Best Practices for SSL / TLS Deployment, Part 1. Theory
Part 2
We share the translation of a useful article on how to properly deploy SSL / TLS on your site. Today - the theory, the second (practical) part will be after start.
SSL / TLS is deceptively seemingly simple technology. It is easy to deploy, and then it just works without providing a sufficient level of security. But the main problem is that SSL / TLS is not easy to deploy correctly. In order for TLS to provide the necessary level of security, system administrators and developers must put additional effort into setting up their servers and developing applications.
')
In 2009, Qualys SSL Labs began working with SSL. They wanted to understand how TLS was used, and fill in the lack of easy-to-use TLS tools, as well as their documentation. Qualys SSL Labs has achieved some of its goals through global research using TLS, as well as through online assessment tools. But the lack of documentation still makes itself felt. This document is a step towards solving this problem.
1. Private key and certificate
The quality of protection provided by TLS is entirely dependent on the secret key, which lays the foundation for security, and the certificate that reports the authenticity of the server to its visitors.
1.1 Use 2048-bit private keys
Use 2048-bit RSA or 256-bit ECDSA private keys for all your servers. The keys of such a fortress are safe and will remain secure for a considerable period of time. If you have 1024-bit RSA keys, you should replace them with stronger keys as soon as possible.
1.2 Protect the private key
Treat private keys as important assets, giving you access to as few employees as possible. Recommended measures:
• Generate private keys and certificate requests (CSRs) on a trusted computer. Some CAs offer key generation and CSRs for you, but this is not practical.
• Use private key password protection to prevent them from being compromised when stored in backup systems. Password protection of private keys does not help on the industrial server, because an attacker can get the keys from the memory process. There are hardware devices that can protect private keys even in the event of server compromise, but they are expensive and, thus, are justified only in organizations with high security requirements.
• After compromise, revoke old certificates and generate new keys.
• Update certificates every year and always with new private keys.
1.3 Ensure all domain names are used.
Make sure your certificates cover all the domain names you want to use on the site. For example, you have the main domain www.example.com , but you also use the domain www.example.net . Your goal is to avoid a certificate invalidation warning that will confuse your users and weaken their trust.
Even when only one domain name is configured on the server, you need to keep in mind that you cannot control how users come to your site or what links to it indicate. In most cases, you should make sure that the certificate works with and without the WWW (for example, as for example.com and www.example.com ). A secure web server must have a certificate valid for each configured domain name. Certificates for the entire domain (Wildcard) have their advantage, but you should avoid them if using them means giving the private key to a large group of people, for example, system administrators from different organizations. Also, keep in mind that Wildcard certificates can be used by attackers to transfer vulnerabilities from one website to all other sites that use the same certificate.
1.4. Purchase certificates from a trusted certification authority.
Choose a trusted certification authority (CA) that takes care of your business and security. Consider the following criteria when choosing a CA:
Safety attitude
All CAs are subject to regular auditing (otherwise they would not have the right to work as a CA), but some of them take security more seriously than others. Finding out which ones are better in this regard is not easy, but one way is to study their history of security incidents and how they responded to compromises and security incidents and whether they learned from their mistakes.
Main activity
CAs whose certificate issuance is their main activity will lose their business if they do something terribly wrong and they probably will not neglect the separation of certificates, pursuing potentially more lucrative opportunities in other places.
Services offered
At a minimum, the selected CA must support the Certificate Revocation List (CRL) and the OCSP protocol.
Certificate Management Tools
If you need a large number of certificates, then select a certification authority that will give you good tools to manage them.
Support
Choose a certificate authority that provides good support when needed.
1.5. Use reliable certificate signing algorithms
The security of the certificate depends on the length of the private key and the strength of the hashing function used. Today, most certificates use the SHA1 algorithm, which is considered weak.
You need to immediately replace all your certificates that use the SHA1 algorithm, if they expire after 2015.
We share the translation of a useful article on how to properly deploy SSL / TLS on your site. Today - the theory, the second (practical) part will be after start.
Introduction
SSL / TLS is deceptively seemingly simple technology. It is easy to deploy, and then it just works without providing a sufficient level of security. But the main problem is that SSL / TLS is not easy to deploy correctly. In order for TLS to provide the necessary level of security, system administrators and developers must put additional effort into setting up their servers and developing applications.
')
In 2009, Qualys SSL Labs began working with SSL. They wanted to understand how TLS was used, and fill in the lack of easy-to-use TLS tools, as well as their documentation. Qualys SSL Labs has achieved some of its goals through global research using TLS, as well as through online assessment tools. But the lack of documentation still makes itself felt. This document is a step towards solving this problem.
1. Private key and certificate
The quality of protection provided by TLS is entirely dependent on the secret key, which lays the foundation for security, and the certificate that reports the authenticity of the server to its visitors.
1.1 Use 2048-bit private keys
Use 2048-bit RSA or 256-bit ECDSA private keys for all your servers. The keys of such a fortress are safe and will remain secure for a considerable period of time. If you have 1024-bit RSA keys, you should replace them with stronger keys as soon as possible.
1.2 Protect the private key
Treat private keys as important assets, giving you access to as few employees as possible. Recommended measures:
• Generate private keys and certificate requests (CSRs) on a trusted computer. Some CAs offer key generation and CSRs for you, but this is not practical.
• Use private key password protection to prevent them from being compromised when stored in backup systems. Password protection of private keys does not help on the industrial server, because an attacker can get the keys from the memory process. There are hardware devices that can protect private keys even in the event of server compromise, but they are expensive and, thus, are justified only in organizations with high security requirements.
• After compromise, revoke old certificates and generate new keys.
• Update certificates every year and always with new private keys.
1.3 Ensure all domain names are used.
Make sure your certificates cover all the domain names you want to use on the site. For example, you have the main domain www.example.com , but you also use the domain www.example.net . Your goal is to avoid a certificate invalidation warning that will confuse your users and weaken their trust.
Even when only one domain name is configured on the server, you need to keep in mind that you cannot control how users come to your site or what links to it indicate. In most cases, you should make sure that the certificate works with and without the WWW (for example, as for example.com and www.example.com ). A secure web server must have a certificate valid for each configured domain name. Certificates for the entire domain (Wildcard) have their advantage, but you should avoid them if using them means giving the private key to a large group of people, for example, system administrators from different organizations. Also, keep in mind that Wildcard certificates can be used by attackers to transfer vulnerabilities from one website to all other sites that use the same certificate.
1.4. Purchase certificates from a trusted certification authority.
Choose a trusted certification authority (CA) that takes care of your business and security. Consider the following criteria when choosing a CA:
Safety attitude
All CAs are subject to regular auditing (otherwise they would not have the right to work as a CA), but some of them take security more seriously than others. Finding out which ones are better in this regard is not easy, but one way is to study their history of security incidents and how they responded to compromises and security incidents and whether they learned from their mistakes.
Main activity
CAs whose certificate issuance is their main activity will lose their business if they do something terribly wrong and they probably will not neglect the separation of certificates, pursuing potentially more lucrative opportunities in other places.
Services offered
At a minimum, the selected CA must support the Certificate Revocation List (CRL) and the OCSP protocol.
Certificate Management Tools
If you need a large number of certificates, then select a certification authority that will give you good tools to manage them.
Support
Choose a certificate authority that provides good support when needed.
1.5. Use reliable certificate signing algorithms
The security of the certificate depends on the length of the private key and the strength of the hashing function used. Today, most certificates use the SHA1 algorithm, which is considered weak.
You need to immediately replace all your certificates that use the SHA1 algorithm, if they expire after 2015.
Source: https://habr.com/ru/post/249575/
All Articles