLABEL label – GSK OCSP REQUEST SIGALG sigAlg – GSK OCSP RETRIEVE VIA GET [ ON OFF ]– GSK OCSP PROXY SERVER NAME serverName – GSK OCSP PROXY SERVER PORT [1 – 65535]– GSK OCSP NONCE GENERATION ENABLE [ON OFF]– GSK OCSP NONCE CHECK ENABLE [ON OFF]– GSK OCSP NONCE SIZE [8 – 256]– GSK OCSP CLIENT CACHE SIZE [0 – 32000]– GSK OCSP CLIENT CACHE ENTRY MAXSIZE [0 – 32000 ]– GSK OCSP MAX RESPONSE SIZE [0 – 2147483647]– GSK OCSP RESPONSE TIMEOUT [0 – 43200]Page 14 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation - OCSP GSK OCSP ENABLE [ON OFF] – Specifies whether the AIA extensionsin certificates are to be used for revocation checking– gsk attribute [sg]et enum() GSK OCSP ENABLE OFF: Default GSK OCSP ENABLE ON GSK OCSP URL url – Specifies the HTTP URL of an OCSP responder– Certificates do not need an AIA extension to check an OCSPresponder for revocation information– gsk attribute [sg]et buffer() GSK OCSP URL PRIORITY [ON OFF] – Indicates if theGSK OCSP URL defined responder is checked before the responders inthe AIA extension– gsk attribute [sg]et enum() GSK OCSP URL PRIORITY OFF GSK OCSP URL PRIORITY ON: DefaultPage 15 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation - OCSP GSK OCSP REQUEST SIGKEYLABEL label – Specifies the label ofthe key used to sign OCSP requests to the GSK OCSP URL definedresponder– gsk attribute [sg]et buffer() - Default: NULL GSK OCSP REQUEST SIGALG sigAlg – Specifies the hash andsignature algorithm pair used to sign OCSP requests to theGSK OCSP URL defined responder– gsk attribute [sg]et buffer() - Default: 0401 (RSA with SHA256) GSK OCSP RETRIEVE VIA GET [ ON OFF ] - Specifies if the HTTPGET method should be used when sending an OCSP request– gsk attribute [sg]et enum() GSK OCSP RETRIEVE VIA GET OFF: Default – Use POST GSK OCSP RETRIEVE VIA GET ONPage 16 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation - OCSP GSK OCSP PROXY SERVER NAME serverName – Specifies theDNS name or IP address of the OCSP proxy server– gsk attribute [sg]et buffer() - Default: NULL GSK OCSP PROXY SERVER PORT [1 – 65535] – Specifies the OCSPproxy server port– gsk attribute [sg]et numeric value() - Default: 80Page 17 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation - OCSP GSK OCSP NONCE GENERATION ENABLE [ON OFF] – Specifies ifOCSP requests include a generated nonce– gsk attribute [sg]et enum() GSK OCSP NONCE GENERATION ENABLE ON GSK OCSP NONCE GENERATION ENABLE OFF: Default GSK OCSP NONCE CHECK ENABLE [ON OFF] – Specifies if OCSPresponse nonce checking is enabled. (Setting this to ON sets*GENERATION ENABLE to ON)– gsk attribute [sg]et enum() GSK OCSP NONCE CHECK ENABLE ON GSK OCSP NONCE CHECK ENABLE OFF: Default GSK OCSP NONCE SIZE [8 – 256] – Specifies the size in bytes for thevalue of the nonce to be sent in OCSP requests– gsk attribute [sg]et numeric value() - Default: 8Page 18 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation - OCSP GSK OCSP CLIENT CACHE SIZE [0 – 32000] – Specifies themaximum number of OCSP responses or cached certificate statuses tobe kept in the OCSP response cache– gsk attribute [sg]et numeric value() - Default: 256 GSK OCSP CLIENT CACHE ENTRY MAXSIZE [0 – 32000 ] Specifies the maximum number of OCSP responses or cached certificatestatuses that are allowed to be kept in the OCSP response cache for anissuing CA certificate– gsk attribute [sg]et numeric value() - Default: 0 GSK OCSP MAX RESPONSE SIZE [0 – 2147483647] – Specifies themaximum size in bytes that is accepted as a response from an OCSPresponder.– gsk attribute [sg]et numeric value() - Default: 20480 (20K) GSK OCSP RESPONSE TIMEOUT [0 – 43200] – Specifies the time inseconds to wait for a response from the OCSP responder– gsk attribute [sg]et numeric value() - Default: 15Page 19 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation – HTTP CRL New HTTP CRL related environment variables and attribute types:– GSK HTTP CDP ENABLE [ON OFF]– GSK HTTP CDP CACHE SIZE [0 – 32000]– GSK HTTP CDP CACHE ENTRY MAXSIZE [0 – 2147483647]– GSK HTTP CDP PROXY SERVER NAME serverName – GSK HTTP CDP PROXY SERVER PORT [1 – 65535]– GSK HTTP CDP MAX RESPONSE SIZE [0 – 2147483647]– GSK HTTP CDP RESPONSE TIMEOUT [0 – 43200]Page 20 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation - HTTP CRL GSK HTTP CDP ENABLE [ON OFF] – Specifies if certificaterevocation checking with the HTTP URI values in the CDP extension isenabled.