DEFCON 23. "Let'sEncrypt: chasing free encryption certificates for the Internet." Yang Zhu, Peter Eckersley, James Kasten
My name is Jan Zhu, I’m a security engineer at Yahoo, this is Peter Eckersley, a leading computer specialist at the Electronic Frontier Foundation, the leader of the technology development team, and James Casten, a technology specialist and a graduate student in computer science and engineering at the University of Michigan. So, which one of you was shocked by the ability to encrypt the entire Internet? I am delighted with your enthusiasm!
So, what problems worry the world, except for global warming, child hunger and all that? The problem is that the TLS transport layer security protocols are still not common everywhere, even in 2015. Last summer, when I wanted to use the Quora website, I went to the login page and saw that it was implemented on the basis of a simple http, which is already bad. In addition, http is open to hackers' tools and transmits your passwords in clear text. This is really bad if you daily see the millions of active users who log into the site in this way. The goal of Quora is to spread social knowledge, and perhaps the misinformation of users, this is a question and answer site on various topics.
')
There is still such a small site called Google, let those who heard about it raise their hands, so they have always been good enough in the sense of using SSL. However, some pages, like this Google Ads landing page, still use the default HTTP protocol by default. You can say that there is nothing terrible in it, this is a static public page that does not require user data input. But a person like me who understands these issues will check where the Log In button leads. An ordinary user, not suspecting anything, after clicking on this button can be redirected to a phishing site, where he will enter his registration data.
And since HTTP is used here, this is still a problem.
The second problem is that getting the TLS transport layer security protocols is still very tedious, even in 2015. Who heard about this, let him raise his hand. I see there are many. If you want to do this, you can go to the wiki.cremehost.com website and familiarize yourself with the 12 steps you need to take in order to purchase an e-signature certificate certified by a CA. And although you are not yet Alcoholics Anonymous, even for you this procedure is quite tiresome.
Consider how long TLS setup takes. I have a video here about this. I talked to many of my EFF colleagues if they could configure TLS, and none of them had done this before. I hope my video works.
Part 1 - Parker Higgins, EFF activist.
- Hello, Parker, what are you doing today?
- I am trying to install HTTPS on my test site.
- Well, is it fun?
“Maybe I don't know yet.”
- I can make a video about how you do it?
- Yes you can!
- Well!
And then you see that he does it with difficulty. He clicks the Assistant button, the page loads again and again, but it does not work. I tell him that probably today he will not succeed, and I am leaving.
Part 2 - Noah.
Here a similar process continues, which in total took Noah almost 9 hours. He cannot understand what is happening with his mail and how to set up a certificate, so he goes to drink coffee. After three hours I return to him.
- This is the site we are trying to protect. And this button is again inactive. I can not screw the certificate here. A message arrives: "Not all fields are filled in." I'll try to fill them in again. So, the words "Congratulations" jumped out! Is this what I spent so much time on?
Well, let's continue, try to launch our site. We find it in the drop-down menu of the form, click on it, wait ...
Information is displayed on the screen, and Noah says with surprise: “And what does this mean? In my opinion, this is my sister's letter, some kind of bill, payment. Is this really my browser? ”
It takes another hour. I return to Noah, who is still waiting for his letter confirming the success of obtaining the certificate of the encryption key of his site. He says that he received a letter thanking him for using the certification service, but when he tries to follow the link indicated in the letter, he doesn’t get anything, perhaps because of the problems with the proxy server on his side.
Noah says that he spent a whole hour, during which he made several more unsuccessful attempts to get a certificate, but he failed. I apologize for this sad video.
So, we have seen that the certification process takes several hours, is associated with many errors and often fails.
Problem three is that TLS has a confusing configuration.
Suppose that everything went perfectly with us, we received our certificate and want to install it on the server. But all its settings are really very confusing. A few years ago, people said: “We have the RC4 stream cipher, great, it’s very efficient!” But now, in 2015, experts such as Nick from the CloudFlare content delivery network say that we must destroy RC4.
Another example is the Secure Hash Algorithm SHA-1 cryptographic hashing algorithm, which is also recognized as insecure, because sooner or later your website that uses this hashing and certificate chains will be recognized by Chrome and Firefox browsers as insecure.
