SlideShare a Scribd company logo

Certificates, PKI, and SSL/TLS for infrastructure builders and operators

Download as PPTX, PDF
David Ochel
David Ochel

Need to educate your IT or DevOps folks on how to manage server certificates and TLS configurations in a secure manner? Use these slides. :)

Internet
1 of 29
Certificates, Public Key Infrastructures, and SSL/TLS for infrastructure builders and operators David Ochel, August 2019 2019-08-31-00 Unless otherwise noted, clip art is from pixabay.com and subject to PixaBay’s license (https://pixabay.com/service/terms/#license). All remaining content that has not otherwise been attributed is released into the public domain under the CC0 1.0 – https://creativecommons.org/publicdomain/zero/1.0/.
Agenda & Outline Objective: Align on the practical and security implications of managing infrastructure components that rely on TLS and (server) certificates for enabling transport security. • Applied crypto basics – 20’ • Symmetric & asymmetric encryption • Hashes and digital signatures • What makes crypto hard • Public Key Infrastructures – 40’ • Certificates & CAs – and how they are used in TLS • Lifecycle considerations for server keys and certificates • SSL/TLS – Configuration Gotchas – 30‘
Thwarting the “Man in the Middle” PLAIN TEXT PLAIN TEXTtPLAIN TEXT • Communication over (public) networks is not confidential, by design • Emails, web traffic, secrets, etc. can be intercepted and/or manipulated • Originators of content can be impersonated • Unless it is protected and authenticated, typically using encryption • TLS (as in, HTTPS, FTPS) • IPsec, OpenVPN, MACsec, … (or application-specific, like PGP and SSH)
Crypto basics (because it’s the foundation for everything)
01101001 11100011 10001111 10010101 10110100 00000110 11010100 10010011 11001111 10110000 00001010 11110000 10100011 00100001 10001011 01001111 Secret Key – Symmetric Encryption • One key, multiple copies • Good: fast, straightforward • Bad: key distribution (requires out-of-band, can’t control copies) • Examples: AES, Blowfish – e.g., 256 bit key length PLAIN TEXT PLAIN TEXT CIPHER TEXT the key (it’s actually a random string of bits)
Public and private keys – Asymmetric Encryption • Mutually complementary pair of keys • Good: distribution (private key stays with owner, copies of the matching public key can be distributed freely); digital signatures • Bad: high CPU need, based on (theoretically solvable) math problems • Examples: RSA, Diffie Hellman – e.g., 2048 bit key length PLAIN TEXT PLAIN TEXT CIPHER TEXT private key public key
Cryptographic Hashes • Maps a message into a fixed-size digest (“hash”) • Deterministic • Collision-resistant • Non-reversible (one way), cannot compute message from hash • Examples: bcrypt, SHA-2 PLAIN TEXT hash PLAIN TEXT hash PLAIN TEXT PLAIN TEXT hash From https://en.wikipedia.org/wiki/File:Cryptographic_Hash_Function.svg
Digital Signatures • Originator encrypts hash with private key (“digital signature”) • Recipient decrypts hash with originator’s public key, and computes its own hash over the message • If the two hashes match, the message must have been signed by somebody in possession of the private key PLAIN TEXT hash PLAIN TEXT PLAIN TEXT PLAIN TEXT hash signature signature signature hash
Typical Crypto Limitations • Implementing crypto algorithms is hard Use approved libraries/products • Key material “weakens” (risk of eventual compromise increases) over time Rotate keys on defined frequencies Use recommended key lengths and algorithms • Protecting access to secret and private keys is hard Re-key if somebody with access to a secret key leaves organization Keep keys in as few locations as possible, defend them thoroughly Don’t re-use the same key for different purposes or in different trust settings • Distributing public keys in a trustworthy manner is still hard Use public key infrastructures!
Public Key Infrastructures (or, how do I know that Alice’s public key that I grabbed from the web is the one that in fact matches Alice’s private key, and not Chuck’s, who is pretending to be Alice?)
Remember the Man in the Middle? • We want to distribute public keys freely, over networks • But is Alice in fact the one that possesses the private key to the public key that has her name on it? • Can I trust that digital signatures signed with the corresponding private key are in fact Alice’s signatures, and not somebody who’s pretending to be her? • Can messages I encrypt with this key only be decrypted by her? PLAIN TEXT PLAIN TEXT A A C CA C A C
Attesting to a distributed key’s authenticity • Crowd-sourced web of trust (e.g., PGP) • Users attest to the authenticity of public keys by signing each other’s public keys (after having established that they have the same key in front of them) • Key Signing Party, anyone? • Trusted Third Parties • Certificate authorities establish a hierarchical chain of trust into public keys • All users trust the same CA, thus any public key signed by the CA is extended trust (without the need for a secure channel to obtain individual public keys) https://imgs.xkcd.com/comics/responsible_behavior.png
Certificates! Cert Signing Request Name: Alice Address: alice@foo.bar Public key: Certificate Authority PLAIN TEXT PLAIN TEXT CIPHER TEXT A signature A A A A A CERTIFICATE Expiration: … Name: Alice Address: … Public key: CA signature A CA CA A CA
Transport Layer Security – crypto (simplified) CERTIFICATE Expiration: … Name: Company A Address: … Public key: CA signature A CERTIFICATE Expiration: … Name: Company A Address: … Public key: CA signature A 1: Client requests server certificate, validates it against CA cert 2: Client generates symmetric session key* A 3: Client & server exchange traffic encrypted with the session key ENCRYPTED PAYLOAD (e.g., HTML) *This is a much simplified view of how key generation with RSA works. Authentication of the server with RSA is implicit. DH/ECDH works differently. AA
