Certificate expiration and SHA-1 - amazon-web-services

Background: I'm a complete newbie when it comes to certificates.
We have a site running at https://global.projacked.com
The certificate is issued by AWS.
All works well for most of our customers but...
One of them is experiencing the following:
And when I click on "view certificate" I see:
So the question is: can we do anything on our end to make this work?
If not: what can I tell my customer to do to make it work? Is it a question of them updating their certificate? Or might it be cause by them being in a secured network (e.g. VPN)?
Thank you immensely in advance for your help

Your site global.projacked.com is serving a valid SHA-256 certificate. The customer who has reported this issue appears to be having its HTTPS traffic intercepted and inspected by some sort of a MITM software or device (the Issuer -- apotex-CA -- on the certificate they're seeing gives it away). The MITMing entity is generating a certificate that is trusted by the customer's browser but it happens to be a SHA-1 certificate causing Chrome to complain.
You cannot do anything to fix their issue. A lot of MITM software vendors have released updates that create SHA-256 certificates to avoid situations such as this. They can probably check to see if there are updates they can install that generate SHA-256 certificates or read this or this to see if they really need to have TLS traffic intercepted and inspected. Sadly, I've seen organizations where the "solution" to this issue is to install an older version of Chrome that did not care about SHA-1 certificates and disable auto-update. After all, burying your head in the sand is very good at blocking all the noise about this little thing called security.

The certificate issuer should be able to issue a certificate under SHA-256. You'll then need to replace the certificate on the server.
Some certificate authorities can give you new cert as a re-issue of the old one, some will require CSR (Certificate Signing Request) that can be constructed based on the existing private key, which likely resides on the server too.

Related

Where to get a x.509 Certificate to Encrypt a SOAP message

I'm calling a web service hosted by a 3rd party and they require that I encrypt the actual SOAP message with a x.509 certificate (they are using asymmetric encryption)
The certificate I use needs to be signed by a root Certificate Authority. In searching online, I am finding mostly references to SSL certificates, but from what I've read, this is different from what I need. If that is correct, can someone provide a link to a page on a Certificate Authority's website where I would be able to purchase the certificate I need. I haven't had any luck and it's driving me crazy.
Thanks in advance for any help you can provide. Let me know if you need further details.
-Chris

Why does Chrome hate self-signed certificates so much?

I'm running a small web app on an EC2 instance and I want some friends to be able to use it. I also want to make it use HTTPS, just for basic security purposes (prevent packet snooping whenever possible). Of course I am using a self-signed certificate, because my budget for this project is $0. But Chrome throws up a warning page upon trying to visit it:
Your connection is not private
Attackers might be trying to steal your information from [...]
(for example, passwords, messages, or credit cards).
NET::ERR_CERT_AUTHORITY_INVALID
This server could not prove that it is [...]; its security certificate is not trusted by your computer's operating system. This may be caused by a misconfiguration or an attacker intercepting your connection.
Is is not true that "any encryption is better than no encryption"? On unenecrypted HTTP, I could be trying to steal information as well, and don't have to prove anything about my server identity, AND my communication can be read in plaintext by packet sniffing, but Chrome doesn't throw up any warning flags there...
What gives? Why does Chrome hate self-signed certificates so much? Why doesn't it just put a little red box over the padlock icon, instead of giving me a two-click warning page?
Edit Sep 2021 (this was applicable since 2016): Just suck it up and use one of the free key issuers. Let's Encrypt and AWS ACM will literally do it for free.
This question is not specific to chrome. Firefox and probably other browsers behave similar and in the last years the warnings even got stricter. Complaining about these warnings shows more a missing understanding of the role of certificates in HTTPS.
With HTTPS one expects encryption, i.e. private communication between the browser and the server with nobody sniffing or manipulating the transferred data. At the beginning of the encryption client and server exchange the encryption keys, so that one can encrypt the data and the other can decrypt the data. If some man-in-the-middle manages to manipulate the key exchange in a way that it gets control over the encryption keys, then the connection will still be encrypted but not private. Thus it is essential that the key exchange is protected and this is done with certificates. Only with proper checking of the certificates the client can verify that it talks to the server and not some man-in-the-middle and thus the critical key exchange can be protected.
Certificates are usually verified by
Checking the trust chain, i.e. if the certificate is directly or indirectly (via immediate certificates) issued by a certificate agency (CA) trusted by the browser or operating system.
Verifying that the certificate is issued for the expected hostname, i.e. the subject matches the hostname.
With self-signed certificates or certificates issued by a CA unknown to the browser/OS this check will fail. In this case it is unknown, if the original certificate was already not issued by a trusted CA or if there is some man-in-the-middle manipulating the connection. Being man-in-the-middle is not hard, especially in unprotected networks like public hotspots.
Because the browser can not verify the certificate in this cases it will throw a big fat warning to show the user that something is seriously wrong. If your friends know that you only have some self-signed certificate there they should also know that this is the expected behavior of the browser in this case. You also should provide them with the fingerprint of your certificate so that they can be sure that this is the expected certificate - because there is no other way to check the validity of this certificate. Note that this warning also comes once because the browser saves the fingerprint and from then on knows that your site is associated with this certificate. But if you change the certificate it will complain again.
If you don't like the trouble of teaching all of your friends how to properly verify your certificate then get yourself a certificate by a public CA. They don't need to be expensive and some also issue free certificates.
Is is not true that "any encryption is better than no encryption"?
While bad encryption might be better than no encryption, transferring sensitive data over en encrypted but man-in-the-middle connection is definitely worse then transferring non-sensitive data with no encryption. And contrary to plain HTTP you can actually detect a potential man-in-the-middle attack with HTTPS. What you can not do is find out if this a potential man-in-the-middle attack or if the non-verifiable certificate is actually the expected, because the browser has no previous knowledge what to expect. Thus a self-signed certificate is actually not that bad provided that the browser knows up-front that this site only provides a self-signed certificate. And it might also not bad if the transferred data are not sensitive. But how should the browser know what kind of data and what kind of certificate are to expect?
Because SSL/TLS are trying to solve two problems in a single stroke, but you are completely ignoring one of them.
SSL is meant to provide both encryption (between two endpoints) and authentication (where each endpoint is exactly who it says it is). This latter solution is generally meant to be solved via organizations known as Certificate Authorities (CAs), who are supposed to verify your identity before agreeing to give you a certificate. While there have been some spectacular failures of this level of trust in the past, we don't have anything better yet, and so browsers still expect to see SSL/TLS certificates to be issued by one of these Trusted authorities; if it's not, there's no way to know if you're actually talking to the party you intended to.
So, while it may be encrypted, having an encrypted conversation with someone who shouldn't be party to the conversation is actually WORSE than having a plaintext conversation with someone who SHOULD be party to the conversation.
There are a few free SSL providers out there such as Let's Encrypt that won't cause this warning and still fit in your $0 budget.
Put chrome://flags/#allow-insecure-localhost into the Chrome address bar, then select the enabled option.
The reason for the click through is to offer some protection from phishing attacks.
The $0 work-around is to create a certification authority verified by Justaskin_ (which is just a special file) and have your friends to install the public key derived from of it on their computers.
Instead, use the private key to sign your https certificate and their browsers will accept it. OpenSSL is one tool that can do this.