Therefore, I offer you a film called “SHA-256: Deliverance”. This movie is about a man who was mistakenly accused of using SHA-1 on his website and expelled from work. He meets Morgan Freeman and spends all the time trying to convince people that he actually used SHA-256. Watch in all cinemas of the country! It was a joke!
Now let's move on to the next issue called “How to protect the server from the vulnerability of POODLE SSlv3”. People say they abandoned the SSL v.3 cryptographic protocol because it was susceptible to Logjam attacks that could decrypt or hack any TLS connection established with incorrectly configured web services or mail servers.
I want to show you the results of the audit sites, which performed an independent laboratory ssllabs.com. As you can see, our website letsencrypt.org has the highest A + rating and is one of the best sites in terms of security, because ssllabs is a serious organization and you can trust them. We use the latest ciphers from the list of recommended. You see other sites that have received a minimum score of F. The problem is that many people still fail to properly configure SSL and they use broken encryption.
Problem # 4 is blocking mixed content. Your website may be blocked when you use SSL, but download all the resources via HTTP. The browser believes that it must move this user to the HTTPS security level and therefore blocks its HTTP content. As a result, the site ceases to function if you download scripts via HTTP. In the case of Lenovo, which I checked several nights ago, they could use HTTPS, but could not even download their fonts through it, because by default they had to use HTTP. I'll show you on the slide which sites use only HTTPS.
Peter and I are working on supporting browser extensions. So if you use the Chrome browser, you can see that all of its resources can be read as HTTPS. That is, we have a useful tool so that you can turn your website from unprotected into safe. If you use third-party content and do not know if it supports SSL, you can use the developer tool in the form of a table and play with it. This will help rewrite resources that can greatly help you.
There is a new page header called “upgrade insecure request”, “updating unsafe requests”, and when the browser sees it, it understands that all the subresources of the site and links need to be converted to HTTPS, even if they are written in HTTP. So you can use this header for your sites.
Problem number 5 is that there are too many trusted organizations that issue security certificates. A year ago, Peter even drew a very complex table that you see on the screen. Peter, explain what she means!
Peter Eckersley says that this is not a complete map, but only a part. She was introduced to DEFCON in 2010 by the SSL Odservatory project. We found out that at that time there were 66 authorization centers in Firefox and almost 150 in IE. When we scanned the Internet, we made sure that they were all authorized and certified by other certification authorities, and browsers trust them. There were thousands of CAS, authentication service centers that could compromise hundreds of organizations and domains on the network, and it looked terrifying. Last year, Google discovered erroneous certificates issued by a China Certification Authority, so this is not just a theoretical attack on site security.
And now I give the floor to Peter, who will tell you how we see the world in the future.
I will tell you about how we see the solution to these problems. First, you can create your own LetsEncrypt Certificate Authorization Center, free, automated and open. I see you enjoyed this joke!
In fact, we need a detailed review, both security and all sites that need it. We need a solution that simultaneously provides both security and usability.
People who call themselves web developers do not want to go into all the subtleties of using the SSL vulnerability and do not need it. Therefore, the most important question we must answer is how we are going to issue certificates. Because the status quo resembles scenes from the Holy Grail, when you are ordered to go there - I don’t know where to bring that - I don’t know what. And when you bring it, it turns out that this is not at all what was required of you.
The question that I call the digit “zero” is called “Self-Loading.” This refers to the use of the existing option to create a new one. What solution should we use based on the previous encryption? The usual answer to this question is Domain Validation DV, or legalization of a domain name. This does not require a thousand dollar payment, just send a letter to the address or place a request on the website to upgrade the security protocol.
What types of DV uses Let's Encrypt? For download, this is DVSNI protocol on port 443 or simple HTTP on port 88 for those who use a proxy server. In this case, CAS checks your administrative rights to manage the site so that you can configure it. Following the link to the resource indicated in the letter, we go to you and check the response TLS “handshake”, and conduct several test attacks on your resource to make sure it is secure.
