Let’s Encrypt Wildcard Certs

Recently Let’s Encrypt announced that they would be supporting wildcard certs. I was pretty excited to hear about this as many times I would like to get certs for machines that might not be accessible on the internet. Currently I didn’t see an easy way to do this. With the new certs you could get a cert on your web server for your domain and use that cert on all the other machines in your domain that need TLS as well.

I decided to try it out and see how easy it was to do. I updated my certbot client to version 0.22 and did some google around and found out that you have to specify the new acme version 2 servers on the client command line in order to generate the wildcard cert. So I found the command and fired it up:

./certbot-auto --server https://acme-v02.api.letsencrypt.org/directory -d *.haskovec.com --manual --preferred-challenges dns-01 certonly

The command runs and asks you a few questions and then presents a DNS challenge. They give you a TXT record that you need to update in your DNS server to prove that you control the domain. I added the record and waited a couple of minutes and next thing you know it generated my new cert.

I updated my NGINX config to point to the new cert restarted the server and hit my site. Next thing I see is an SSL error. It turns out if you only have *.haskovec.com in the cert that isn’t a valid server for the base domain of haskovec.com. So I reran the command again and specified the following:

 ./certbot-auto --server https://acme-v02.api.letsencrypt.org/directory -d haskovec.com -d *.haskovec.com --manual --preferred-challenges dns-01 certonly

This time it asked me if I want to expand my cert to include the new domain name. I said yes. Next it had 2 challenges that I needed to insert into my DNS TXT record. I added them both and finished generating the new cert. When I restarted NGINX my site was back. I ran the https://www.ssllabs.com/ security test on my site and I am still at an A+.

All in all a very easy process and I recommend people give it a try.

Let’s Encrypt

I received an email a week or 2 ago that I was accepted into the EFF’s Let’s Encrypt Beta program to try out their new SSL certificate generation service. It uses the Automated Certificate Management Environment (ACME) protocol. I have been really interested in this program since it was announced as in the past when I have used Start SSL’s certificate system I found their whole validation system to be a little clunky. The idea of a nice automated program that does all the work for me sounded very appealing.

The first thing I had to do was to clone the git repository from github with the scripts to run their program. The first thing I discovered is that yeah this thing is really in beta, I ran the ./letsencrypt-auto command and discovered that nginx isn’t supported yet for plugging the certificate into automatically. This ends up not being that big of a deal since you can just edit your config file and point at the certificate directory.

The biggest weakness I found so far is that I had to shut down nginx to run the let’s encrypt client as it wants to bind to port 80. I think what it is doing is listening on port 80 so that the remote server can verify that I actually own this domain and it is okay to issue this certificate to me. That is nice from a security standpoint but in the documentation they mention running this out of a cron job to update certificates, which if you have to take down the web server might not be ideal. That gets me to the next biggest weakness which is that the certificates expire in 90 days. So far I would say running their app is easier than validating on startssl, but startssl doesn’t need me to take down my web server. They idea I think is that since this is all supposed to be automated you can easily script this out in cron and your system deals with getting new certs and updating them with minimal to no end user interaction after you get it running.

The great things about it is it is pretty fast. Much faster than getting a certificate any other route that I have tried so that sort of offsets having to do it 4 times as much. The price is right cause it is also free. They allow you to have multiple names in your certificate. So now my new cert supports both haskovec.com and www.haskovec.com. I think this process also makes things convenient enough that I hope everyone will start encrypting all their servers by default and using this service.

Whenever I mention something at work about someone using an internal certificate that is self signed I always say they should get a real cert. Hopefully as this gets built out and put into production it will make certificate management so easy and fast that people will just do it by default, and I think that is really when this program is going to pay off for the EFF.