Lifecycle of a server certificate 1. Public/private keypair management 2. Certificate request 3. Certificate issuance 4. Certificate use and revocation 5. Certificate consumption by clients
(1) Managing server public/private keys • Private keys should never leave the server (need to keep confidential) • Use Certificate Signing Requests instead of letting the CA generate the server’s public/private key pair • Do not share private keys across trust domains / between different services (lest compromise of the weakest link will compromise them all) • Beware of aging keys • Limit validity of certificates to an appropriate number of days or years • Generate new keys when “renewing” a cert instead of getting a new cert for the same old key • Consider new keys & certs if an operator with access leaves the organization • Self-signed certificates
(2) Requesting a certificate • Prefer FQDN subject names over wildcards • Wild cards encourage proliferation of the same keys across different services / trust domains • Consider multiple Subject Alternative Names instead • Choose your CA wisely • Consider reputation of different CAs, even though browsers might trust them all • Consider validation and support needs (e.g., Let’s Encrypt – domain validation only) • Identity Verification • Registration Authorities – (in-person) offices of the CA for high-trust situations (e.g., validating somebody’s passport in person - not common in TLS server scenarios • Domain Validation – does the requesting organization control the domain that the cert is for? • Organization Validation – can the requesting organization prove its name/DBA/address as listed in the CSR? • Extended Validation – subject name matches organization’s incorporation doc • Certificate Signing Request (CSR) – standardized format to request a certificate • Does not include the user’s|server’s private key, but is signed by its private key to demonstrate possession of it
(3) Issuing a certificate • Do not use self-signed certs • Teaching users to click through warnings in their browsers desensitizes them against actual threats • Internal CAs for internal services are OK *if* they are managed properly • Mitigate risk of CA compromise • The root CA should be highly protected, offline, and only used to issue certs to certificate-issuing CAs lower down in the hierarchy • Consider using different cert-issuing CAs for different cert purposes / environments • Automation is OK… • ...if cert requests are properly authenticated & authorized
(4) Hosting and revoking certificates • Serve certificate chains with your certificate • Clients may break if intermediate certs are not served by your server, since they may only have the root CA certs in their trust stores • Monitor for certificate expiration • Revoke certificates for compromised or retired keys
Certificates – the devil is in the details • Expiration Date • Purpose (domain validation, cert issuer) • Subject Alternative Names • Wildcard Certs vs. FQDN • Key Usage
Other uses of certificates & trust chains • Code signing • Windows updates • Europe: electronic signatures • Device authentication • User authentication • S/MIME • DNSSEC • PGP Web of Trust
Using certificates for authentication • Authentication factors: what you have; what you know; what you are • Certs (i.e., private keys!) are “what you know” • Same issue as passwords – can be cloned onto multiple devices, picked up by malware, … • Can be used to implement “what you have” if protected from cloning • E.g., on a smart card, HSM, secure enclave • Do certs authenticate users or devices? • Certs don’t authenticate anything, it’s the private key that corresponds to the public key in the cert that does the authentication • Arguably, the CA’s digital signature on the certificate provides for authenticity of the certificate’s content • Do keys (SSH keys, keys related to device certs, …) authenticate users or devices? • It depends – on usage, protection of the keys, context, …
SSL/TLS – Configuration Gotchas
Transport Layer Security – crypto (simplified) CERTIFICATE Expiration: … Name: Company A Address: … Public key: CA signature A CERTIFICATE Expiration: … Name: Company A Address: … Public key: CA signature A 1: Client requests server certificate, validates it against CA cert 2: Client generates symmetric session key* A 3: Client & server exchange traffic encrypted with the session key ENCRYPTED PAYLOAD (e.g., HTML) *This is a much simplified view of how key generation with RSA works. Authentication of the server with RSA is implicit. DH/ECDH works differently.
Versions • SSL is outdated and insecure • v2 – 1994 (Netscape Navigator 1.1 ) • v3 – 1995 • TLS • 1.0 – 1999 (RFC 2246), similar to SSLv3 • 1.1 – 2006, uses MD5 and SHA-1 (on it’s way out) • 1.2 – 2008 • 1.3 – 2018
Cipher Suites • Determine the mix and match of crypto algorithms a client and server can agree on for: • Authentication • Key exchange • Encryption algorithm & key sizes • Etc. Disable weak cipher suites Prefer them in order of strength
Other Tidbits • Perfect Forward Secrecy • Session keys don’t depend on protection by the server’s private key • A result of using DH/ECDH (instead of RSA) for key agreement • If RSA is not supported by a web server, MITM traffic inspection will break ;-) • Various other, security-relevant configuration settings. For example: • Prevent protocol version downgrade attacks (TLS_FALLBACK_SCSV) • Reject insecure renegotiation (support the Renegotiation Indication extension, RFC 5746) • Tell clients to always use TLS (Strict Transport Security (HSTS)) • Only use the TLS NULL compression method • Support OCSP stapling (RFC 6066) • Support session resumption
Potential Client Issues • Mismatch of supported protocol versions • Mismatch of supported ciphersuites • Certificate Pinning • Will interfere with MITM attempts to de- and re-encrypt traffic (e.g., for inspection)
Fun Tools • Dealing with certs • OpenSSL • Checking TLS configs • sslyze • www.ssllabs.com • observatory.mozilla.org • References • https://www.ssllabs.com/projects/documentation/