Many people ask me about the possibility of legalizing DNS names, perhaps later we will implement such a function for clients along with the possibility of upgrading the protocol for DVSNI 2 domains for ports 443 and 100. If your virtual hosting has thousands of domains, you can make only one change to the protocol instead of a thousand changes. This can be done on various ports, including special ones, like port 443, on which a firewall is usually placed. We have the ability to audit ports that users want to use, by extensively scanning the Internet.
Many are frightened by everything related to domain validation. The Internet in this case seems to be a dark hole, the way in which you send packets of information, they disappear in the middle of the path, and some return to you back and say: “yes, I really have this domain”! Whether your packages will be eaten by evil monsters or modified along the way, you do not know. You can be attacked if your router or DNS server is not properly protected. The methods described above are not very perfect, so we can use a more “advanced” testing method. We can use a multivariate verification path in which we use data center servers and other resources of the world wide web, and create several versions of validation requests or several versions of DNS queries. This method does not protect you from the attack of a more powerful opponent, because it can take advantage of the vulnerability of the router of its victim and through it reach you. So DV is not the best way to protect when creating a security infrastructure for the entire Internet.
However, we have the best protection option. Fortunately, the “journey on the unlit highway of the Internet” described above needs to be completed only once. We discussed the project of studying all SSL at the DEFCON conference 5 years ago, and since then we conducted a series of studies thanks to the support of Firefox and Google users, who sent us millions of certificates and thanks to the ZMap project, which James does with the University of Michigan team. Now that we have a huge database of certificates and a whole syllabus (list of errors), we can help a person even when he asks us to check the domain name of a New Zealand bank. We have never heard of the corporate network mail of this bank, but we can advise our client to look at the certificate database and see that this domain name has a certificate of validation.
Access to the database is provided by scanning ports 443, viewing CT standard logs (Certificate Transparency) or at the request of the client. We are not going to check your unencrypted domain, but we ask you to prove that you own the private key of an existing legalized certificate. Thus, you can always get our certificate or another CAS certificate if you already own the key fingerprint of an authorized security certificate.
This is not very convenient, because it forces you to look for this very key. In case you lost it, you will have to go through the whole certification procedure again and pay for the whole package of settings.
If you have heard about TOFU authentication, Trust on first use, then you know that this mechanism relies on the fact that the first transfer of the key was not compromised, remembers this key and rejects the confirmation of security in case of its sudden change. Most likely, you are familiar with it from the SSH secure shell model. This is a good solution in some cases.
The next major issue is TLS and HTTPS. We run into this problem with the illiterate configuration of TLS, as Jan already mentioned. In this case, you are vulnerable to poodles, logjam and hotblades attacks. All that is needed to solve this problem is a client that runs on your server and magically configures it as it should. Because there is a huge number of sites, servers and a huge array of information, and we need serious knowledge to meet all the requirements. We are a small team of people who are trying to contribute to the solution of the problem. We want to set up TLS correctly and share our tools with everyone who needs it.
What is the goal of the client that we are going to support? It consists in the fact that the user receives this client for six months or a year and with its help supports the settings of the existing server on the Apache / Nginx engine or another up to date, making the necessary changes and then installing the resulting certificate. At the same time, the client adjusts the security functions in the optimal way to obtain the best result for the specific configuration of your server and automatically updates the security system in accordance with current requirements. That is, it automatically counteracts security incidents that create massive problems when using HTTP.
What is meant by security automation? This is a whole range of tasks of varying complexity that are solved automatically. Easy tasks include setting up Cipher encryption suites, OCSP stapling and CSP upgrades. It is more difficult to translate HTTP 302 (redirect code) to HTTPS for modern clients, because mixed content can be blocked even if the security settings are updated, and here you need to use mixed certificates: new for new content and old for old HTTP content . The task of medium complexity is also auto-updating and reassigning keys in case of a change in domain names, because again you need to have a set for the old name and a set for the new.
The challenge is the complete rewriting of certificates and HSTS. HSTS is a mechanism that activates an enforced secure connection through the HTTPS protocol instead of using the HTTP protocol, which allows you to immediately establish a secure connection. If you do not use HSTS, your site is completely unprotected, but this mechanism has some secret properties that can "put" your site if the security settings work incorrectly.