The downside of updating your server config

So a little while back when I had been playing with Pagespeed I somehow managed to break certificate stapling on my server. So when I ran the Qualys SSL Server Test my score had fallen to a B! I messed around and tried a few things and I had no luck getting it to work. One of my friends said the site started to give weird errors under Chrome on Android. Then I was reading this CertSimple Blog entry yesterday and they mentioned the Mozilla Server Side TLS Project, which I don’t think I had heard of. Basically what it does is you enter your server version and your OpenSSL version and how aggressive you want your security settings and it will generate a sample config for you. It will tell you based on how aggressive your settings are what the minimum browser versions are. For example of of the differences between Intermediate and Modern is that they drop support for TLSv1 in Modern and only support TLSv1.1 and TLSv1.2. For most browsers this doesn’t seem to be an issue but if you are running IE that means the minimum browser version is IE 11. I debated whether I should drop TLSv1 support or not, but I figure if I keep it I can support IE back to 7, though I can’t imagine any software engineers that might check out this blog using IE anyway. For now I have kept it but one of these days I will drop it because given the rate of SSL issues with Freak and Logjam lately, it is only a matter of time before someone finds a hole in TLSv1.

As for my issue Mozilla in their example config said my ssl_certificate setting should point to my signed key plus intermediates, whereas previously I only had my signed key there. I had intermediates in the ssl_trusted_certificate with the root certificate, and that was working prior to my gzip changes but for some reason now it wants them in both places or else it does a separate download on the intermediate certificate and drops me to a B. So I am back to my coveted A+ rank, and I think the lesson I learned is one a coworker mentioned to me. They said that they put all of their config files in git so that any time they make a change if there are issues they can look at all previous revisions. In the future if I make any changes here on my server config I think I may do the same and setup a config file repository before I touch anything again just to have easy version control and knowing how to revert if things get ugly.

Speaking of security…

Today I came across the following news.┬áThe Chrome security team is considering marking all non-HTTPS sites as insecure (since they are.)┬áCheck out the story here. What this means is that if you don’t setup SSL on your site you are likely to lose users who are going to fear if your site is safe to use. Google has already announced that they are going to score pages higher in their search index if they use encryption and this is just more incentive for people to take the time to secure their sites. In 2014 it no longer makes sense to run a non-encrypted website. Techdirt also covered the story here.

Update
I forgot to mention you can get free SSL certificates at Start SSL so price isn’t an excuse for not upgrading your site.

Security is about tradeoffs

When I was working on this site on of the first things I did after setting up SSL was to run the Qualys SSL Labs Test on my site. This tool will analyze your site security and point out any weaknesses and assign a grade to your site. I initially scored a C and used the test results to get this site up to an A. When I got to an A I thought I was doing well as I had robust forward secrecy and my scores 100, 95, 80, 90. Then I saw this blog post over here and noticed his site while also had an A score he had a key exchange score of 100. This sent me down the rabbit hole of tweaking SSL configs to figure out how to really get a high score on this test.

After hours of testing I determined the difference was disabling the kEDH Ciphers which are “cipher suites using ephemeral DH key agreement, including anonymous cipher suites.” Once those are disabled my key exchange score went up to 100, however I lost my robust forward secrecy rating. There is the tradeoff if you drop those ciphers there are a bunch of devices out there that can’t do forward secrecy anymore, but if you keep them you are using what are considered to be weaker ciphers. In the end I decided to drop them, and then since I was in there I continued tweaking to one up Christopher Burg and got my site all the way up to an A+ before his. Who says a little friendly competition isn’t good motivation.

For anyone who is curious I looked into what it would take to get all 100s on the test and it is a price I am unwilling to pay at this time. Basically you have to run only TLS1.2 and have things really locked down. The other thing I would like to figure out is are the Camellia ciphers good and considered secure? I saw some sites recommending them, but I haven’t really heard much about them. I would love to know what the security community thinks of them, whether they are considered secure or efficient. I considered testing with them, against the Qualys SSL report card but it was midnight when I finally got to my A+ so I just left things where they were. If you want to check out my score on the test go here. Also check out this lovely image of my report card:

ssl-reportcard