Temporarily disable SSL on web server
23 views
Skip to first unread message
Jeffrey Walton
Sep 13, 2015, 3:15:22 PM9/13/15
to Crypto++ Users
Hi Everyone,
When we went shopping for low cost/no cost certificates for the web server, I thought CAcert (https://www.cacert.org/) would meet our needs. The needs are modest:
(1) no domain names or DNS names in the CN
(2) multiple DNS names in the SAN
(3) "correct" KU and EKU uses
(4) low cost/no cost.
I was sadly mistaken because CAcert is using a long term CA certificate certified with MD5 (see below). I missed that when I was evaluating them, and I apologize for the massive gap. (We could overlook other faux pas on the issued end entity certificate, like KU of Key Agreement and the Server Gated Cryptography bits).
We're going to temporarily disable SSL on the web server.
They web server's key is still good, and it will be used in the future as part of a key continuity program.
If you installed the CAcert CA in a trust store, then you should promptly remove it.
Jeff
********************
$ curl -k https://www.cacert.org/certs/root.crt | openssl x509 -text -noout
...
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=sup...@cacert.org
Validity
Not Before: Mar 30 12:29:49 2003 GMT
Not After : Mar 29 12:29:49 2033 GMT
Subject: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=sup...@cacert.org
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:ce:22:c0:e2:46:7d:ec:36:28:07:50:96:f2:a0:
33:40:8c:4b:f1:3b:66:3f:31:e5:6b:02:36:db:d6:
7c:f6:f1:88:8f:4e:77:36:05:41:95:f9:09:f0:12:
cf:46:86:73:60:b7:6e:7e:e8:c0:58:64:ae:cd:b0:
ad:45:17:0c:63:fa:67:0a:e8:d6:d2:bf:3e:e7:98:
c4:f0:4c:fa:e0:03:bb:35:5d:6c:21:de:9e:20:d9:
ba:cd:66:32:37:72:fa:f7:08:f5:c7:cd:58:c9:8e:
e7:0e:5e:ea:3e:fe:1c:a1:14:0a:15:6c:86:84:5b:
64:66:2a:7a:a9:4b:53:79:f5:88:a2:7b:ee:2f:0a:
61:2b:8d:b2:7e:4d:56:a5:13:ec:ea:da:92:9e:ac:
44:41:1e:58:60:65:05:66:f8:c0:44:bd:cb:94:f7:
42:7e:0b:f7:65:68:98:51:05:f0:f3:05:91:04:1d:
1b:17:82:ec:c8:57:bb:c3:6b:7a:88:f1:b0:72:cc:
25:5b:20:91:ec:16:02:12:8f:32:e9:17:18:48:d0:
c7:05:2e:02:30:42:b8:25:9c:05:6b:3f:aa:3a:a7:
eb:53:48:f7:e8:d2:b6:07:98:dc:1b:c6:34:7f:7f:
c9:1c:82:7a:05:58:2b:08:5b:f3:38:a2:ab:17:5d:
66:c9:98:d7:9e:10:8b:a2:d2:dd:74:9a:f7:71:0c:
72:60:df:cd:6f:98:33:9d:96:34:76:3e:24:7a:92:
b0:0e:95:1e:6f:e6:a0:45:38:47:aa:d7:41:ed:4a:
b7:12:f6:d7:1b:83:8a:0f:2e:d8:09:b6:59:d7:aa:
04:ff:d2:93:7d:68:2e:dd:8b:4b:ab:58:ba:2f:8d:
ea:95:a7:a0:c3:54:89:a5:fb:db:8b:51:22:9d:b2:
c3:be:11:be:2c:91:86:8b:96:78:ad:20:d3:8a:2f:
1a:3f:c6:d0:51:65:87:21:b1:19:01:65:7f:45:1c:
87:f5:7c:d0:41:4c:4f:29:98:21:fd:33:1f:75:0c:
04:51:fa:19:77:db:d4:14:1c:ee:81:c3:1d:f5:98:
b7:69:06:91:22:dd:00:50:cc:81:31:ac:12:07:7b:
38:da:68:5b:e6:2b:d4:7e:c9:5f:ad:e8:eb:72:4c:
f3:01:e5:4b:20:bf:9a:a6:57:ca:91:00:01:8b:a1:
75:21:37:b5:63:0d:67:3e:46:4f:70:20:67:ce:c5:
d6:59:db:02:e0:f0:d2:cb:cd:ba:62:b7:90:41:e8:
dd:20:e4:29:bc:64:29:42:c8:22:dc:78:9a:ff:43:
ec:98:1b:09:51:4b:5a:5a:c2:71:f1:c4:cb:73:a9:
e5:a1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B5:32:1B:D4:C7:F3:E0:E6:8E:F3:BD:D2:B0:3A:EE:B2:39:18:D1
X509v3 Authority Key Identifier:
keyid:16:B5:32:1B:D4:C7:F3:E0:E6:8E:F3:BD:D2:B0:3A:EE:B2:39:18:D1
DirName:/O=Root CA/OU=http://www.cacert.org/CN=CA Cert Signing Authority/emailAddress=sup...@cacert.org
serial:00
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:https://www.cacert.org/revoke.crl
Netscape CA Revocation Url:
https://www.cacert.org/revoke.crl
Netscape CA Policy Url:
http://www.cacert.org/index.php?id=10
Netscape Comment:
To get your own certificate for FREE head over to http://www.cacert.org
Signature Algorithm: md5WithRSAEncryption
28:c7:ee:9c:82:02:ba:5c:80:12:ca:35:0a:1d:81:6f:89:6a:
99:cc:f2:68:0f:7f:a7:e1:8d:58:95:3e:bd:f2:06:c3:90:5a:
ac:b5:60:f6:99:43:01:a3:88:70:9c:9d:62:9d:a4:87:af:67:
58:0d:30:36:3b:e6:ad:48:d3:cb:74:02:86:71:3e:e2:2b:03:
68:f1:34:62:40:46:3b:53:ea:28:f4:ac:fb:66:95:53:8a:4d:
5d:fd:3b:d9:60:d7:ca:79:69:3b:b1:65:92:a6:c6:81:82:5c:
9c:cd:eb:4d:01:8a:a5:df:11:55:aa:15:ca:1f:37:c0:82:98:
70:61:db:6a:7c:96:a3:8e:2e:54:3e:4f:21:a9:90:ef:dc:82:
bf:dc:e8:45:ad:4d:90:73:08:3c:94:65:b0:04:99:76:7f:e2:
bc:c2:6a:15:aa:97:04:37:24:d8:1e:94:4e:6d:0e:51:be:d6:
c4:8f:ca:96:6d:f7:43:df:e8:30:65:27:3b:7b:bb:43:43:63:
c4:43:f7:b2:ec:68:cc:e1:19:8e:22:fb:98:e1:7b:5a:3e:01:
37:3b:8b:08:b0:a2:f3:95:4e:1a:cb:9b:cd:9a:b1:db:b2:70:
f0:2d:4a:db:d8:b0:e3:6f:45:48:33:12:ff:fe:3c:32:2a:54:
f7:c4:f7:8a:f0:88:23:c2:47:fe:64:7a:71:c0:d1:1e:a6:63:
b0:07:7e:a4:2f:d3:01:8f:dc:9f:2b:b6:c6:08:a9:0f:93:48:
25:fc:12:fd:9f:42:dc:f3:c4:3e:f6:57:b0:d7:dd:69:d1:06:
77:34:0a:4b:d2:ca:a0:ff:1c:c6:8c:c9:16:be:c4:cc:32:37:
68:73:5f:08:fb:51:f7:49:53:36:05:0a:95:02:4c:f2:79:1a:
10:f6:d8:3a:75:9c:f3:1d:f1:a2:0d:70:67:86:1b:b3:16:f5:
2f:e5:a4:eb:79:86:f9:3d:0b:c2:73:0b:a5:99:ac:6f:fc:67:
b8:e5:2f:0b:a6:18:24:8d:7b:d1:48:35:29:18:40:ac:93:60:
e1:96:86:50:b4:7a:59:d8:8f:21:0b:9f:cf:82:91:c6:3b:bf:
6b:dc:07:91:b9:97:56:23:aa:b6:6c:94:c6:48:06:3c:e4:ce:
4e:aa:e4:f6:2f:09:dc:53:6f:2e:fc:74:eb:3a:63:99:c2:a6:
ac:89:bc:a7:b2:44:a0:0d:8a:10:e3:6c:f2:24:cb:fa:9b:9f:
70:47:2e:de:14:8b:d4:b2:20:09:96:a2:64:f1:24:1c:dc:a1:
35:9c:15:b2:d4:bc:55:2e:7d:06:f5:9c:0e:55:f4:5a:d6:93:
da:76:ad:25:73:4c:c5:43
When we went shopping for low cost/no cost certificates for the web server, I thought CAcert (https://www.cacert.org/) would meet our needs. The needs are modest:
(1) no domain names or DNS names in the CN
(2) multiple DNS names in the SAN
(3) "correct" KU and EKU uses
(4) low cost/no cost.
I was sadly mistaken because CAcert is using a long term CA certificate certified with MD5 (see below). I missed that when I was evaluating them, and I apologize for the massive gap. (We could overlook other faux pas on the issued end entity certificate, like KU of Key Agreement and the Server Gated Cryptography bits).
We're going to temporarily disable SSL on the web server.
