Redwax Server – Timestamp Demo/Interop

Time Stamp Protocol Demo/Interop

Interoperate with the Redwax RFC3161 Time Stamp Protocol module.

We have implemented a Time Stamp Protocol endpoint that allows you to test your client implementation against a Redwax Server.

The code being run is the most up to date build from trunk/main in source control, and is built and deployed automatically. The Redwax Interop server is for testing purposes only.

Time Stamp Demo/Interop Server

When testing your Time Stamp client implementation, use the following details.

Summary

Server URL	`https://interop.redwax.eu/test/timestamp`
Time Stamp Digest	`SHA256`
Time Stamp Policy	`0.4.0.2023.1.1`
Time Source	`System Clock`
Serial Numbers	`Random`

Redwax Module Configuration

The following configuration is used to implement this timestamp server. The configuration below is added to a standard secure virtualhost Apache configuration, as described here.

Configuration

Here we set the timestamp handler, and set the certificates and keys to be used for timestamping.

<IfModule !ca_module>
  LoadModule ca_module /usr/lib64/httpd/modules/mod_ca.so
</IfModule>
<IfModule !ca_simple_module>
  LoadModule ca_simple_module /usr/lib64/httpd/modules/mod_ca_simple.so
</IfModule>
<IfModule !timestamp_module>
  LoadModule timestamp_module /usr/lib64/httpd/modules/mod_timestamp.so
</IfModule>

<Location /rs/timestamp>
  SetHandler timestamp
  TimestampSigningCertificate /etc/pki/interop/timestamp.cert
  TimestampSigningKey /etc/pki/interop/private/timestamp.key
  TimestampDigest SHA256
  TimestampDefaultPolicy 0.4.0.2023.1.1
  CASimpleSerialRandom on
  CASimpleTime on
</Location>

Time Stamping with OpenSSL

Run the following OpenSSL commands to create and verify a timestamp.

Command Line

To generate a timestamp, ask openssl to generate a timestamp request containing the hash of the file you want to timestamp by running the command below.

openssl ts -query -data my-novel.doc \
  -cert -sha256 -no_nonce \
  -out request.tsq

POST the request to the Redwax Interop Time Stamp server, and record the response.

curl -H "Content-type: application/timestamp-query" \
  --data-binary @request.tsq \
  https://interop.redwax.eu/test/timestamp > reply.tsq

Display the timestamp using the commands below.

openssl ts -reply -text -in reply.tsq
openssl asn1parse -inform DER -in reply.tsq