tl;dr For years, I have wondered what would happen if you tricked OpenSSL into signing a server certificate with a non-CA cert. Unsurprisingly, nothing useful. Interesting, but not useful.
So, I’m a cheapskate and I buy the el-cheapo domain-control-validated SSL certificates for risacher.org for $17/year. That gets me a cert with alternative names “risacher.org” and “www.risacher.org”. I currently host risacher.org on Amazon’s EC2 service, but I also have a few apps that I host for myself on the server in my basement, connected via my residential internet service. Since the web apps on this server are not used by anyone but me, I’ve been content to use self-signed certificates for it.
But I’ve always wondered – what would happen if you tricked OpenSSL into thinking you are a Certificate Authority (CA), and signing a certificate for “basement.risacher.org” using the certificate for “risacher.org” as the CA cert? Could you act as your own CA “for free” to create unlimited subdomain certificates?
This should not work. The server certificate include a constraint that says it is not a CA certificate. It basically shouldn’t even be possible, but math is math, and the signing operations are the same for a CA certificate as they are for any other certificate. If you have the public & private keys, the rest is just formatting & metadata, right?
Long-story short, I finally tried this yesterday. I created a certificate signing request for the server in my basement, and I signed it with the $17 server cert that I got from “PositiveSSL”, which chains up to “USERTrust”. It took some minor trickery to get OpenSSL to do this, but it wasn’t particularly difficult. Once installed, both Firefox and Internet Explorer reject the certificate as invalid, and provide no option to accept the risk and use it anyway. Internet Explorer simply reports “There is a problem with this website’s security certificate.” Firefox gives slightly more information in that it names the error “sec_error_inadequate_key_usage”, an error message I don’t think I’ve ever seen before.
Interestingly, I also tried to access it with Mobile Safari, which reported an invalid certificate but did allow me to accept the risk.