APLawrence.com - Resources for Unix and Linux Systems, Bloggers and the self-employed

SSL,TLS,openssl

2005/04/30

The Secure Sockets Layer (SSL) is what you are using when you use https instead of http for a web page. This is also referred to as TLS (Transport Layer Security) and you'll sometimes see newsgroups posts from people wondering what the difference is. Simply, TLS is the official name for the SSL standard.

What it's all about is secure transmission of data using public key authentication. There are two parts to SSL: verifying that you are talking to the server you want to be talking to, and then encrypting data sent between the two of you. The verification part is handled by the server having generated a certificate, which is actually just a public key that has been "signed" (which is encryption with a private key - see /Basics/gpg.html ).

The verification phrase is the weakest part of SSL, for several reasons. First, almost always the server's key pairs have a blank passphrase, because otherwise you'd need to provide the passphrase every time the web server was restarted, which would be inconvenient and difficult for scripts. This makes the keys easier to steal in the even of some other server compromise. But more important is that in common usage, people pay very little attention to the security that this verification phase does offer, and will happily accept and ignore any error that might be trying to warn you that you may not in fact be talking to the server you think you are.

For example, I just set up a web server at a hosting site. The provider pre-configures the machine, initializing everything to default values, and puts an "Under Construction" page in the httpdocs directory. If I replace that with my content, I can access the site by IP or point a domain I own at it. If I then access that site with https instead of http, I'll get a warning from my browser saying something like:

You have attempted to establish a connection with "xyz.com".
However, the security certificate presented belongs to "plesk".
It is possible, though unlikely, that someone may be trying
to intercept your communication with this web site.

Unfortunately, it's the "unlikely" part that introduces the problem. Most people are just going to click the button that says "OK" or "Accept this certificate" and continue. If they really are talking to "xyz.com", that's fine. But if they are a victim of DNS poisoning, they may be connected to someone else entirely. Or it may be as simple as a typo: they thought they typed "paypal.com" but fat-fingered "payoal.co" instead. Or they were foolish enough to click on an email link that said it was going to Paypal or EBay or whatever.

You can use the "openssl" command to get all the gory details about site certificates. For example, you might do this:

# openssl s_client -host www.somewhere.com -port 443

CONNECTED(00000003)

depth=0 /C=US/ST=Virginia/L=Herndon/O=SWsoft, Inc./OU=Plesk/CN=plesk/emailAddress=info@plesk.com
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=US/ST=Virginia/L=Herndon/O=SWsoft, Inc./OU=Plesk/CN=plesk/emailAddress=info@plesk.com
verify return:1
---
Certificate chain
 0 s:/C=US/ST=Virginia/L=Herndon/O=SWsoft, Inc./OU=Plesk/CN=plesk/emailAddress=info@plesk.com
   i:/C=US/ST=Virginia/L=Herndon/O=SWsoft, Inc./OU=Plesk/CN=plesk/emailAddress=info@plesk.com
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIEfDCCA2SgAwIBAgIEQZyU8DANBgkqhkiG9w0BAQQFADCBiDELMAkGA1UEBhMC
5y2CaL0gLHjB3DQE+ZHb9J/cp7yQZRM9yMRyYZ36ZFdg8UTB48BIbETxqwoxy55v
qzxw01fm6Vdf9XK+rXVuSyp41LvDfNSlMC3SXmx7rEYVNsrANUELK1s8QUBR/oe5
12p1gasB6fIPUulusdsz5wXwIAhvvgbTV5rfWfZbx7UgQIgznFWPElqNjxmV9r75
lwV+KXyuEngyMunw9tZhfRn/woRUB/7cNsUOhMss1SOhTtKwjia2iikmovQ+3SLd

(many lines deleted)

-----END CERTIFICATE-----
subject=/C=US/ST=Virginia/L=Herndon/O=SWsoft, Inc./OU=Plesk/CN=plesk/emailAddress=info@plesk.com
issuer=/C=US/ST=Virginia/L=Herndon/O=SWsoft, Inc./OU=Plesk/CN=plesk/emailAddress=info@plesk.com
---
No client certificate CA names sent
---
SSL handshake has read 1844 bytes and written 340 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: 95B24DCEEE9BC8FBF7C646C5DBB3B9B9916AD9A8E68B5E07B0113EDB08EB71B6
    Session-ID-ctx: 
    Master-Key: 070945EA7C92B7DCB4B71DA8BD90F0DCB6327802BE6E4F9CF877C7697D6EF006848869F18D63206D03088EF413AF3290
    Key-Arg   : None
    Krb5 Principal: None
    Start Time: 1114087832
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---

The openssl command is also what you'd use to generate keys and certificates.

After that, SSL negotiates encryption between the machines and transmits data securely from that point on.

Although openssl is probably the best known and most common implementation, there is also GNUTLS

.

Got something to add? Send me email.




Increase ad revenue 50-250% with Ezoic


More Articles by

Find me on Google+

© Tony Lawrence



Kerio Connect Mailserver

Kerio Samepage

Kerio Control Firewall

Have you tried Searching this site?

Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us





Doing linear scans over an associative array is like trying to club someone to death with a loaded Uzi. (Larry Wall)





This post tagged: