Doing https: (http over SSL)

Jon Warbrick
University Computing Service

Why?

https (which is just http over the Secure Sockets Layer - SSL) is available in all modern, and many not-so-modern, browsers.

https gets you:

Client-to-server end-to-end encrypted traffic (including basic authentication usernames/passwords, content of submitted forms, etc)
Strongly authenticated server credentials supplied to the browse (including hostname and name of site operator, etc)
and (optionally)
Strongly authenticated user credentials supplied to the server (requires user to have a personal certificate, something which is not common at the moment).

You probably wanted 1), but you have to have 2) as well, so to run SSL you have to get a certificate signed by someone that all your client browsers will trust, which normally means a commercial Certificate Authority. Commercial certificates cost of the order of £100 for a certificate that lasts a year. While you can sign your own certificates (see below), browsers will then put up lots of warnings when someone accesses your site. However this might be an option for some sort of intranet site.

More details of SSL:

and a discussion of its potential problems http://www.securityfocus.com/frames/?focus=basics&content=/focus/basics/articles/ssl.html

Why not?

Using SSL defeates caching
Using SSL imposes greater overheads (doing the encryption/decryption) on both server and client
Some firewalls and/or web proxys may not alow SSL traffic - either due to configuration errors/oversights, or because SSL effectivly provides an encrypred tunnel that can be used for traffic other than https and which firewalls and web proxys can't regulate.
Certificate cost

Remember also that using SSL only protects data in transit between server and browser, and does nothing to protect data either before it gets into the browser (like, when it's on the screen as you type it in) or after it has been processed by the server (like, when it's been stored in a database). Security is for life, not just for Christmas.

Note also that the willingness of a browser to accept the identity of a server depends on a set of 'root authority certificates' configured into each browser (the common browsers come with such certificates for the common Certificate Authorities). Anyone with access to the set of these certificates used by your browser could, in principle, cause you to accept the identity of a bogus server.

Options and software

The rest of this paper concentrates on using SSL with Apache. The principles, though not the details, will be the same for other browsers.

There are two add-ons that give Apache SSL capability: Apache-SSL (http://www.apache-ssl.org/) and mod_ssl (http://www.modssl.org/). RedHat 7 (at least) ships with mod_ssl. That's what I describe below. Both packages provide much the same features, and many of their configuration parameters are the same.

Both use OpenSSL (http://www.openssl.org/) for cryptographic support. OpenSSL derives from the earlier SSLeay by Eric A. Young and Tim J. Hudson, and much documentation still talks about SSLeay.

The openssl command (which does key and certificate manipulation for OpenSSL) has a huge range of options and parameters - the examples given below are not necessarily the only way of doing things.

What do you do

Generate an RSA public/private key pair

[root@mnementh certs]# openssl genrsa -des3 -rand \
/var/log/messages:/var/log/messages.0 1024        \
> mnementh.csi.cam.ac.uk.key
157808 semi-random bytes loaded
Generating RSA private key, 1024 bit long modulus
........++++++
............................++++++
e is 65537 (0x10001)
Enter PEM pass phrase:
Verifying password - Enter PEM pass phrase:

Create from that a 'Certificate Signing Request'

[root@mnementh certs]# openssl req -new -key mnementh.csi.cam.ac.uk.key \
> mnementh.csi.cam.ac.uk.csr 
Using configuration from /usr/share/ssl/openssl.cnf
Enter PEM pass phrase:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:GB
State or Province Name (full name) [Some-State]:Cambridgeshire
Locality Name (eg, city) []:Cambridge
Organization Name (eg, company) [Internet Widgits Pty Ltd]:University of Cambridge
Organizational Unit Name (eg, section) []:Computing Service
Common Name (eg, your name or your server's hostname) []:mnementh.csi.cam.ac.uk
Email Address []:jw35@cam.ac.uk