Recommended

LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilLASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
David Ochel
 
Email Security with OpenPGP - An Appetizer
Email Security with OpenPGP - An AppetizerEmail Security with OpenPGP - An Appetizer
Email Security with OpenPGP - An Appetizer
David Ochel
 
[OPD 2019] Threat modeling at scale
[OPD 2019] Threat modeling at scale[OPD 2019] Threat modeling at scale
[OPD 2019] Threat modeling at scale
OWASP
 
[OPD 2019] .NET Core Security
[OPD 2019] .NET Core Security[OPD 2019] .NET Core Security
[OPD 2019] .NET Core Security
OWASP
 
How to write secure code
How to write secure codeHow to write secure code
How to write secure code
Flaskdata.io
 
IT-Security@Contemporary Life
IT-Security@Contemporary LifeIT-Security@Contemporary Life
IT-Security@Contemporary Life
Oliver Pfaff
 
Web-of-Things and Services Security
Web-of-Things and Services SecurityWeb-of-Things and Services Security
Web-of-Things and Services Security
Oliver Pfaff
 
Microservices Security: dos and don'ts
Microservices Security: dos and don'tsMicroservices Security: dos and don'ts
Microservices Security: dos and don'ts
Minded Security
 

Recommended

LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilLASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
David Ochel
 
Email Security with OpenPGP - An Appetizer
Email Security with OpenPGP - An AppetizerEmail Security with OpenPGP - An Appetizer
Email Security with OpenPGP - An Appetizer
David Ochel
 
[OPD 2019] Threat modeling at scale
[OPD 2019] Threat modeling at scale[OPD 2019] Threat modeling at scale
[OPD 2019] Threat modeling at scale
OWASP
 
[OPD 2019] .NET Core Security
[OPD 2019] .NET Core Security[OPD 2019] .NET Core Security
[OPD 2019] .NET Core Security
OWASP
 
How to write secure code
How to write secure codeHow to write secure code
How to write secure code
Flaskdata.io
 
IT-Security@Contemporary Life
IT-Security@Contemporary LifeIT-Security@Contemporary Life
IT-Security@Contemporary Life
Oliver Pfaff
 
Web-of-Things and Services Security
Web-of-Things and Services SecurityWeb-of-Things and Services Security
Web-of-Things and Services Security
Oliver Pfaff
 
Microservices Security: dos and don'ts
Microservices Security: dos and don'tsMicroservices Security: dos and don'ts
Microservices Security: dos and don'ts
Minded Security
 
Security in microservices architectures
Security in microservices architecturesSecurity in microservices architectures
Security in microservices architectures
inovia
 
Let's get evil - threat modeling at scale
Let's get evil - threat modeling at scaleLet's get evil - threat modeling at scale
Let's get evil - threat modeling at scale
SecuRing
 
Charles Weir's Security presentation for Code Cumbria, January 2014
Charles Weir's Security presentation for Code Cumbria, January 2014Charles Weir's Security presentation for Code Cumbria, January 2014
Charles Weir's Security presentation for Code Cumbria, January 2014
Charles Weir
 
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
SecureAuth
 
OpenID Foundation RISC WG Update - 2018-04-02
OpenID Foundation RISC WG Update - 2018-04-02OpenID Foundation RISC WG Update - 2018-04-02
OpenID Foundation RISC WG Update - 2018-04-02
MikeLeszcz
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
Arash Ramez
 
[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Web Apps vs Blockchain dApps[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Web Apps vs Blockchain dApps
OWASP
 
[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSS[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSS
OWASP
 
Red teaming in the cloud
Red teaming in the cloudRed teaming in the cloud
Red teaming in the cloud
Peter Wood
 
Service Mesh vs. Frameworks: Where to put the resilience?
Service Mesh vs. Frameworks: Where to put the resilience?Service Mesh vs. Frameworks: Where to put the resilience?
Service Mesh vs. Frameworks: Where to put the resilience?
Michael Hofmann
 
DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018
Gordon Haff
 
The Principles of Secure Development - BSides Las Vegas 2009
The Principles of Secure Development - BSides Las Vegas 2009The Principles of Secure Development - BSides Las Vegas 2009
The Principles of Secure Development - BSides Las Vegas 2009
Security Ninja
 
How to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneHow to do Cryptography right in Android Part One
How to do Cryptography right in Android Part One
Arash Ramez
 
OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...
OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...
OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...
MikeLeszcz
 
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016
SecuRing
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
Sylvain Maret
 
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
OpenIDFoundation
 
Easy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 fEasy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 f
Cyber Security Alliance
 
Heartbleed && Wireless
Heartbleed && WirelessHeartbleed && Wireless
Heartbleed && Wireless
Luis Grangeia
 
How to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoHow to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part Two
Arash Ramez
 
An introduction to X.509 certificates
An introduction to X.509 certificatesAn introduction to X.509 certificates
An introduction to X.509 certificates
Stephane Potier
 
Digital signature & eSign overview
Digital signature & eSign overviewDigital signature & eSign overview
Digital signature & eSign overview
Rishi Pathak
 

More Related Content

What's hot

[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Web Apps vs Blockchain dApps[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Web Apps vs Blockchain dApps
OWASP
 
[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSS[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSS
OWASP
 
Service Mesh vs. Frameworks: Where to put the resilience?
Service Mesh vs. Frameworks: Where to put the resilience?Service Mesh vs. Frameworks: Where to put the resilience?
Service Mesh vs. Frameworks: Where to put the resilience?
Michael Hofmann
 
DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018
Gordon Haff
 
How to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneHow to do Cryptography right in Android Part One
How to do Cryptography right in Android Part One
Arash Ramez
 
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016
SecuRing
 
How to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoHow to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part Two
Arash Ramez
 

What's hot (20)

Security in microservices architectures
Security in microservices architecturesSecurity in microservices architectures
Security in microservices architectures
 
Let's get evil - threat modeling at scale
Let's get evil - threat modeling at scaleLet's get evil - threat modeling at scale
Let's get evil - threat modeling at scale
 
Charles Weir's Security presentation for Code Cumbria, January 2014
Charles Weir's Security presentation for Code Cumbria, January 2014Charles Weir's Security presentation for Code Cumbria, January 2014
Charles Weir's Security presentation for Code Cumbria, January 2014
 
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
 
OpenID Foundation RISC WG Update - 2018-04-02
OpenID Foundation RISC WG Update - 2018-04-02OpenID Foundation RISC WG Update - 2018-04-02
OpenID Foundation RISC WG Update - 2018-04-02
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
 
[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Web Apps vs Blockchain dApps[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Web Apps vs Blockchain dApps
 
[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSS[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSS
 
Red teaming in the cloud
Red teaming in the cloudRed teaming in the cloud
Red teaming in the cloud
 
Service Mesh vs. Frameworks: Where to put the resilience?
Service Mesh vs. Frameworks: Where to put the resilience?Service Mesh vs. Frameworks: Where to put the resilience?
Service Mesh vs. Frameworks: Where to put the resilience?
 
DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018
 
The Principles of Secure Development - BSides Las Vegas 2009
The Principles of Secure Development - BSides Las Vegas 2009The Principles of Secure Development - BSides Las Vegas 2009
The Principles of Secure Development - BSides Las Vegas 2009
 
How to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneHow to do Cryptography right in Android Part One
How to do Cryptography right in Android Part One
 
OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...
OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...
OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...
 
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
 
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
 
Easy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 fEasy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 f
 
Heartbleed && Wireless
Heartbleed && WirelessHeartbleed && Wireless
Heartbleed && Wireless
 
How to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoHow to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part Two
 

Similar to Certificates, PKI, and SSL/TLS for infrastructure builders and operators

Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transitAlfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transit
Toni de la Fuente
 
I would appreciate help with these 4 questions. Thank You.1) Expla.pdf
I would appreciate help with these 4 questions. Thank You.1) Expla.pdfI would appreciate help with these 4 questions. Thank You.1) Expla.pdf
I would appreciate help with these 4 questions. Thank You.1) Expla.pdf
JUSTSTYLISH3B2MOHALI
 
All you need to know about transport layer security
All you need to know about transport layer securityAll you need to know about transport layer security
All you need to know about transport layer security
Maarten Smeets
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and Applications
Svetlin Nakov
 

Similar to Certificates, PKI, and SSL/TLS for infrastructure builders and operators (20)

An introduction to X.509 certificates
An introduction to X.509 certificatesAn introduction to X.509 certificates
An introduction to X.509 certificates
 
Digital signature & eSign overview
Digital signature & eSign overviewDigital signature & eSign overview
Digital signature & eSign overview
 
Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transitAlfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transit
 
15 intro to ssl certificate & pki concept
15 intro to ssl certificate & pki concept15 intro to ssl certificate & pki concept
15 intro to ssl certificate & pki concept
 
Https
HttpsHttps
Https
 
I would appreciate help with these 4 questions. Thank You.1) Expla.pdf
I would appreciate help with these 4 questions. Thank You.1) Expla.pdfI would appreciate help with these 4 questions. Thank You.1) Expla.pdf
I would appreciate help with these 4 questions. Thank You.1) Expla.pdf
 
020618 Why Do we Need HTTPS
020618 Why Do we Need HTTPS020618 Why Do we Need HTTPS
020618 Why Do we Need HTTPS
 
All you need to know about transport layer security
All you need to know about transport layer securityAll you need to know about transport layer security
All you need to know about transport layer security
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talk
 
The world of encryption
The world of encryptionThe world of encryption
The world of encryption
 
An Introduction to DANE - Securing TLS using DNSSEC
An Introduction to DANE - Securing TLS using DNSSECAn Introduction to DANE - Securing TLS using DNSSEC
An Introduction to DANE - Securing TLS using DNSSEC
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and Applications
 
Web security for e-commerce
Web security for e-commerceWeb security for e-commerce
Web security for e-commerce
 
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Secure Gate / Reverse Proxy - WAF 1ere génération / DatelecSecure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
 
Public Digital Identity as a Service
Public Digital Identity as a ServicePublic Digital Identity as a Service
Public Digital Identity as a Service
 
TLS/SSL - Study of Secured Communications
TLS/SSL - Study of Secured CommunicationsTLS/SSL - Study of Secured Communications
TLS/SSL - Study of Secured Communications
 
Lecture17
Lecture17Lecture17
Lecture17
 
#MoreCrypto : Introduction to TLS
#MoreCrypto : Introduction to TLS#MoreCrypto : Introduction to TLS
#MoreCrypto : Introduction to TLS
 
Introduction of an SSL Certificate
Introduction of an SSL CertificateIntroduction of an SSL Certificate
Introduction of an SSL Certificate
 

Recently uploaded

Call girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girlsCall girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girls
Monica Sydney
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Monica Sydney
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Monica Sydney
 
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Monica Sydney
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
ydyuyu
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
gajnagarg
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
ayvbos
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
EleniIlkou
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
ydyuyu
 

Recently uploaded (20)

Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
 
Call girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girlsCall girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girls
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
 
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime NagercoilNagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency Dallas
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 