– gsk attribute [sg]et enum() GSK HTTP CDP ENABLE ON GSK HTTP CDP ENABLE OFF: Default GSK HTTP CDP CACHE SIZE [0 – 32000] - Specifies the maximumnumber of CRLs that are allowed to be stored in the HTTP CDP CRLcache.– gsk attribute [sg]et numeric value() - Default: 32 GSK HTTP CDP CACHE ENTRY MAXSIZE [0 – 2147483647] –Specifies the maximum size in bytes of a CRL that is allowed to be storedin the HTTP CDP CRL cache.– gsk attribute [sg]et numeric value() - Default: 0Page 21 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation - HTTP CRL GSK HTTP CDP PROXY SERVER NAME serverName - Specifiesthe DNS name or IP address of the HTTP proxy server for HTTP CDPCRL retrieval– gsk attribute [sg]et buffer() - Default: NULL GSK HTTP CDP PROXY SERVER PORT [1 – 65535] – Specifies theHTTP proxy server port for HTTP CDP CRL retrieval– gsk attribute [sg]et numeric value() - Default: 80 GSK HTTP CDP MAX RESPONSE SIZE [0 – 2147483647] – Specifiesthe maximum size in bytes accepted as a response from an HTTP serverwhen retrieving a CRL– gsk attribute [sg]et numeric value() - Default: 20480 (20K) GSK HTTP CDP RESPONSE TIMEOUT [0 – 43200] – Specifies thetime in seconds to wait for a response from an HTTP server– gsk attribute [sg]et numeric value() - Default: 15Page 22 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation – LDAP CRL System SSL supports LDAP basic and extended CRL caching support GSK CRL CACHE EXTENDED [ON OFF] – Specifies if LDAP basic orextended CRL cache support is enabled– gsk attribute [sg]et enum() GSK CRL CACHE EXTENDED ON GSK CRL CACHE EXTENDED OFF: Default - Basic LDAP basic CRL caching support (Existing support)– CRLs are only cached when GSK CRL CACHE TIMEOUT isgreater than 0 and GSK CRL CACHE SIZE is set to a non-zeronumber– Cache size defaults to -1 (unlimited)– Temporary CRLs are added to cache if not found on LDAP server– LDAP server response time out defaults to 15 secondsPage 23 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation - LDAP CRL LDAP extended CRL caching support– CRLs are only cached when they contain an expiration time greaterthan the current time– Cache size defaults to 32– Temporary CRLs are not added to the cache by default if not foundon the LDAP server– LDAP server response time out defaults to 15 seconds Difference: Time out is honored in System SSL in case LDAPserver does not honor the timeout value. GSK CRL CACHE SIZE [-1 – 32000]: Specifies the maximum number ofCRLs that are allowed to be stored in the LDAP CRL cache– gsk attribute [sg]et numeric value() Basic: Default: -1 (unlimited) Extended: Default: 32Page 24 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation - LDAP CRL GSK CRL CACHE TEMP CRL [ON OFF]: Specifies if a temporaryLDAP CRL cache entry is added to the cache if the CRL does not resideon the LDAP server– gsk attribute [sg]et enum() GSK CRL CACHE TEMP CRL ON: Basic default GSK CRL CACHE TEMP CRL OFF: Extended default GSK CRL CACHE TEMP CRL TIMEOUT [1 – 720]: Specifies the timein hours that a temporary LDAP CRL cache entry resides in the LDAPextended CRL cache– gsk attribute [sg]et numeric value() - Default: 24 GSK CRL CACHE ENTRY MAXSIZE [0 – 2147483647]: Specifies themaximum size in bytes of a CRL to be kept in the LDAP CRL cache– gsk attribute [sg]et numeric value() - Default: 0 (unlimited size)Page 25 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation - LDAP CRL GSK LDAP RESPONSE TIMEOUT [0 – 43200]: Specifies the timeout inseconds to wait for a response from the LDAP server– gsk attribute [sg]et numeric