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

[root@mnementh certs]# cat mnementh.csi.cam.ac.uk.csr 
-----BEGIN CERTIFICATE REQUEST-----
MIIB+TCCAWICAQAwgbgxCzAJBgNVBAYTAkdCMRcwFQYDVQQIEw5DYW1icmlkZ2Vz
aGlyZTESMBAGA1UEBxMJQ2FtYnJpZGdlMSAwHgYDVQQKExdVbml2ZXJzaXR5IG9m
IENhbWJyaWRnZTEaMBgGA1UECxMRQ29tcHV0aW5nIFNlcnZpY2UxHzAdBgNVBAMT
Fm1uZW1lbnRoLmNzaS5jYW0uYWMudWsxHTAbBgkqhkiG9w0BCQEWDmp3MzVAY2Ft
LmFjLnVrMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfkudk25OzLR9oi/bt
Iy9im4R9mKSDlSjry1fvMh/Zyzn936RCTrvYVLE5TmGDsYoBcawW1JlVTfi7vxpi
+mPjaRRcRa92gVK+3/4cfIQqJkZTb9CJYK5BQCHc11G1Iv1T0b0rnjy/0h6QQM8O
Z6uIkcBqHQJry//GJuOXzafT6wIDAQABoAAwDQYJKoZIhvcNAQEEBQADgYEAVDF/
GgGME0/1h0q6TM+6ucmulmZGCHwOmKVkcbDF84STox6TRDXzuzEGMXZE83T1RkwI
9UAbNJZOsesIFh1+AgqepBn44vl2+Ww4nVNQwEUp08a/jyahsfuYBQBSL42V9HmL
Pmg4c5+mNrdgaROg6/ebJdBURD3DTpAPwSc0Iyg=
-----END CERTIFICATE REQUEST-----

Note that the 'Common name' in the certificate must match the host name of your server, otherwise browsers will (justifiably) complain. For a host with several names (www-uxsup.csx.cam.acuk/nymph.csi.cam.ac.uk) it should be whatever is going to appear in the URLs. Some CA's (Thawte are an example) offer 'wildcard' certificates (eg *.cam.ac.uk), but these are not supported by all servers/browsers and are more expensive.

Further, you are likely to have to prove (in some way) to a Certificate Authority that you really are the organization described in the other fields and that the domain name entered in 'Common Name' is registered to you.

Send this off to a Certificate Authority (BT Trustwise - the UK Verisign Agent - http://www.trustwise.com/; Thawte http:///www.thawte.com/; etc [also see below]) along with some money and get back a certificate:

[root@mnementh certs]# cat mnementh.csi.cam.ac.uk.cert
-----BEGIN CERTIFICATE-----
MIIC3zCCAkigAwIBAgIEAJXIWzANBgkqhkiG9w0BAQQFADCBhzELMAkGA1UEBhMC
WkExIjAgBgNVBAgTGUZPUiBURVNUSU5HIFBVUlBPU0VTIE9OTFkxHTAbBgNVBAoT
FFRoYXd0ZSBDZXJ0aWZpY2F0aW9uMRcwFQYDVQQLEw5URVNUIFRFU1QgVEVTVDEc
MBoGA1UEAxMTVGhhd3RlIFRlc3QgQ0EgUm9vdDAeFw0wMTAxMjMxNDUzMzFaFw0w
MjAxMjMxNDUzMzFaMIG4MQswCQYDVQQGEwJHQjEXMBUGA1UECBMOQ2FtYnJpZGdl
c2hpcmUxEjAQBgNVBAcTCUNhbWJyaWRnZTEgMB4GA1UEChMXVW5pdmVyc2l0eSBv
ZiBDYW1icmlkZ2UxGjAYBgNVBAsTEUNvbXB1dGluZyBTZXJ2aWNlMR8wHQYDVQQD
ExZtbmVtZW50aC5jc2kuY2FtLmFjLnVrMR0wGwYJKoZIhvcNAQkBFg5qdzM1QGNh
bS5hYy51azCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAn5LnZNuTsy0faIv2
7SMvYpuEfZikg5Uo68tX7zIf2cs5/d+kQk672FSxOU5hg7GKAXGsFtSZVU34u78a
Yvpj42kUXEWvdoFSvt/+HHyEKiZGU2/QiWCuQUAh3NdRtSL9U9G9K548v9IekEDP
DmeriJHAah0Ca8v/xibjl82n0+sCAwEAAaMlMCMwEwYDVR0lBAwwCgYIKwYBBQUH
AwEwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQQFAAOBgQB0ap+gRFVTGZ4GFJtN
h4gTUfUeaXJR6XJ9FaoD6XBxK2lY4SW1HtzmJaexgkedM4JfjlHntgQZmSkmPlSP
if61XSqV9b82rIZQd3BEtQn0UvymQCHGp7Ae14HF2qqnMLD4Oj0YKsCo1M7faRfB
tILNfOv1q3mFmEk7Lb4kaEGQ6A==
-----END CERTIFICATE-----