Is there a way to force browser to accept self-signed certificate using websocket++?

I am using echo_server_tls example with Chrome client. It works fine when I add the certificate to "Trusted Root Certificate Authorities" in certmgr. But if the certificate is not added there, the connection fails silently.
How can I ask user to accept my certificate in case of "Certificate Authority" error?
My OS is Windows 7
You can't do anything once the certificate error is encountered... it's a security feature. What you can do, however, is instruct users before they attempt to use your server that they must install your root certificate. One possible solution is to have them go to an "insecure" (unencrypted) site where the instructions are, then proceed to the "secure" site.
As a side note, buying a real "signed-by-well-known-authority" certificate is not difficult nor expensive... the cost is far less then the trouble of dealing with self-signed certificates in nearly all scenarios.
OK, solved the problem by setting an http handler using set_http_handler().
Thanks

Using CFHTTP with HTTPS domain in Railo

I keep getting Connection Failed when trying to request data from a page that is on an https:// domain. I did install the ssl cert using the built-in section of the railo admin at https://[mydomain]/railo-context/admin/server.cfm?action=services.certificates however I still get Connection Failed. How should I go forward with debugging this? I have confirmed that this server in particular does have access to the domain I am trying to request from.
You probably need some additional certs installed as Jason has said. Take a close look at the cert and it's chain. Go to the cert issuers site and look for some documentation.
To troubleshoot you can add some logging to your jvm args. I think it's something like:
-Djavax.net.debug=all
The results are either in the OUT log or the server.log. This post on SSL 3.0 has some debugging tips. It's possible that your cert needs to handshake at a lower security level than CF allows (SSL 2.0 instead of 3.0/TLS for instance) and that could cause this behavior - but it's more likely that you simply need an intermediate cert installed.
The problem ended up being the permissions weren't setup properly on the machine. After we had the server administrator fix our permissions to access the Railo-Tomcat Service Control, the requests started working. I'm assuming he fixed some other permissions while he was in there.

Any real downside to using self-issued certs when dealing with known agents?

I'm setting up a web service which will only be used by a limited number (< 100) of known agents (business partners etc.).
Because I am not public facing, do I face any real downside to using self-issued certs as opposed to the much more costly route of using a known CA?
Edit: I should clarify that the primary purpose we hope to get out of the certificates is to fulfil the 2nd factor in two-factor authentication (password for what-you-know, X.509 cert for what-you-have)
There's no real downside, but it's easier to use a private CA in those circumstances. That private CA has a self-signed certificate, and authorizes everything else in your closed world. Write down a policy (you know, on a piece of paper) for who gets their certificate signed and how you go about doing the signing, and you'll be operating like the “real” CAs do.
But if there are external business partners involved, it's probably easier to just use a normal CA. You can get your service certificates signed for very little so cheap-skating on them is just not really worth it. It only becomes a hassle when you start to want to do things like delegated authority and things like that; at that point, you want to start reading about OAuth and FOAF+SSL. And maybe other things too; it's a deep rabbit-hole.
With a self-signed cert, the users will be warned that the certificate is not trusted by the browser until they manually add the signing certificate into their certificate cache, or will have to click to accept the fact that the certificate may be untrusted.
With a known CA such as Verisign, the signing certificate will typically already be preinstalled on their PC, so the user will receive no prompt
Also a security consideration (from Wikipedia - haven't encountered this myself): "Self-signed certificates cannot (by nature) be revoked, which may allow an attacker who has already gained access to monitor and inject data into a connection to spoof an identity if a private key has been compromised. CAs on the other hand have the ability to revoke a compromised certificate, which prevents its further use."
I would think most security-conscious people would hesitate to import some guy's root certificate. Heck, i have certificates i've generated MYSELF that i don't want to import. And a lot of software will refuse to deal with a server whose cert isn't issued by a CA it (or the OS) trusts.
Seriously, check out http://www.startssl.com. They offer free certificates, which appear to be pretty well supported by most common browsers and OSes. It's a lot easier than even trying to tell people how to install your root cert.