Secure Sockets Layer
Transport Layer Security
+
=
+
=
+
=
+
=
private key
public key
hash
+
=
hash
+
=
signature
client
server
+ =
+ =
+ + =
+ =
+ =
+ =
+ =
+ + =
client
server
+ =
+ =
+ =
+ =
+ =
+ =
attacker
+ + =
+ + =
-----BEGIN CERTIFICATE-----
MIIGJjCCBQ6gAwIBAgISA+QXf7/R8dEixU+Nv8gYX46fMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjExMTQwNTAwMDBaFw0x
NzAyMTIwNTAwMDBaMBcxFTATBgNVBAMTDHVuaXZhZGlzLmNvbTCCAiIwDQYJKoZI
hvcNAQEBBQADggIPADCCAgoCggIBAMHb7ldnrl9RMnjjIC0U4tqrvrpF7bGO72fe
tXb1VmK8EZxWtIp0L4+ribTpY/XVdSLkUFNHH3rr2crsblIbEsqRia8onkC6YzC5
UiVqIM9Lbqi+NjWCp6SfxfluxkzicKgNM1tvWfItR6AeoMp7uBPC+krOvW9FLd1g
1w2HrEZCeXBYjK1/8m4IH37o4vdUYnl6sGoMku8Yq5+uCREpK8m1qWpska0l+wok
fNidRzJlhyGlR+ZF9FKhE5SfC6RCaQ4bHOVcpEMGRLSqr1MBZVne+RdjJ+7/gRal
MEL49YCchdtLgOhBEb2CMAyx1lhqPkJdaLtaXKQ6f/MiWAis69eY3TOyvhd3uKg9
cY9nGggOU8ZTI2O/KpDpJu1HJr6m1myhSBmoDxd5a3Ar1Zm9HAa5q2LvqZowc+3O
fNGgRsIa1k8U3QR4P1M4hJEMjlmsv3wMFSHKtLA8ebTbheZpqxT0HZfLxy8Utri7
adB7PDdV49dvDApn5umRxIK772O/Hbn7+qALJqkOQIcKDW5YPvgUSbZwI9do800P
GcWl0My9mlgHO8I2zmlX48AUQipjF1dX/CRCLUAfQ/5Abv/4AzL26FUzxVLUWUHN
PF4fIRL41G0BQxIU+0Uejq8x94oyykb2kdial8EwniNpE33Go9alCVydd1r6hoGQ
vzrNbhg1AgMBAAGjggI3MIICMzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEfXCv6D
hAjWGL2SktsW0wvcDjKoMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyh
MHAGCCsGAQUFBwEBBGQwYjAvBggrBgEFBQcwAYYjaHR0cDovL29jc3AuaW50LXgz
LmxldHNlbmNyeXB0Lm9yZy8wLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14
My5sZXRzZW5jcnlwdC5vcmcvMEEGA1UdEQQ6MDiCFnNlY3VyZS11cy51bml2YWRp
cy5jb22CDHVuaXZhZGlzLmNvbYIQd3d3LnVuaXZhZGlzLmNvbTCB/gYDVR0gBIH2
MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0
dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMg
Q2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQ
YXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNh
dGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9z
aXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQCaSsks1yFmPl1nakpOlkhDnOZZsCtg
5S8PP/ddYQUX/59LrXey4IbRLrncrYp1u9XJdi5WDCgYe4tY5j0O9Un20Xm7p1q+
IRo70bfXZZZ7n00HHkeSphiS0w5ADnsbBwYXz0gejr8e7qGWYttoG03gZNE9G0u2
2HzK0OKWfmXz/I11bJXuWjcxp716A71WkX1oXWB2gwSXdf3FR/t2oZKi/bQQVSVw
QOPbu58t/LujQjAK8t2o86P47PoOIKgkyBdHOjwWq3897MOaLhj+HEIX1noWAdie
2KvuHn20O9liOEExGNMKR7gnL9XZWZGdo6RwYPuOGci6pP4+Gjh3bf5w
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:e4:17:7f:bf:d1:f1:d1:22:c5:4f:8d:bf:c8:18:5f:8e:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer:
commonName = Let's Encrypt Authority X3
organizationName = Let's Encrypt
countryName = US
Validity
Not Before: Nov 14 05:00:00 2016 GMT
Not After : Feb 12 05:00:00 2017 GMT
Subject:
commonName = univadis.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:c1:db:ee:57:67:ae:5f:51:32:78:e3:20:2d:14:
e2:da:ab:be:ba:45:ed:b1:8e:ef:67:de:b5:76:f5:
56:62:bc:11:9c:56:b4:8a:74:2f:8f:ab:89:b4:e9:
63:f5:d5:75:22:e4:50:53:47:1f:7a:eb:d9:ca:ec:
6e:52:1b:12:ca:91:89:af:28:9e:40:ba:63:30:b9:
52:25:6a:20:cf:4b:6e:a8:be:36:35:82:a7:a4:9f:
c5:f9:6e:c6:4c:e2:70:a8:0d:33:5b:6f:59:f2:2d:
47:a0:1e:a0:ca:7b:b8:13:c2:fa:4a:ce:bd:6f:45:
2d:dd:60:d7:0d:87:ac:46:42:79:70:58:8c:ad:7f:
f2:6e:08:1f:7e:e8:e2:f7:54:62:79:7a:b0:6a:0c:
92:ef:18:ab:9f:ae:09:11:29:2b:c9:b5:a9:6a:6c:
91:ad:25:fb:0a:24:7c:d8:9d:47:32:65:87:21:a5:
47:e6:45:f4:52:a1:13:94:9f:0b:a4:42:69:0e:1b:
1c:e5:5c:a4:43:06:44:b4:aa:af:53:01:65:59:de:
f9:17:63:27:ee:ff:81:16:a5:30:42:f8:f5:80:9c:
85:db:4b:80:e8:41:11:bd:82:30:0c:b1:d6:58:6a:
3e:42:5d:68:bb:5a:5c:a4:3a:7f:f3:22:58:08:ac:
eb:d7:98:dd:33:b2:be:17:77:b8:a8:3d:71:8f:67:
1a:08:0e:53:c6:53:23:63:bf:2a:90:e9:26:ed:47:
26:be:a6:d6:6c:a1:48:19:a8:0f:17:79:6b:70:2b:
d5:99:bd:1c:06:b9:ab:62:ef:a9:9a:30:73:ed:ce:
7c:d1:a0:46:c2:1a:d6:4f:14:dd:04:78:3f:53:38:
84:91:0c:8e:59:ac:bf:7c:0c:15:21:ca:b4:b0:3c:
79:b4:db:85:e6:69:ab:14:f4:1d:97:cb:c7:2f:14:
b6:b8:bb:69:d0:7b:3c:37:55:e3:d7:6f:0c:0a:67:
e6:e9:91:c4:82:bb:ef:63:bf:1d:b9:fb:fa:a0:0b:
26:a9:0e:40:87:0a:0d:6e:58:3e:f8:14:49:b6:70:
23:d7:68:f3:4d:0f:19:c5:a5:d0:cc:bd:9a:58:07:
3b:c2:36:ce:69:57:e3:c0:14:42:2a:63:17:57:57:
fc:24:42:2d:40:1f:43:fe:40:6e:ff:f8:03:32:f6:
e8:55:33:c5:52:d4:59:41:cd:3c:5e:1f:21:12:f8:
d4:6d:01:43:12:14:fb:45:1e:8e:af:31:f7:8a:32:
ca:46:f6:91:d8:9a:97:c1:30:9e:23:69:13:7d:c6:
a3:d6:a5:09:5c:9d:77:5a:fa:86:81:90:bf:3a:cd:
6e:18:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
47:D7:0A:FE:83:84:08:D6:18:BD:92:92:DB:16:D3:0B:DC:0E:32:A8
X509v3 Authority Key Identifier:
keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
Authority Information Access:
OCSP - URI:http://ocsp.int-x3.letsencrypt.org/
CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
X509v3 Subject Alternative Name:
DNS:secure-us.univadis.com, DNS:univadis.com, DNS:www.univadis.com
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
CPS: http://cps.letsencrypt.org
User Notice:
Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/
Signature Algorithm: sha256WithRSAEncryption
9a:4a:c9:2c:d7:21:66:3e:5d:67:6a:4a:4e:96:48:43:9c:e6:
59:b0:2b:60:e5:2f:0f:3f:f7:5d:61:05:17:ff:9f:4b:ad:77:
b2:e0:86:d1:2e:b9:dc:ad:8a:75:bb:d5:c9:76:2e:56:0c:28:
18:7b:8b:58:e6:3d:0e:f5:49:f6:d1:79:bb:a7:5a:be:21:1a:
3b:d1:b7:d7:65:96:7b:9f:4d:07:1e:47:92:a6:18:92:d3:0e:
40:0e:7b:1b:07:06:17:cf:48:1e:8e:bf:1e:ee:a1:96:62:db:
68:1b:4d:e0:64:d1:3d:1b:4b:b6:d8:7c:ca:d0:e2:96:7e:65:
f3:fc:8d:75:6c:95:ee:5a:37:31:a7:bd:7a:03:bd:56:91:7d:
68:5d:60:76:83:04:97:75:fd:c5:47:fb:76:a1:92:a2:fd:b4:
10:55:25:70:40:e3:db:bb:9f:2d:fc:bb:a3:42:30:0a:f2:dd:
a8:f3:a3:f8:ec:fa:0e:20:a8:24:c8:17:47:3a:3c:16:ab:7f:
3d:ec:c3:9a:2e:18:fe:1c:42:17:d6:7a:16:01:d8:9e:d8:ab:
ee:1e:7d:b4:3b:d9:62:38:41:31:18:d3:0a:47:b8:27:2f:d5:
d9:59:91:9d:a3:a4:70:60:fb:8e:19:c8:ba:a4:fe:3e:1a:38:
77:6d:fe:70
Subject:
commonName = univadis.com
Issuer:
commonName = Let's Encrypt Authority X3
organizationName = Let's Encrypt
countryName = US
X509v3 Subject Key Identifier:
47:D7:0A:FE:83:84:08:D6:18:BD:92:92:DB:16:D3:0B:DC:0E:32:A8
X509v3 Authority Key Identifier:
keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
Subject:
commonName = Let's Encrypt Authority X3
organizationName = Let's Encrypt
countryName = US
Issuer:
commonName = DST Root CA X3
organizationName = Digital Signature Trust Co.
X509v3 Subject Key Identifier:
A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
X509v3 Authority Key Identifier:
keyid:C4:A7:B1:A4:7B:2C:71:FA:DB:E1:4B:90:75:FF:C4:15:60:85:89:10
Subject:
commonName = DST Root CA X3
organizationName = Digital Signature Trust Co.
X509v3 Subject Key Identifier:
C4:A7:B1:A4:7B:2C:71:FA:DB:E1:4B:90:75:FF:C4:15:60:85:89:10
X509v3 Basic Constraints: critical
CA:TRUE
$ head -3 /etc/ssl/certs/DST_Root_CA_X3.pem
-----BEGIN CERTIFICATE-----
MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
$ openssl x509 -in /etc/ssl/certs/DST_Root_CA_X3.pem -text -noout
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:af:b0:80:d6:a3:27:ba:89:30:39:86:2e:f8:40:6b
Signature Algorithm: sha1WithRSAEncryption
Issuer: O=Digital Signature Trust Co., CN=DST Root CA X3
Validity
Not Before: Sep 30 21:12:19 2000 GMT
Not After : Sep 30 14:01:15 2021 GMT
Subject: O=Digital Signature Trust Co., CN=DST Root CA X3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:df:af:e9:97:50:08:83:57:b4:cc:62:65:f6:90:
82:ec:c7:d3:2c:6b:30:ca:5b:ec:d9:c3:7d:c7:40:
c1:18:14:8b:e0:e8:33:76:49:2a:e3:3f:21:49:93:
ac:4e:0e:af:3e:48:cb:65:ee:fc:d3:21:0f:65:d2:
2a:d9:32:8f:8c:e5:f7:77:b0:12:7b:b5:95:c0:89:
a3:a9:ba:ed:73:2e:7a:0c:06:32:83:a2:7e:8a:14:
30:cd:11:a0:e1:2a:38:b9:79:0a:31:fd:50:bd:80:
65:df:b7:51:63:83:c8:e2:88:61:ea:4b:61:81:ec:
52:6b:b9:a2:e2:4b:1a:28:9f:48:a3:9e:0c:da:09:
8e:3e:17:2e:1e:dd:20:df:5b:c6:2a:8a:ab:2e:bd:
70:ad:c5:0b:1a:25:90:74:72:c5:7b:6a:ab:34:d6:
30:89:ff:e5:68:13:7b:54:0b:c8:d6:ae:ec:5a:9c:
92:1e:3d:64:b3:8c:c6:df:bf:c9:41:70:ec:16:72:
d5:26:ec:38:55:39:43:d0:fc:fd:18:5c:40:f1:97:
eb:d5:9a:9b:8d:1d:ba:da:25:b9:c6:d8:df:c1:15:
02:3a:ab:da:6e:f1:3e:2e:f5:5c:08:9c:3c:d6:83:
69:e4:10:9b:19:2a:b6:29:57:e3:e5:3d:9b:9f:f0:
02:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Subject Key Identifier:
C4:A7:B1:A4:7B:2C:71:FA:DB:E1:4B:90:75:FF:C4:15:60:85:89:10
Signature Algorithm: sha1WithRSAEncryption
a3:1a:2c:9b:17:00:5c:a9:1e:ee:28:66:37:3a:bf:83:c7:3f:
4b:c3:09:a0:95:20:5d:e3:d9:59:44:d2:3e:0d:3e:bd:8a:4b:
a0:74:1f:ce:10:82:9c:74:1a:1d:7e:98:1a:dd:cb:13:4b:b3:
20:44:e4:91:e9:cc:fc:7d:a5:db:6a:e5:fe:e6:fd:e0:4e:dd:
b7:00:3a:b5:70:49:af:f2:e5:eb:02:f1:d1:02:8b:19:cb:94:
3a:5e:48:c4:18:1e:58:19:5f:1e:02:5a:f0:0c:f1:b1:ad:a9:
dc:59:86:8b:6e:e9:91:f5:86:ca:fa:b9:66:33:aa:59:5b:ce:
e2:a7:16:73:47:cb:2b:cc:99:b0:37:48:cf:e3:56:4b:f5:cf:
0f:0c:72:32:87:c6:f0:44:bb:53:72:6d:43:f5:26:48:9a:52:
67:b7:58:ab:fe:67:76:71:78:db:0d:a2:56:14:13:39:24:31:
85:a2:a8:02:5a:30:47:e1:dd:50:07:bc:02:09:90:00:eb:64:
63:60:9b:16:bc:88:c9:12:e6:d2:7d:91:8b:f9:3d:32:8d:65:
b4:e9:7c:b1:57:76:ea:c5:b6:28:39:bf:15:65:1c:c8:f6:77:
96:6a:0a:8d:77:0b:d8:91:0b:04:8e:07:db:29:b6:0a:ee:9d:
82:35:35:10
$ curl -I https://www.univadis.com
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
$ docker run --rm -ti debian bash
$ apt-get update
$ apt-get install -y --no-install-recommends curl
$ apt-get install -y --no-install-recommends ca-certificates
$ curl -I https://www.univadis.com
HTTP/1.1 200 OK
Domain Validation
/year
Organisation Validation
/year
Extended Validation
/year
https://github.com/letsencrypt/letsencrypt
https://www.ssllabs.com/ssltest/
# apache2.conf
SSLHonorCipherOrder on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
https://mozilla.github.io/server-side-tls/ssl-config-generator/
Web Server
Pro:
- Easy to setup
Con:
- Not scalable
Load Balancer
Web Server
Web Server
Pro:
- Only one certificate
Con:
- Man in the middle attack
Load Balancer
Web Server
Web Server
Pro:
- fully secured
Con:
- Many certificate locations
- No session balancing
Load Balancer
Web Server
Web Server
Reverse Proxy
What others know
What I know
What I think
What I know
Reallity