Add the following to Apache config file

LoadModule ssl_module         modules/libssl.so
AddModule mod_ssl.c
Listen 443
<VirtualHost _default_:443>
DocumentRoot "/var/www/html"
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/mnementh.csi.cam.ac.uk.cert
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/mnementh.csi.cam.ac.uk.key
<Directory "/">
SSLRequireSSL
</Directory>
</VirtualHost>

Restart Apache and away you go.

The private key you generated was encrypted. This is a good idea for most copies of the key. However, Apache will then need the pass phrase to access the key as it starts up. For unattended startup (like, after a power failure) this is a problem. There are various ways you can arrange to feed the pass phrase in to Apache as it starts, but I suggest making a copy of the key for use by the server that has no pass phrase.
```
[root@mnementh certs]# openssl rsa -in mnementh.csi.cam.ac.uk.key \
-out mnementh.csi.cam.ac.uk.key.clear 
read RSA key 
Enter PEM pass phrase:
writing RSA key
```
It appears that the key is read by the server at startup while it is still root, so the key file can and should be protected so that only root can read it.
The key file (and associated pass phrase) are important. Loose them (say, in a system crash) and your certificate is useless. Allow someone else access to the information in the key file and they could, under some circumstances, set up a webserver that appeared to be yours. Therefore you should make backup copies of the key file (and the certificate) and protect these backups (and the originals) carefully.

You can (often) get free testing certificates from the big Certificate Authorities. But you can also make your own:

[root@mnementh certs]# openssl req -new -x509 -days 365 \
-keyout test.key -out test.cert
Using configuration from /usr/share/ssl/openssl.cnf
Generating a 1024 bit RSA private key
..++++++
..............................++++++
writing new private key to 'test.key'
Enter PEM pass phrase:
Verifying password - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:GB
State or Province Name (full name) [Some-State]:Cambridgeshire
Locality Name (eg, city) []:Cambridge
Organization Name (eg, company) [Internet Widgits Pty Ltd]:University of Cambridge
Organizational Unit Name (eg, section) []:Computing Service
Common Name (eg, your name or your server's hostname) []:mnementh.csi.cam.ac.uk
Email Address []:jw35@cam.ac.uk

Add the -nodes option to create a key file without a pass phrase. This is a 'self-signed' certificate that web browsers won't know to accept. So when you browse to the site you will get a (sequence of) warning dialogs.

Sources of certificates

Thawte Consulting, at http://www.thawte.com/certs/server/request.html
CertiSign Certificadora Digital Ltda., at http://www.certisign.com.br
IKS GmbH, at http://www.iks-jena.de/produkte/ca/
BelSign NV/SA, at http://www.belsign.be
Verisign, Inc. at http://www.verisign.com/guide/apache
TC TrustCenter (Germany) at http://www.trustcenter.de/html/Produkte/TC_Server/855.htm
NLsign B.V. at http://www.nlsign.nl
Deutsches Forschungsnetz at http://www.pca.dfn.de/dfnpca/certify/ssl/
128i Ltd. (New Zealand) at http://www.128i.com
Entrust.net Ltd. at http://www.entrust.net/products/index.htm
Equifax Inc. at http://www.equifaxsecure.com/ebusinessid/
GlobalSign NV/SA at http://www.GlobalSign.net
NetLock Kft. (Hungary) at http://www.netlock.net
Certplus SA (France) at http://www.certplus.com

Jon Warbrick

Last modified: Thu Feb 15 09:31:08 GMT 2001