Detections
Analytics

7.2 Ensure a Valid Trusted Certificate Is Installed

Information

The default SSL certificate is self-signed and is not trusted. Install a valid certificate signed by a commonly trusted certificate authority. To be valid, the certificate must be:
- Signed by a trusted certificate authority
- Not be expired, and
- Have a common name that matches the host name of the web server, such as www.example.com.

**Note:** Some previously 'Trusted' Certificate Authority certificates had been signed with a weak hash algorithm such as MD5, or SHA1. These signature algorithms are known to be vulnerable to collision attacks. Note that it's not the just the signature on the server's certificate, but any signature up the certificate chain. Such CA certificates are considered no longer trusted as of January 1, 2017.

Rationale:

A digital certificate on your server automatically communicates your site's authenticity to visitors' web browsers. If a trusted authority signs your certificate, it confirms for visitors they are actually communicating with you, and not with a fraudulent site stealing credit card numbers or personal information.

Solution

Perform the following to implement the recommended state:

1. Decide on the hostname to be used for the certificate. It is important to remember that the browser will compare the hostname in the URL to the common name in the certificate, so it is important that all https: URLs match the correct hostname. Specifically, the hostname 'www.example.com' is not the same as 'example.com' nor the same as 'ssl.example.com'.
2. Generate a private key using openssl. Although certificate key lengths of 1024 have been common in the past, a key length of 2048 is now recommended for strong authentication. The key must be kept confidential and will be encrypted with a passphrase by default. Follow the steps below and respond to the prompts for a passphrase. See the Apache or OpenSSL documentation for details:
 - [http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#realcert](http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#realcert)
 - [http://www.openssl.org/docs/HOWTO/certificates.txt](http://www.openssl.org/docs/HOWTO/certificates.txt)

 # cd /etc/pki/tls/certs
 # umask 077
 # openssl genrsa -aes128 2048 > example.com.key
 Generating RSA private key, 2048 bit long modulus
 ...+++
 ............+++
 e is 65537 (0x10001)
 Enter pass phrase:
 Verifying - Enter pass phrase:

3. Create a certificate specific template configuration file. It is important that common name in the certificate exactly make the web host name in the intended URL. If there are multiple host names which may be used, as is very common, then the 'subjectAltName' (SAN) field should be filled with all of the alternate names. Creating a template configuration file specific to the server certificate is helpful, as it allows for multiple entries in the 'subjectAltName'. Also, any typos in the CSR can be potentially costly due to the lost time, so using a file, rather than hand typing helps prevent errors. To create a template configuration file, make a local copy of the 'openssl.cnf' typically found in '/etc/ssl/' or '/etc/pki/tls/'

 # cp /etc/ssl/openssl.cnf ex1.cnf>

4. Find the request section which follows the line ''[ req ] ''. Then add or modify the configuration file to include the appropriate values for the host names. It is recommended (but not required) that the first 'subjectAltName' match the 'commonName'.

 [ req ]
 . . .
 distinguished_name = req_distinguished_name
 req_extensions = req_ext

 [ req_ext ]
 subjectAltName = @alt_names

 [alt_names]
 DNS.1 = www.example.com
 DNS.2 = example.com
 DNS.3 = app.example.com
 DNS.4 = service.example.com

5. Continue editing the configuration file under the request distinguished name section to change the existing default values in the configuration file to match the desired certificates information.

 [ req_distinguished_name ]
 countryName_default = GB
 stateOrProvinceName_default = Scotland
 localityName_default = Glasgow
 0.organizationName_default = Example Company Ltd
 organizationalUnitName_default = ICT
 commonName_default = www.example.com

6. Now generate the CSR from the template file, verifying the information. If the default values were placed in the template, then just press enter to confirm the default value.