value(): Default 15Page 26 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation - Revocation checking order System SSL can be configured to adjust the order configured revocationsources (OCSP, HTTP CRLs, and LDAP CRLs) are checked whenvalidating the SSL/TLS partner certificate GSK OCSP URL PRIORITY [ON OFF]: Specifies the priority order forcontacting OCSP responder locations if both GSK OCSP URL andGSK OCSP ENABLE are active– gsk attribute [sg]et enum() GSK OCSP URL PRIORITY ON: Default GSK OCSP URL PRIORITY OFF GSK AIA CDP PRIORITY [ON OFF]: Specifies the priority order thatthe AIA and the CDP extensions are checked for certificate revocationinformation (Used to order OCSP and HTTP CRL checking)– gsk attribute [sg]et enum() GSK AIA CDP PRIORITY ON: Default GSK AIA CDP PRIORITY OFFPage 27 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation - Revocation security enforcement GSK REVOCATION SECURITY LEVEL [LOW MEDIUM HIGH]:Specifies the level of security when contacting an OCSP responder or anHTTP server in the CDP extension– gsk attribute [sg]et enum value() GSKCMS REVOCATION SECURITY LEVEL LOW:Certificate validation does not fail if the OCSP responder orHTTP server in the CDP extension cannot be reached. GSKCMS REVOCATION SECURITY LEVEL MEDIUM:Certificate validation requires the OCSP responder or HTTPserver in the CDP extension to be contactable. Default setting. GSKCMS REVOCATION SECURITY LEVEL HIGH:Certificate validation requires the OCSP responder or HTTPserver in the CDP extension to be contactable and provide validrevocation information. The AIA and CDP extensions mustcontain valid HTTP URI values that can be contacted.Page 28 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation – Limiting the number of OCSP and HTTP URLscontacted GSK MAX SOURCE REV EXT LOC VALUES [0 - 256]: Specifies themaximum number of location values that are contacted per revocationsource when attempting validation of a certificate.– Revocation source An AIA or CDP extension in a certificate– Default: 10 locations Contact up to 10 URI values in a specific data source in acertificate GSK MAX VALIDATION REV EXT LOC VALUES [0 - 1024]: Specifiesthe maximum number of location values that are contacted whenperforming validation of a certificate.– Default: 100 locations Contact up to 100 URI values in all AIA and CDP extensions ina certificatePage 29 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation – Updated Certificate Management Servicesroutines gsk validate certificate mode()–gsk status gsk validate certificate mode (gskdb data sources * data sources,x509 certificate * subject certificate,gsk boolean accept root,gsk int32 * issuer record id,GSKCMS CERT VALIDATION MODE validation mode,gsk uint32 arg count[,GSKCMS CERT VALIDATE KEYRING ROOT validate root][,GSKCMS REVOCATION SECURITY LEVEL security level][,gsk int32 max source rev ext loc values][,gsk int32 max validation rev ext loc values] ) data sources – Can now specify OCSP, CDP, and LDAP extendedrevocation handles returned from gsk create revocation source() arg count – Can now be set to 0, 1, 2, 3, or 4 for the number of optionalparameters security level (new parameter)– revocation security level for CDP andOCSP data sourcesPage 30 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentation Template Full VersionUsage & Invocation – Updated Certificate Management Servicesroutines max source rev ext loc values (new parameter) – Specifies themaximum number of locations that will be contacted per data source whenattempting validation of a certificate. max validate rev ext loc values (new parameter) - Specifies themaximum number of HTTP URI values that will be contacted whenperforming validation of a certificate chain.Page 31 of 50 2015 IBM Corporation
Filename: zOS V2R2 System SSL OCSP and PKCS12IBM Presentati
assist with the creation of the revocation data sources. – New gsk_free_revocation_source() routine frees the memory associated with the data sou
