Transport Layer Security: Difference between revisions

According to Wikipedia:

Transport Layer Security (TLS), and its now-deprecated[1] predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communications security over a computer network. Several versions of the protocols find widespread use in applications such as web browsing, email, instant messaging, and voice over IP (VoIP). Websites can use TLS to secure all communications between their servers and web browsers.

Implementations

There are four TLS implementations available in the official repositories. OpenSSL is the only one part of the base group (albeit indirectly).

• OpenSSL — A robust, commercial-grade, and full-featured toolkit for the TLS and SSL protocols; also a general-purpose cryptography library.

https://www.openssl.org/ || openssl

• GnuTLS — A free software implementation of the TLS, SSL and DTLS protocols. Offers APIs for X.509, PKCS #12, OpenPGP and other structures.

https://www.gnutls.org/ || gnutls

• Network Security Services (NSS) — Implementation of cryptographic libraries supporting TLS/SSL and S/MIME. Also supports TLS acceleration and smart cards.

https://developer.mozilla.org/NSS || nss

• mbed TLS — Portable SSL/TLS implementation, aka PolarSSL.

https://tls.mbed.org/ || mbedtls

Certificate authorities

With TLS you trust in a set of certificate authorities (CAs) and when you receive a public key certificate from a server, your client verifies that it is signed by a certificate authority, which you trust. On Arch Linux the certificate authorities are provided by the ca-certificates package, which is indirectly part of the base group, because of the dependency chain (pacman > curl > ca-certificates), and has the following dependency tree (excerpt):

• ca-certificates
  Is just an anchor point, other packages depend on.
  • ca-certificates-mozilla
    Contains only the /usr/share/ca-certificates/trust-source/mozilla.trust.p11-kit file, generated from the Mozilla CA Certificate Store, which is also part of NSS (/usr/lib/libnssckbi.so).
    • ca-certificates-utils
      Provides the update-ca-trust(8) script and the same-named pacman hook.
      • p11-kit
        Provides the trust(1) utility.

Trust management

See Security#Managing SSL certificates on how to distrust/blacklist a certificate authority.

Trust a certificate authority system-wide

# trust anchor certificate.crt

This is for example required to allow a HTTPS MITM proxy to intercept traffic.

Obtaining a certificate

The first step is to generate an RSA private key. Before generating the key, set a restrictive file mode creation mask with umask (for example 077).

A certificate can be obtained either from a certificate authority with a Certificate Signing Request (CSR) or self-signed. While self-signed certificates can be generated easily, clients will reject them by default, meaning that every client needs to be configured to trust the self-signed certificate.

For the actual generation commands refer to the article of the used implementation:

• OpenSSL#Usage
• GnuTLS#Usage
• Network Security Services#Usage
• mbed TLS#Usage

Server-side recommendations

Because there are various attacks against TLS the best practices should be considered:

• Disable SSLv3 to prevent the POODLE attack.
• weakdh.org's Guide to Deploying Diffie-Hellman for TLS
• Mozilla's Server Side TLS article
• SSL Labs' SSL and TLS Deployment Best Practices
• Cipherli.st

Checking TLS

Programs to check TLS:

• testssl.sh
• Nmap
• OpenSSL
• cipherscan

Websites to check TLS:

• https://dev.ssllabs.com/ssltest/ (only HTTPS)
• https://www.checktls.com/ (only email)
• https://www.htbridge.com/ssl/ (any port)
• https://tls.imirhil.fr/tls (any port)

Miscellaneous

ACME

The Automated Certificate Management Environment (ACME) protocol lets you request valid X.509 certificates from certificate authorities, like Let's Encrypt.

See also List of ACME clients.

• acme.sh — A pure Unix shell script ACME client.

https://github.com/Neilpang/acme.sh || acme.sh-git^AUR

• acme-client — Secure Let's Encrypt client, written in C

https://kristaps.bsd.lv/acme-client/ || acme-client^AUR

• acme-tiny — A 200-line Python script to issue and renew TLS certs from Let's Encrypt.

https://github.com/diafygi/acme-tiny || acme-tiny

• acmetool — An easy-to-use ACME CLI.

https://github.com/hlandau/acme || acmetool^AUR, acmetool-git^AUR

• Certbot — ACME client recommended by Let's Encrypt.

https://github.com/certbot/certbot || certbot

• dehydrated — ACME client, written in Bash.

https://github.com/lukas2511/dehydrated || dehydrated^AUR, dehydrated-git^AUR

• getssl — ACME client, written in Bash.

https://github.com/srvrco/getssl || getssl^AUR, getssl-git^AUR

• lego — Lets Encrypt client and ACME library, written in Go.

https://github.com/xenolf/lego || lego-git^AUR

• letsencrypt-cli — Yet another Letsencrypt (ACME) client using Ruby.

https://github.com/zealot128/ruby-acme-cli || letsencrypt-cli^AUR

• manuale — A fully manual Let's Encrypt client, written in Python.

https://github.com/veeti/manuale || manuale^AUR

• ruby-acme-client — A Ruby client for the letsencrypt's ACME protocol.

https://github.com/unixcharles/acme-client || ruby-acme-client^AUR

• simp_le — Simple Let's Encrypt client, written in Python.

https://github.com/zenhack/simp_le || simp_le-git^AUR

OCSP

The Online Certificate Status Protocol (OCSP) is supported by Firefox, Chromium has its own mechanism[2].

See also ocsptool(1) by GnuTLS and ocsp(1ssl) by OpenSSL.

HSTS

The HTTP Strict Transport Security (HSTS) mechanism is supported by Firefox, Chromium and wget (~/.wget-hsts).

See also

• Gentoo:Certificates
• A note about SSL/TLS trusted certificate stores, and platforms (OpenSSL and GnuTLS)