The most difficult task is to audit and correct mixed content. , .
, CA , , , , . ?
, , , .
, . :
CA HPKP, HTTP Public Key Pinning, . Key Pinning – ( ) . « ».
, , , .
, Let'sEncrypt, EFF, Mozilla .
, - HTTPS , , , TLS-. , - Linux , HTTPS , 20-30 .
- ISRG, EFF, Mozilla, Cisco, Akamai, IdenTrust Automatic. CAS ISRG Mozilla, EFF Mozilla, – EFF , , .
7 , - , CA 16 .
, , , . . , , , , , , , .
, .
.
, . , Python, .
encryption-example.com, , , , – HTTPS.
, , TLS Trust. , – , , TLS – HTTPS .
. Apache. , .
, , . TLS , HTTPS.
, , encryption-example.com. , , , . 30 .
, encryption-example.com . – , HTTPS. , .
, , . HTTP- . , HTTP, OCSP stapling .
, , , SSL HTTPS. , , , .
-, .
, , . Let'sEncrypt.
, -, , . , , .
, . .
Question:
— – ?
:
— ! , , , CA, ? ! . – , . , CA. , , . , , .
Question:
— , , cPanel VPS-?
:
— , , , API, Python. API , .
Question:
— CRL?
:
— , . , , Google , , . , , C, .
Question:
— Apache Nginx. , Chef Puppet?
:
— , Chef Puppet. , .
Question:
— API , , - API?
:
— , API .
Question:
— , SSL? , ?
:
— , , . X.509, . , , . , , , , . .
Question:
— TLS , « ». , encryption-example.com 80, « » TLS. ?
:
— , , «», «» . , , HSTS. , , . HSTS, , , . , « » .
Question:
— Wildard?
:
— API , .
Question:
— .local?
:
, TLS . . , TOFU , -.
, . ? ? , 30% entry-level , : VPS (KVM) E5-2650 v4 (6 Cores) 10GB DDR4 240GB SSD 1Gbps $20 ? ( RAID1 RAID10, 24 40GB DDR4).
Dell R730xd 2 ? 2 Intel Dodeca-Core Xeon E5-2650v4 128GB DDR4 6x480GB SSD 1Gbps 100 $249 ! . c Dell R730xd 5-2650 v4 9000 ?
So, what problems worry the world, except for global warming, child hunger and all that? The problem is that the TLS transport layer security protocols are still not common everywhere, even in 2015. Last summer, when I wanted to use the Quora website, I went to the login page and saw that it was implemented on the basis of a simple http, which is already bad. In addition, http is open to hackers' tools and transmits your passwords in clear text. This is really bad if you daily see the millions of active users who log into the site in this way. The goal of Quora is to spread social knowledge, and perhaps the misinformation of users, this is a question and answer site on various topics.
')
There is still such a small site called Google, let those who heard about it raise their hands, so they have always been good enough in the sense of using SSL. However, some pages, like this Google Ads landing page, still use the default HTTP protocol by default. You can say that there is nothing terrible in it, this is a static public page that does not require user data input. But a person like me who understands these issues will check where the Log In button leads. An ordinary user, not suspecting anything, after clicking on this button can be redirected to a phishing site, where he will enter his registration data.
And since HTTP is used here, this is still a problem.
The second problem is that getting the TLS transport layer security protocols is still very tedious, even in 2015. Who heard about this, let him raise his hand. I see there are many. If you want to do this, you can go to the wiki.cremehost.com website and familiarize yourself with the 12 steps you need to take in order to purchase an e-signature certificate certified by a CA. And although you are not yet Alcoholics Anonymous, even for you this procedure is quite tiresome.
Consider how long TLS setup takes. I have a video here about this. I talked to many of my EFF colleagues if they could configure TLS, and none of them had done this before. I hope my video works.
Part 1 - Parker Higgins, EFF activist.
- Hello, Parker, what are you doing today?
- I am trying to install HTTPS on my test site.
- Well, is it fun?
“Maybe I don't know yet.”
- I can make a video about how you do it?
- Yes you can!
- Well!
And then you see that he does it with difficulty. He clicks the Assistant button, the page loads again and again, but it does not work. I tell him that probably today he will not succeed, and I am leaving.