Certificates, PKI, and SSL/TLS for infrastructure builders and operators

  • 1. Certificates, Public Key Infrastructures, and SSL/TLS for infrastructure builders and operators David Ochel, August 2019 2019-08-31-00 Unless otherwise noted, clip art is from pixabay.com and subject to PixaBay’s license (https://pixabay.com/service/terms/#license). All remaining content that has not otherwise been attributed is released into the public domain under the CC0 1.0 – https://creativecommons.org/publicdomain/zero/1.0/.
  • 2. Agenda & Outline Objective: Align on the practical and security implications of managing infrastructure components that rely on TLS and (server) certificates for enabling transport security. • Applied crypto basics – 20’ • Symmetric & asymmetric encryption • Hashes and digital signatures • What makes crypto hard • Public Key Infrastructures – 40’ • Certificates & CAs – and how they are used in TLS • Lifecycle considerations for server keys and certificates • SSL/TLS – Configuration Gotchas – 30‘
  • 3. Thwarting the “Man in the Middle” PLAIN TEXT PLAIN TEXTtPLAIN TEXT • Communication over (public) networks is not confidential, by design • Emails, web traffic, secrets, etc. can be intercepted and/or manipulated • Originators of content can be impersonated • Unless it is protected and authenticated, typically using encryption • TLS (as in, HTTPS, FTPS) • IPsec, OpenVPN, MACsec, … (or application-specific, like PGP and SSH)
  • 4. Crypto basics (because it’s the foundation for everything)
  • 5. 01101001 11100011 10001111 10010101 10110100 00000110 11010100 10010011 11001111 10110000 00001010 11110000 10100011 00100001 10001011 01001111 Secret Key – Symmetric Encryption • One key, multiple copies • Good: fast, straightforward • Bad: key distribution (requires out-of-band, can’t control copies) • Examples: AES, Blowfish – e.g., 256 bit key length PLAIN TEXT PLAIN TEXT CIPHER TEXT the key (it’s actually a random string of bits)
  • 6. Public and private keys – Asymmetric Encryption • Mutually complementary pair of keys • Good: distribution (private key stays with owner, copies of the matching public key can be distributed freely); digital signatures • Bad: high CPU need, based on (theoretically solvable) math problems • Examples: RSA, Diffie Hellman – e.g., 2048 bit key length PLAIN TEXT PLAIN TEXT CIPHER TEXT private key public key
  • 7. Cryptographic Hashes • Maps a message into a fixed-size digest (“hash”) • Deterministic • Collision-resistant • Non-reversible (one way), cannot compute message from hash • Examples: bcrypt, SHA-2 PLAIN TEXT hash PLAIN TEXT hash PLAIN TEXT PLAIN TEXT hash From https://en.wikipedia.org/wiki/File:Cryptographic_Hash_Function.svg
  • 8. Digital Signatures • Originator encrypts hash with private key (“digital signature”) • Recipient decrypts hash with originator’s public key, and computes its own hash over the message • If the two hashes match, the message must have been signed by somebody in possession of the private key PLAIN TEXT hash PLAIN TEXT PLAIN TEXT PLAIN TEXT hash signature signature signature hash
  • 9. Typical Crypto Limitations • Implementing crypto algorithms is hard Use approved libraries/products • Key material “weakens” (risk of eventual compromise increases) over time Rotate keys on defined frequencies Use recommended key lengths and algorithms • Protecting access to secret and private keys is hard Re-key if somebody with access to a secret key leaves organization Keep keys in as few locations as possible, defend them thoroughly Don’t re-use the same key for different purposes or in different trust settings • Distributing public keys in a trustworthy manner is still hard Use public key infrastructures!
  • 10. Public Key Infrastructures (or, how do I know that Alice’s public key that I grabbed from the web is the one that in fact matches Alice’s private key, and not Chuck’s, who is pretending to be Alice?)
  • 11. Remember the Man in the Middle? • We want to distribute public keys freely, over networks • But is Alice in fact the one that possesses the private key to the public key that has her name on it? • Can I trust that digital signatures signed with the corresponding private key are in fact Alice’s signatures, and not somebody who’s pretending to be her? • Can messages I encrypt with this key only be decrypted by her? PLAIN TEXT PLAIN TEXT A A C CA C A C
  • 12. Attesting to a distributed key’s authenticity • Crowd-sourced web of trust (e.g., PGP) • Users attest to the authenticity of public keys by signing each other’s public keys (after having established that they have the same key in front of them) • Key Signing Party, anyone? • Trusted Third Parties • Certificate authorities establish a hierarchical chain of trust into public keys • All users trust the same CA, thus any public key signed by the CA is extended trust (without the need for a secure channel to obtain individual public keys) https://imgs.xkcd.com/comics/responsible_behavior.png
  • 13. Certificates! Cert Signing Request Name: Alice Address: alice@foo.bar Public key: Certificate Authority PLAIN TEXT PLAIN TEXT CIPHER TEXT A signature A A A A A CERTIFICATE Expiration: … Name: Alice Address: … Public key: CA signature A CA CA A CA
  • 14. Transport Layer Security – crypto (simplified) CERTIFICATE Expiration: … Name: Company A Address: … Public key: CA signature A CERTIFICATE Expiration: … Name: Company A Address: … Public key: CA signature A 1: Client requests server certificate, validates it against CA cert 2: Client generates symmetric session key* A 3: Client & server exchange traffic encrypted with the session key ENCRYPTED PAYLOAD (e.g., HTML) *This is a much simplified view of how key generation with RSA works. Authentication of the server with RSA is implicit. DH/ECDH works differently. AA
  • 15. Lifecycle of a server certificate 1. Public/private keypair management 2. Certificate request 3. Certificate issuance 4. Certificate use and revocation 5. Certificate consumption by clients