They web server's key is still good, and it will be used in the future as part of a key continuity program.
If you installed the CAcert CA in a trust store, then you should promptly remove it.
Jeff
********************
$ curl -k https://www.cacert.org/certs/root.crt | openssl x509 -text -noout
...
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=sup...@cacert.org
Validity
Not Before: Mar 30 12:29:49 2003 GMT
Not After : Mar 29 12:29:49 2033 GMT
Subject: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=sup...@cacert.org
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:ce:22:c0:e2:46:7d:ec:36:28:07:50:96:f2:a0:
33:40:8c:4b:f1:3b:66:3f:31:e5:6b:02:36:db:d6:
7c:f6:f1:88:8f:4e:77:36:05:41:95:f9:09:f0:12:
cf:46:86:73:60:b7:6e:7e:e8:c0:58:64:ae:cd:b0:
ad:45:17:0c:63:fa:67:0a:e8:d6:d2:bf:3e:e7:98:
c4:f0:4c:fa:e0:03:bb:35:5d:6c:21:de:9e:20:d9:
ba:cd:66:32:37:72:fa:f7:08:f5:c7:cd:58:c9:8e:
e7:0e:5e:ea:3e:fe:1c:a1:14:0a:15:6c:86:84:5b:
64:66:2a:7a:a9:4b:53:79:f5:88:a2:7b:ee:2f:0a:
61:2b:8d:b2:7e:4d:56:a5:13:ec:ea:da:92:9e:ac:
44:41:1e:58:60:65:05:66:f8:c0:44:bd:cb:94:f7:
42:7e:0b:f7:65:68:98:51:05:f0:f3:05:91:04:1d:
1b:17:82:ec:c8:57:bb:c3:6b:7a:88:f1:b0:72:cc:
25:5b:20:91:ec:16:02:12:8f:32:e9:17:18:48:d0:
c7:05:2e:02:30:42:b8:25:9c:05:6b:3f:aa:3a:a7:
eb:53:48:f7:e8:d2:b6:07:98:dc:1b:c6:34:7f:7f:
c9:1c:82:7a:05:58:2b:08:5b:f3:38:a2:ab:17:5d:
66:c9:98:d7:9e:10:8b:a2:d2:dd:74:9a:f7:71:0c:
72:60:df:cd:6f:98:33:9d:96:34:76:3e:24:7a:92:
b0:0e:95:1e:6f:e6:a0:45:38:47:aa:d7:41:ed:4a:
b7:12:f6:d7:1b:83:8a:0f:2e:d8:09:b6:59:d7:aa:
04:ff:d2:93:7d:68:2e:dd:8b:4b:ab:58:ba:2f:8d:
ea:95:a7:a0:c3:54:89:a5:fb:db:8b:51:22:9d:b2:
c3:be:11:be:2c:91:86:8b:96:78:ad:20:d3:8a:2f:
1a:3f:c6:d0:51:65:87:21:b1:19:01:65:7f:45:1c:
87:f5:7c:d0:41:4c:4f:29:98:21:fd:33:1f:75:0c:
04:51:fa:19:77:db:d4:14:1c:ee:81:c3:1d:f5:98:
b7:69:06:91:22:dd:00:50:cc:81:31:ac:12:07:7b:
38:da:68:5b:e6:2b:d4:7e:c9:5f:ad:e8:eb:72:4c:
f3:01:e5:4b:20:bf:9a:a6:57:ca:91:00:01:8b:a1:
75:21:37:b5:63:0d:67:3e:46:4f:70:20:67:ce:c5:
d6:59:db:02:e0:f0:d2:cb:cd:ba:62:b7:90:41:e8:
dd:20:e4:29:bc:64:29:42:c8:22:dc:78:9a:ff:43:
ec:98:1b:09:51:4b:5a:5a:c2:71:f1:c4:cb:73:a9:
e5:a1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B5:32:1B:D4:C7:F3:E0:E6:8E:F3:BD:D2:B0:3A:EE:B2:39:18:D1
X509v3 Authority Key Identifier:
keyid:16:B5:32:1B:D4:C7:F3:E0:E6:8E:F3:BD:D2:B0:3A:EE:B2:39:18:D1
DirName:/O=Root CA/OU=http://www.cacert.org/CN=CA Cert Signing Authority/emailAddress=sup...@cacert.org
serial:00
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:https://www.cacert.org/revoke.crl
Netscape CA Revocation Url:
https://www.cacert.org/revoke.crl
Netscape CA Policy Url:
http://www.cacert.org/index.php?id=10
Netscape Comment:
To get your own certificate for FREE head over to http://www.cacert.org
Signature Algorithm: md5WithRSAEncryption
28:c7:ee:9c:82:02:ba:5c:80:12:ca:35:0a:1d:81:6f:89:6a:
99:cc:f2:68:0f:7f:a7:e1:8d:58:95:3e:bd:f2:06:c3:90:5a:
ac:b5:60:f6:99:43:01:a3:88:70:9c:9d:62:9d:a4:87:af:67:
58:0d:30:36:3b:e6:ad:48:d3:cb:74:02:86:71:3e:e2:2b:03:
68:f1:34:62:40:46:3b:53:ea:28:f4:ac:fb:66:95:53:8a:4d:
5d:fd:3b:d9:60:d7:ca:79:69:3b:b1:65:92:a6:c6:81:82:5c:
9c:cd:eb:4d:01:8a:a5:df:11:55:aa:15:ca:1f:37:c0:82:98:
70:61:db:6a:7c:96:a3:8e:2e:54:3e:4f:21:a9:90:ef:dc:82:
bf:dc:e8:45:ad:4d:90:73:08:3c:94:65:b0:04:99:76:7f:e2:
bc:c2:6a:15:aa:97:04:37:24:d8:1e:94:4e:6d:0e:51:be:d6:
c4:8f:ca:96:6d:f7:43:df:e8:30:65:27:3b:7b:bb:43:43:63:
c4:43:f7:b2:ec:68:cc:e1:19:8e:22:fb:98:e1:7b:5a:3e:01:
37:3b:8b:08:b0:a2:f3:95:4e:1a:cb:9b:cd:9a:b1:db:b2:70:
f0:2d:4a:db:d8:b0:e3:6f:45:48:33:12:ff:fe:3c:32:2a:54:
f7:c4:f7:8a:f0:88:23:c2:47:fe:64:7a:71:c0:d1:1e:a6:63:
b0:07:7e:a4:2f:d3:01:8f:dc:9f:2b:b6:c6:08:a9:0f:93:48:
25:fc:12:fd:9f:42:dc:f3:c4:3e:f6:57:b0:d7:dd:69:d1:06:
77:34:0a:4b:d2:ca:a0:ff:1c:c6:8c:c9:16:be:c4:cc:32:37:
68:73:5f:08:fb:51:f7:49:53:36:05:0a:95:02:4c:f2:79:1a:
10:f6:d8:3a:75:9c:f3:1d:f1:a2:0d:70:67:86:1b:b3:16:f5:
2f:e5:a4:eb:79:86:f9:3d:0b:c2:73:0b:a5:99:ac:6f:fc:67:
b8:e5:2f:0b:a6:18:24:8d:7b:d1:48:35:29:18:40:ac:93:60:
e1:96:86:50:b4:7a:59:d8:8f:21:0b:9f:cf:82:91:c6:3b:bf:
6b:dc:07:91:b9:97:56:23:aa:b6:6c:94:c6:48:06:3c:e4:ce:
4e:aa:e4:f6:2f:09:dc:53:6f:2e:fc:74:eb:3a:63:99:c2:a6:
ac:89:bc:a7:b2:44:a0:0d:8a:10:e3:6c:f2:24:cb:fa:9b:9f:
70:47:2e:de:14:8b:d4:b2:20:09:96:a2:64:f1:24:1c:dc:a1:
35:9c:15:b2:d4:bc:55:2e:7d:06:f5:9c:0e:55:f4:5a:d6:93:
da:76:ad:25:73:4c:c5:43
Jeffrey Walton
Sep 13, 2015, 5:03:36 PM9/13/15
to Crypto++ Users
On Sunday, September 13, 2015 at 3:15:22 PM UTC-4, Jeffrey Walton wrote:
Hi Everyone,
When we went shopping for low cost/no cost certificates for the web server, I thought CAcert (https://www.cacert.org/) would meet our needs. The needs are modest:
(1) no domain names or DNS names in the CN
(2) multiple DNS names in the SAN
(3) "correct" KU and EKU uses
(4) low cost/no cost.
I was sadly mistaken because CAcert is using a long term CA certificate certified with MD5 (see below). I missed that when I was evaluating them, and I apologize for the massive gap. (We could overlook other faux pas on the issued end entity certificate, like KU of Key Agreement and the Server Gated Cryptography bits).
We're going to temporarily disable SSL on the web server.
They web server's key is still good, and it will be used in the future as part of a key continuity program.
If you installed the CAcert CA in a trust store, then you should promptly remove it.
If you try to connect using TLS, you should get an error similar to the following because there's a 443 listener, but its *not* serving over SSL/TLS:
Secure Connection Failed
An error occurred during a connection to www.cryptopp.com. SSL
received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)
The "ssl_error_rx_record_too_long" is because a SSL/TLS client is trying to interpret HTTP data (literally, the HTTP) as SSL/TLS protocol data.
Jeff
Reply all
Reply to author
Forward
0 new messages