Part 2 - Noah.
Here a similar process continues, which in total took Noah almost 9 hours. He cannot understand what is happening with his mail and how to set up a certificate, so he goes to drink coffee. After three hours I return to him.
- This is the site we are trying to protect. And this button is again inactive. I can not screw the certificate here. A message arrives: "Not all fields are filled in." I'll try to fill them in again. So, the words "Congratulations" jumped out! Is this what I spent so much time on?
Well, let's continue, try to launch our site. We find it in the drop-down menu of the form, click on it, wait ...
Information is displayed on the screen, and Noah says with surprise: “And what does this mean? In my opinion, this is my sister's letter, some kind of bill, payment. Is this really my browser? ”
It takes another hour. I return to Noah, who is still waiting for his letter confirming the success of obtaining the certificate of the encryption key of his site. He says that he received a letter thanking him for using the certification service, but when he tries to follow the link indicated in the letter, he doesn’t get anything, perhaps because of the problems with the proxy server on his side.
Noah says that he spent a whole hour, during which he made several more unsuccessful attempts to get a certificate, but he failed. I apologize for this sad video.
So, we have seen that the certification process takes several hours, is associated with many errors and often fails.
Problem three is that TLS has a confusing configuration.
Suppose that everything went perfectly with us, we received our certificate and want to install it on the server. But all its settings are really very confusing. A few years ago, people said: “We have the RC4 stream cipher, great, it’s very efficient!” But now, in 2015, experts such as Nick from the CloudFlare content delivery network say that we must destroy RC4.
Another example is the Secure Hash Algorithm SHA-1 cryptographic hashing algorithm, which is also recognized as insecure, because sooner or later your website that uses this hashing and certificate chains will be recognized by Chrome and Firefox browsers as insecure.
Therefore, I offer you a film called “SHA-256: Deliverance”. This movie is about a man who was mistakenly accused of using SHA-1 on his website and expelled from work. He meets Morgan Freeman and spends all the time trying to convince people that he actually used SHA-256. Watch in all cinemas of the country! It was a joke!
Now let's move on to the next issue called “How to protect the server from the vulnerability of POODLE SSlv3”. People say they abandoned the SSL v.3 cryptographic protocol because it was susceptible to Logjam attacks that could decrypt or hack any TLS connection established with incorrectly configured web services or mail servers.
I want to show you the results of the audit sites, which performed an independent laboratory ssllabs.com. As you can see, our website letsencrypt.org has the highest A + rating and is one of the best sites in terms of security, because ssllabs is a serious organization and you can trust them. We use the latest ciphers from the list of recommended. You see other sites that have received a minimum score of F. The problem is that many people still fail to properly configure SSL and they use broken encryption.
Problem # 4 is blocking mixed content. Your website may be blocked when you use SSL, but download all the resources via HTTP. The browser believes that it must move this user to the HTTPS security level and therefore blocks its HTTP content. As a result, the site ceases to function if you download scripts via HTTP. In the case of Lenovo, which I checked several nights ago, they could use HTTPS, but could not even download their fonts through it, because by default they had to use HTTP. I'll show you on the slide which sites use only HTTPS.
Peter and I are working on supporting browser extensions. So if you use the Chrome browser, you can see that all of its resources can be read as HTTPS. That is, we have a useful tool so that you can turn your website from unprotected into safe. If you use third-party content and do not know if it supports SSL, you can use the developer tool in the form of a table and play with it. This will help rewrite resources that can greatly help you.
There is a new page header called “upgrade insecure request”, “updating unsafe requests”, and when the browser sees it, it understands that all the subresources of the site and links need to be converted to HTTPS, even if they are written in HTTP. So you can use this header for your sites.
Problem number 5 is that there are too many trusted organizations that issue security certificates. A year ago, Peter even drew a very complex table that you see on the screen. Peter, explain what she means!
Peter Eckersley says that this is not a complete map, but only a part. She was introduced to DEFCON in 2010 by the SSL Odservatory project. We found out that at that time there were 66 authorization centers in Firefox and almost 150 in IE. When we scanned the Internet, we made sure that they were all authorized and certified by other certification authorities, and browsers trust them. There were thousands of CAS, authentication service centers that could compromise hundreds of organizations and domains on the network, and it looked terrifying. Last year, Google discovered erroneous certificates issued by a China Certification Authority, so this is not just a theoretical attack on site security.
And now I give the floor to Peter, who will tell you how we see the world in the future.
I will tell you about how we see the solution to these problems. First, you can create your own LetsEncrypt Certificate Authorization Center, free, automated and open. I see you enjoyed this joke!
In fact, we need a detailed review, both security and all sites that need it. We need a solution that simultaneously provides both security and usability.
People who call themselves web developers do not want to go into all the subtleties of using the SSL vulnerability and do not need it. Therefore, the most important question we must answer is how we are going to issue certificates. Because the status quo resembles scenes from the Holy Grail, when you are ordered to go there - I don’t know where to bring that - I don’t know what. And when you bring it, it turns out that this is not at all what was required of you.
The question that I call the digit “zero” is called “Self-Loading.” This refers to the use of the existing option to create a new one. What solution should we use based on the previous encryption? The usual answer to this question is Domain Validation DV, or legalization of a domain name. This does not require a thousand dollar payment, just send a letter to the address or place a request on the website to upgrade the security protocol.
What types of DV uses Let's Encrypt? For download, this is DVSNI protocol on port 443 or simple HTTP on port 88 for those who use a proxy server. In this case, CAS checks your administrative rights to manage the site so that you can configure it. Following the link to the resource indicated in the letter, we go to you and check the response TLS “handshake”, and conduct several test attacks on your resource to make sure it is secure.
Many people ask me about the possibility of legalizing DNS names, perhaps later we will implement such a function for clients along with the possibility of upgrading the protocol for DVSNI 2 domains for ports 443 and 100. If your virtual hosting has thousands of domains, you can make only one change to the protocol instead of a thousand changes. This can be done on various ports, including special ones, like port 443, on which a firewall is usually placed. We have the ability to audit ports that users want to use, by extensively scanning the Internet.
Many are frightened by everything related to domain validation. The Internet in this case seems to be a dark hole, the way in which you send packets of information, they disappear in the middle of the path, and some return to you back and say: “yes, I really have this domain”! Whether your packages will be eaten by evil monsters or modified along the way, you do not know. You can be attacked if your router or DNS server is not properly protected. The methods described above are not very perfect, so we can use a more “advanced” testing method. We can use a multivariate verification path in which we use data center servers and other resources of the world wide web, and create several versions of validation requests or several versions of DNS queries. This method does not protect you from the attack of a more powerful opponent, because it can take advantage of the vulnerability of the router of its victim and through it reach you. So DV is not the best way to protect when creating a security infrastructure for the entire Internet.
However, we have the best protection option. Fortunately, the “journey on the unlit highway of the Internet” described above needs to be completed only once. We discussed the project of studying all SSL at the DEFCON conference 5 years ago, and since then we conducted a series of studies thanks to the support of Firefox and Google users, who sent us millions of certificates and thanks to the ZMap project, which James does with the University of Michigan team. Now that we have a huge database of certificates and a whole syllabus (list of errors), we can help a person even when he asks us to check the domain name of a New Zealand bank. We have never heard of the corporate network mail of this bank, but we can advise our client to look at the certificate database and see that this domain name has a certificate of validation.
Access to the database is provided by scanning ports 443, viewing CT standard logs (Certificate Transparency) or at the request of the client. We are not going to check your unencrypted domain, but we ask you to prove that you own the private key of an existing legalized certificate. Thus, you can always get our certificate or another CAS certificate if you already own the key fingerprint of an authorized security certificate.
This is not very convenient, because it forces you to look for this very key. In case you lost it, you will have to go through the whole certification procedure again and pay for the whole package of settings.
If you have heard about TOFU authentication, Trust on first use, then you know that this mechanism relies on the fact that the first transfer of the key was not compromised, remembers this key and rejects the confirmation of security in case of its sudden change. Most likely, you are familiar with it from the SSH secure shell model. This is a good solution in some cases.