 # openssl req -new -config ex2.cnf -out example.com.csr -key example.com.key
 Enter pass phrase for example.com.key:
 You are about to be asked to enter information that will be incorporated
 into your certificate request.
 What you are about to enter is what is called a Distinguished Name or a DN.
 There are quite a few fields but you can leave some blank
 For some fields there will be a default value,
 If you enter '.', the field will be left blank.
 -----
 Country Name (2 letter code) [GB]:
 State or Province Name (full name) [Scotland]:
 Locality Name (eg, city) [Glasgow]:
 Organization Name (eg, company) [Example Company Ltd]:
 Organizational Unit Name (eg, section) [ICT]:
 Common Name (e.g. server FQDN or YOUR name) [www.example.com]:

7. Review and verify the CSR information including the SAN by displaying the information.

 # openssl req -in ex2.csr -text | more

 Certificate Request:
 Data:
 Version: 1 (0x0)
 Subject: C = GB, ST = Scotland, L = Glasgow, O = Example Company Ltd, OU = ICT, CN = www.example.com
 Subject Public Key Info:
 Public Key Algorithm: rsaEncryption
 Public-Key: (2048 bit)
 Modulus:
 00:cb:c2:7a:04:13:19:7a:c0:74:00:63:dd:e9:6e:
 . . . . . .
 3a:9d:aa:50:09:4a:40:48:b4:e2:24:ef:fa:7b:42:
 a4:33
 Exponent: 65537 (0x10001)
 Attributes:
 Requested Extensions:
 X509v3 Subject Alternative Name:
 DNS:www.example.com, DNS:example.com, DNS:app.example.com, DNS:ws.example.com
 X509v3 Basic Constraints:
 CA:FALSE
 X509v3 Key Usage:
 Digital Signature, Non Repudiation, Key Encipherment
 Signature Algorithm: sha256WithRSAEncryption
 73:f0:e3:90:a7:ab:01:e4:7f:12:19:b7:6a:dd:be:4e:5c:f1:
 . . .

8. Now move the private key to its intended directory.

 # mv www.example.com.key /etc/ssl/private/

9. Send the certificate signing request (CSR) to a certificate signing authority to be signed, and follow their instructions for submission and validation. The CSR and the final signed certificate are just encoded text and need to be protected for integrity, but not confidentiality. This certificate will be given out for every SSL connection made.
10. The resulting signed certificate may be named 'www.example.com.crt' and placed in '/etc/ssl/certs/' as readable by all (mode '0444'). Please note that the certificate authority does not need the private key ('example.com.key') and this file must be carefully protected. With a decrypted copy of the private key, it would be possible to decrypt all conversations with the server.
11. Do not forget the passphrase used to encrypt the private key. It will be required every time the server is started in https mode. If it is necessary to avoid requiring an administrator having to type the passphrase every time the 'httpd' service is started, the private key may be stored in clear text. Storing the private key in clear text increases the convenience while increasing the risk of disclosure of the key, but may be appropriate for the sake of being able to restart, if the risks are well managed. Be sure that the key file is only readable by root. To decrypt the private key and store it in clear text file the following openssl command may be used. You can tell by the private key headers whether it is encrypted or clear text.

 # cd /etc/ssl/private/
 # umask 077
 # openssl rsa -in www.example.com.key -out www.example.com.key.clear

12. Locate the Apache configuration file for 'mod_ssl' and add or modify the 'SSLCertificateFile' and 'SSLCertificateKeyFile'directives to have the correct path for the private key and signed certificate files. If a clear text key is referenced then a passphrase will not be required. You may need to configure the CA's certificate along with any intermediate CA certificates that signed your certificate using the 'SSLCertificateChainFile' directive. As an alternative, starting with Apache version 2.4.8 the CA and intermediate certificates may be concatenated to the server certificate configured with the 'SSLCertificateFile' directive instead.

 SSLCertificateFile /etc/ssl/certs/example.com.crt
 SSLCertificateKeyFile /etc/ssl/private/example.com.key
 # Default CA file, can be replaced with your CA certificate.
 SSLCertificateChainFile /etc/ssl/certs/server-chain.crt

13. Lastly, start or restart the 'httpd' service and verify correct functioning with your favorite browser.

See Also

https://workbench.cisecurity.org/files/2378

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-8, CSCv6|14.2, CSCv7|14.4

Plugin: Unix

Control ID: e6e8fc212aeb1716728fc113cbbfb65b6009cb8a3cc968cb24ab82d01aef3527