G
G
Gil Galad2021-09-23 11:03:10
Digital certificates
Gil Galad, 2021-09-23 11:03:10

Is it possible to fake an SSL certificate for a website?

It's very easy to issue a free ssl certificate lately. It is enough just to confirm ownership of the domain by placing a file with a special code.

Theoretically, I see the possibility of intercepting traffic and emulating the victim's website to confirm ownership of the domain. Similar opportunities are available, for example, for hosting/channel/backbone providers. Further, the issue of a duplicate certificate and the introduction of traffic to the site through a special server that can decrypt all traffic or only selected site visitors, and simply proxy the rest.

In fact, it turns out that the duplicate certificate is working and valid. The root certificate is correct and initially installed for everyone as trusted, like Let's Encrypt.

1. Is this possible in practice?
2. Do browsers protect against such an attack? Will they warn about such a substitution? And, if it's not repeated, when the browser cached the server's certificate, but the first connection?
3. Is it possible to check which server certificate the client received as a result?
3.1. On the client side? API JS does not give access to the certificate as far as I understand. It is possible to somehow notify the server about the attack and so that there is no way to intercept this information.
3.2. On the server side? Although there is little that can be done in my opinion without feedback from the client.

PS Of course, there is a DNS CAA record that prohibits issuing certificates, but this protection is more for correctly configured commercial certificates, and not for mass-produced free ones from Let's Encrypt.

Answer the question

In order to leave comments, you need to log in

3 answer(s)
K
ky0, 2021-09-23
@Gil Galad

Read the specification on ACME , it describes in detail what measures are taken against possible attacks.
If the attacker has access to the DNS records of the domain or to the web server settings/site files, of course, he can issue his own valid certificate. But this is about the same security failure as, by analogy, physical access to the machine - in this case, nothing can be done.
To insure against illegitimate certificates - you can add HPKP .

C
CityCat4, 2021-09-24
@CityCat4

A discussion of an attack usually begins with its expediency. The expediency of an attack on the perimeter of the office, let's say, is known quite well - theft / destruction of data, interception of control.
What is the feasibility of such an attack for hosting? Yes, none. The hoster already has access to all the files of the client and can quite easily slip any certificate anywhere on it.
What is the feasibility of such an attack for a VPS hoster/provider? Yes, no - he writes everything anyway - why is he still a pain in the ass?
About the fact that LE and his ilk is a scam.
I'm absolutely sure of this :) Free cheese is only known where - and here you are free, but with infrastructure support and other goodies. Usually they say "LE plays on the side of corporations and against the state (here the state means the state in general , and not any particular one)". Sorry, I don't believe in this. Google and whoever else has LE there clearly has some interest in keeping it apart from that.
That's why I never generate certificates online :) Only my CSR, only hardcore.
As for hosting a server in the jurisdiction of the Russian Federation - can you think differently in other countries? It should probably be formulated like this: "do not keep the server in the jurisdiction of the country whose laws you are going to violate." Or do you think that if you live in the USA, host in the USA and violate the laws of the USA, they won't come to you? Well, blessed is he who believes... as long as he doesn't start spitting out his own teeth.
The whole PKI system rests on one statement - In root CA we trust :) Well, that is, we unconditionally trust the certificates issued by the CA, whose certificates we consider to be root. Hence all the possibilities of MitM. Yes, there is HPKP, but using it can bring you a lot of headaches with the inability to open a site that was opened "yesterday".

A
Alexander Falaleev, 2021-11-19
@suffix_ixbt

Yes, there is HPKP, but using it can bring you a lot of headaches with the inability to open a site that was opened "yesterday".

No, nothing bad will happen, because of all the current browsers, HPKP support was cut out a long time ago.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question