  • 16. (1) Managing server public/private keys • Private keys should never leave the server (need to keep confidential) • Use Certificate Signing Requests instead of letting the CA generate the server’s public/private key pair • Do not share private keys across trust domains / between different services (lest compromise of the weakest link will compromise them all) • Beware of aging keys • Limit validity of certificates to an appropriate number of days or years • Generate new keys when “renewing” a cert instead of getting a new cert for the same old key • Consider new keys & certs if an operator with access leaves the organization • Self-signed certificates
  • 17. (2) Requesting a certificate • Prefer FQDN subject names over wildcards • Wild cards encourage proliferation of the same keys across different services / trust domains • Consider multiple Subject Alternative Names instead • Choose your CA wisely • Consider reputation of different CAs, even though browsers might trust them all • Consider validation and support needs (e.g., Let’s Encrypt – domain validation only) • Identity Verification • Registration Authorities – (in-person) offices of the CA for high-trust situations (e.g., validating somebody’s passport in person - not common in TLS server scenarios • Domain Validation – does the requesting organization control the domain that the cert is for? • Organization Validation – can the requesting organization prove its name/DBA/address as listed in the CSR? • Extended Validation – subject name matches organization’s incorporation doc • Certificate Signing Request (CSR) – standardized format to request a certificate • Does not include the user’s|server’s private key, but is signed by its private key to demonstrate possession of it
  • 18. (3) Issuing a certificate • Do not use self-signed certs • Teaching users to click through warnings in their browsers desensitizes them against actual threats • Internal CAs for internal services are OK *if* they are managed properly • Mitigate risk of CA compromise • The root CA should be highly protected, offline, and only used to issue certs to certificate-issuing CAs lower down in the hierarchy • Consider using different cert-issuing CAs for different cert purposes / environments • Automation is OK… • ...if cert requests are properly authenticated & authorized
  • 19. (4) Hosting and revoking certificates • Serve certificate chains with your certificate • Clients may break if intermediate certs are not served by your server, since they may only have the root CA certs in their trust stores • Monitor for certificate expiration • Revoke certificates for compromised or retired keys
  • 20. Certificates – the devil is in the details • Expiration Date • Purpose (domain validation, cert issuer) • Subject Alternative Names • Wildcard Certs vs. FQDN • Key Usage
  • 21. Other uses of certificates & trust chains • Code signing • Windows updates • Europe: electronic signatures • Device authentication • User authentication • S/MIME • DNSSEC • PGP Web of Trust
  • 22. Using certificates for authentication • Authentication factors: what you have; what you know; what you are • Certs (i.e., private keys!) are “what you know” • Same issue as passwords – can be cloned onto multiple devices, picked up by malware, … • Can be used to implement “what you have” if protected from cloning • E.g., on a smart card, HSM, secure enclave • Do certs authenticate users or devices? • Certs don’t authenticate anything, it’s the private key that corresponds to the public key in the cert that does the authentication • Arguably, the CA’s digital signature on the certificate provides for authenticity of the certificate’s content • Do keys (SSH keys, keys related to device certs, …) authenticate users or devices? • It depends – on usage, protection of the keys, context, …
  • 24. Transport Layer Security – crypto (simplified) CERTIFICATE Expiration: … Name: Company A Address: … Public key: CA signature A CERTIFICATE Expiration: … Name: Company A Address: … Public key: CA signature A 1: Client requests server certificate, validates it against CA cert 2: Client generates symmetric session key* A 3: Client & server exchange traffic encrypted with the session key ENCRYPTED PAYLOAD (e.g., HTML) *This is a much simplified view of how key generation with RSA works. Authentication of the server with RSA is implicit. DH/ECDH works differently.
  • 25. Versions • SSL is outdated and insecure • v2 – 1994 (Netscape Navigator 1.1 ) • v3 – 1995 • TLS • 1.0 – 1999 (RFC 2246), similar to SSLv3 • 1.1 – 2006, uses MD5 and SHA-1 (on it’s way out) • 1.2 – 2008 • 1.3 – 2018
  • 26. Cipher Suites • Determine the mix and match of crypto algorithms a client and server can agree on for: • Authentication • Key exchange • Encryption algorithm & key sizes • Etc. Disable weak cipher suites Prefer them in order of strength
  • 27. Other Tidbits • Perfect Forward Secrecy • Session keys don’t depend on protection by the server’s private key • A result of using DH/ECDH (instead of RSA) for key agreement • If RSA is not supported by a web server, MITM traffic inspection will break ;-) • Various other, security-relevant configuration settings. For example: • Prevent protocol version downgrade attacks (TLS_FALLBACK_SCSV) • Reject insecure renegotiation (support the Renegotiation Indication extension, RFC 5746) • Tell clients to always use TLS (Strict Transport Security (HSTS)) • Only use the TLS NULL compression method • Support OCSP stapling (RFC 6066) • Support session resumption
  • 28. Potential Client Issues • Mismatch of supported protocol versions • Mismatch of supported ciphersuites • Certificate Pinning • Will interfere with MITM attempts to de- and re-encrypt traffic (e.g., for inspection)
  • 29. Fun Tools • Dealing with certs • OpenSSL • Checking TLS configs • sslyze • www.ssllabs.com • observatory.mozilla.org • References • https://www.ssllabs.com/projects/documentation/

Editor's Notes

  1. https://pixabay.com/vectors/robber-burglar-bandit-stripes-303444/