I'm using OpenSSL 3.3.1 4 Jun 2024 (Library: OpenSSL 3.3.1 4 Jun 2024), on Ubuntu 24.10.
I'm having similar issues, but here's two notes: 1) you are not specifying a
signer_digest, either in the config file or via a-digestcommand-line option; 2) we can't see your certificate information in order to assess whether they are well-formed.
And that was the comment I was about to post, when I tried a few more things and it started working.
Starting from the end, here's my config file, named x509.cnf:
[ server ]
basicConstraints = CA:FALSE
extendedKeyUsage = critical, timeStamping
[ tsa ]
default_tsa = tsa_config
[ tsa_config ]
dir = .
serial = $dir/serial
crypto_device = builtin
signer_cert = $dir/ca-int.crt
signer_digest = SHA256
signer_key = $dir/ca-int.key
default_policy = 1.2.3.4.1
digests = sha256
accuracy = secs:1, millisecs:500, microsecs:100
ordering = yes
tsa_name = yes
Two things are immediately apparent:
default_policy expects the actual value, and not a section name. I got this one from the error message:4027392CF87A0000:error:17800087:time stamp routines:ts_CONF_invalid:var bad value:../crypto/ts/ts_conf.c:120:tsa_config::default_policy
40473E889B7C0000:error:17800088:time stamp routines:ts_CONF_lookup_fail:cannot find config variable:../crypto/ts/ts_conf.c:115:tsa_config::signer_digest
so I added the line:
signer_digest = SHA256
Documentation states this is not optional, although it's non-existent as to actual values. Yeah, openssl docs, right? Thank God the product is actually great.
Here's my steps:
LEN=${LEN:-2048}
# create a root.
openssl req -new -x509 -noenc -out ca.crt -keyout ca.key -set_serial 1 -subj /CN=CA_ROOT -newkey rsa:$LEN -sha512 || exit 1
# create TSA CSR
openssl req -new -noenc -config x509.cnf -reqexts server -out tsa.csr -keyout tsa.key -subj /CN=TSA -newkey rsa:$LEN -sha512 || exit 1
# Sign the TSA with `ca.crt`
openssl x509 -req -in tsa.csr -CAkey ca.key -CA ca.crt -days 20 -set_serial 10 -sha512 -out tsa.crt -copy_extensions copy || exit 1
As you can see, the ROOT is generated completely without a configuration and the TSA is then signed by the ROOT. The crucial point here is this line in your config:
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
which is precisely why you get something like:
4097C0FB27790000:error:17800075:time stamp routines:TS_RESP_CTX_set_signer_cert:invalid signer certificate purpose:../crypto/ts/ts_rsp_sign.c:142:
The only key usage of this certificate must be the timeStamping, which, not being among the standard key usages, must be fed via an extended key usage extension. If this is as self-evident to you as it was to me, welcome to RFC HELL! By now, I know by heart larger swaths of RFC5280 than it's mentally healthy, and I still feel quite the ignorant.
So, remove the keyUsage line from your cnf and it should fly.
Just run:
openssl ts -reply -config x509.cnf -queryfile request.tsq
and admire the gibberish on your screen. Or add the -out response.tsr and save it for later.