The next major issue is TLS and HTTPS. We run into this problem with the illiterate configuration of TLS, as Jan already mentioned. In this case, you are vulnerable to poodles, logjam and hotblades attacks. All that is needed to solve this problem is a client that runs on your server and magically configures it as it should. Because there is a huge number of sites, servers and a huge array of information, and we need serious knowledge to meet all the requirements. We are a small team of people who are trying to contribute to the solution of the problem. We want to set up TLS correctly and share our tools with everyone who needs it.
What is the goal of the client that we are going to support? It consists in the fact that the user receives this client for six months or a year and with its help supports the settings of the existing server on the Apache / Nginx engine or another up to date, making the necessary changes and then installing the resulting certificate. At the same time, the client adjusts the security functions in the optimal way to obtain the best result for the specific configuration of your server and automatically updates the security system in accordance with current requirements. That is, it automatically counteracts security incidents that create massive problems when using HTTP.
What is meant by security automation? This is a whole range of tasks of varying complexity that are solved automatically. Easy tasks include setting up Cipher encryption suites, OCSP stapling and CSP upgrades. It is more difficult to translate HTTP 302 (redirect code) to HTTPS for modern clients, because mixed content can be blocked even if the security settings are updated, and here you need to use mixed certificates: new for new content and old for old HTTP content . The task of medium complexity is also auto-updating and reassigning keys in case of a change in domain names, because again you need to have a set for the old name and a set for the new.
The challenge is the complete rewriting of certificates and HSTS. HSTS is a mechanism that activates an enforced secure connection through the HTTPS protocol instead of using the HTTP protocol, which allows you to immediately establish a secure connection. If you do not use HSTS, your site is completely unprotected, but this mechanism has some secret properties that can "put" your site if the security settings work incorrectly.
The most difficult task is to audit and correct mixed content. , .
, CA , , , , . ?
, , , .
, . :
- ACME ;
- ;
- Certificate Transparency.
CA HPKP, HTTP Public Key Pinning, . Key Pinning – ( ) . « ».
, , , .
, Let'sEncrypt, EFF, Mozilla .
, - HTTPS , , , TLS-. , - Linux , HTTPS , 20-30 .
- ISRG, EFF, Mozilla, Cisco, Akamai, IdenTrust Automatic. CAS ISRG Mozilla, EFF Mozilla, – EFF , , .
7 , - , CA 16 .
, , , . . , , , , , , , .
, .
.
, . , Python, .
encryption-example.com, , , , – HTTPS.
, , TLS Trust. , – , , TLS – HTTPS .
. Apache. , .
, , . TLS , HTTPS.
, , encryption-example.com. , , , . 30 .
, encryption-example.com . – , HTTPS. , .
, , . HTTP- . , HTTP, OCSP stapling .
, , , SSL HTTPS. , , , .
-, .
, , . Let'sEncrypt.
, -, , . , , .
, . .
Question:
— – ?
:
— ! , , , CA, ? ! . – , . , CA. , , . , , .
Question:
— , , cPanel VPS-?
:
— , , , API, Python. API , .
Question:
— CRL?
:
— , . , , Google , , . , , C, .
Question:
— Apache Nginx. , Chef Puppet?
:
— , Chef Puppet. , .
Question:
— API , , - API?
:
— , API .
Question:
— , SSL? , ?
:
— , , . X.509, . , , . , , , , . .
Question:
— TLS , « ». , encryption-example.com 80, « » TLS. ?
:
— , , «», «» . , , HSTS. , , . HSTS, , , . , « » .
Question:
— Wildard?
:
— API , .
Question:
— .local?
:
, TLS . . , TOFU , -.
, . ? ? , 30% entry-level , : VPS (KVM) E5-2650 v4 (6 Cores) 10GB DDR4 240GB SSD 1Gbps $20 ? ( RAID1 RAID10, 24 40GB DDR4).
Dell R730xd 2 ? 2 Intel Dodeca-Core Xeon E5-2650v4 128GB DDR4 6x480GB SSD 1Gbps 100 $249 ! . c Dell R730xd 5-2650 v4 9000 ?
Source: https://habr.com/ru/post/352538/
All Articles