Let's go HTTPS

ROME 18-19 MARCH 2016

Let's Go ! HTTPSSimone Carle4

! HTTPS

I About HTTPS

II Obtaining an SSL cer?ficate

III Deploying an SSL cer?ficate

IV Serving HTTPS

Simone Carle4@weppos

About HTTPS

What is HTTPS?

HTTPS (also called HTTP over TLS, HTTP over SSL, and HTTP Secure) is a protocol for secure communica?on over a computer network which is widely used on the Internet. HTTPS consists of communica?on over Hypertext Transfer Protocol (HTTP) within a connec?on encrypted by Transport Layer Security or its predecessor, Secure Sockets Layer. hTps://en.wikipedia.org/wiki/HTTPS

What is HTTPS?HTTPS is a secure HTTP connec?on.

HTTPS is HTTP over an encrypted connec?on secured by TLS (previously SSL).

HTTPS is how websites securely exchange informa?on.

Secure Connec@on

Encryp@on The process of encoding messages or informa?on in such a way that only authorized par?es can read it.

Authen@ca@on The process of determining whether someone or something is, in fact, who or what it is declared to be.

KEEP CALM AND

HTTP IS NOT ENCRYPTED

HTTP ResponseHTTP Request

! HTTPS RequestHTTP Request

Authen@ca@on

SSL Cer@ficate

Why HTTPS?

! Security

! Ranking factor

! HTTP/2

! HTML 5 features

! Chrome Geo loca?on

! Firefox form + HTTPSIV

! Security

• Data integrity

• User sensible informa?on

• Unencrypted traffic can be:

• sniffed

• modified (e.g. adver?sement or script injec?on)

! Ranking factorhTps://webmasters.googleblog.com/2014/08/hTps-as-ranking-signal.html

! HTTP/2hTps://webmasters.googleblog.com/2014/08/hTps-as-ranking-signal.html

! HTML 5 powerful featureshTps://blog.mozilla.org/security/2015/04/30/depreca?ng-non-secure-hTp/

hTps://sites.google.com/a/chromium.org/dev/Home/chromium-security/depreca?ng-powerful-features-on-insecure-origins

! Chrome Geo locationhTps://codereview.chromium.org/1530403002/

! Firefox form + HTTPShTps://www.fxsitecompat.com/en-CA/docs/2015/non-hTps-sites-containing-login-form-will-be-marked-insecure/

" SSL Cer@ficateA cer?ficate is a digital document that contains a public key, some informa?on about the en?ty associated with it, and a digital signature from the cer?ficate issuer.

x.509 SSL Cer@ficate

# Version $ Serial Number % Issuer & Validity ' Subject ( Public Key

) Extensions

Cer@ficate Types! Single-name cer?ficate example.com

! Wildcard-name cer?ficate *.example.com

! SAN cer?ficate example.com, www.example.com, foobar.com, …

Symmetric vs Asymmetric

encrypt

decrypt

Shared secret key(

Jane public key

Jane private key

decrypt

encrypt

encryp@on

Symmetric encryp@on

"hello world!" "puggy eyxgr!"

"hello world!""puggy eyxgr!"

[["a", "b"],

["b", "w"],

["c", "n"],

["d", "r"],

["e", "u"],

["f", "o"],

["g", "v"],

["h", "p"],

["i", "s"],

["j", "z"],

["k", "k"],

["l", "g"],

["m", "m"],

["n", "h"],

["o", "y"],

["p", "c"],

["q", "j"],

["r", "x"],

["s", "d"],

["t", "t"],

["u", "f"],

["v", "i"],

["w", "e"],

["x", "l"],

["y", "a"],

["z", "q"]]

John encrypts John sends to Jane

Jane receives from John Jane decrypts

How does HTTPS work?

It's not a one-click setup :(yet

Handshake, -

DISCLAIMER: This schema is simplified on purpose.

HandshakeSYN

HandshakeSYN SYN ACK

. Client Random

( Cipher suites

ClientHello

. Client Random

( Cipher suites

/ Server Random

( Cipher suite

" Cer?ficates

0 Session ID

1 Server key exchange data

ClientHello

ServerHello, Cer?ficate, ServerKeyExchange, ServerHelloDone

. Client Random

( Cipher suites

/ Server Random

( Cipher suite

" Cer?ficates

0 Session ID

ClientHello

1 Client key exchange dataClientKeyExchange

. Client Random

( Cipher suites

/ Server Random

( Cipher suite

" Cer?ficates

0 Session ID

ClientHello

1 Client key exchange dataClientKeyExchange

SYMMETRIC KEY IS GENERATED

. Client Random

( Cipher suites

/ Server Random

( Cipher suite

" Cer?ficates

0 Session ID

ClientHello

1 Client key exchange data

! Client switches to encryp?on

! MAC of handshake

ClientKeyExchange

ChangeCipherSpec, Finished

. Client Random

( Cipher suites

/ Server Random

( Cipher suite

" Cer?ficates

0 Session ID

ClientHello

! MAC of handshake

ClientKeyExchange

! Server switches to encryp?on

! MAC of handshake

. Client Random

( Cipher suites

/ Server Random

( Cipher suite

" Cer?ficates

0 Session ID

ClientHello

! MAC of handshake

ClientKeyExchange

! Server switches to encryp?on

! MAC of handshake

2 Applica?on data2 Applica?on data

Cipher Suites

A cipher suite is a selec?on of cryptographic primi?ves and other parameters that defines exactly how security will be implemented.

Bulletproof SSL and TLS

Cryptographic primi@ves

At the lowest level, cryptography relies on various cryptographic primi0ves. Each primi?ve is designed with a par?cular useful func?onality in mind. The primi?ves alone are not very useful, but we can combine them into schemes and protocols to provide robust security. For example, we might use one primi?ve for hashing, one for encryp@on and another for integrity checking.

Obtaining an SSL cer@ficate

self signed vs trusted• Provides encryp?on

• Provides authen?ca?on

• Issued and signed by a publicly trusted Cer?fica?on Authority

• Suitable for produc?on environments as well for tes?ng

• Generally not free

• Provides encryp?on

• Doesn't provide authen?ca?on

• self-signed

• Generally used for tes?ng

• Free

Cer?ficate AuthorityA Cer?ficate Authority (CA) is a trusted, private en?ty that issues digital cer?ficates.

Chain of trust

• Browsers and opera?ng systems include a list of trusted cer?ficates • These cer?ficates are called root cer'ficates, and they generally belong to trusted

par?es, such as cer?ficate authori?esIV

Chain of trust

• When a cer?ficate authority issues a cer?ficate, they sign the cer?ficate with their root cer?ficate

Chain of trust

• Truthfully, in most cases cer?fica?on authori?es use sub-cer?ficates to sign your cer?ficate

• These cer?ficates are called intermediate cer'ficates, and they are signed with a root cer?ficateIV

Chain of trust

• When the browser connects to a site via HTTPS, the browser reads the site cer?ficate

• The cer?ficate doesn't match a trusted root cer?ficateIV

Chain of trust

• The browser aTempts to download the cer?ficate that was used to sign the current cer?ficate

• The cer?ficate doesn't match a trusted root cer?ficateIV

Chain of trust

• The cer?ficate matches a root cer?ficate • The original cer@ficate is trusted :) • The en?re cer@ficate chain is trusted

Chain of trust

• The cer?ficate doesn't match a root cer?ficate, and there are no more cer?ficates • The original cer@ficate is untrusted :( • The en?re cer@ficate chain is untrusted

Create a Cer@ficateGenerate a

Private/Public key pair$ openssl genrsa -des3 -out private.key 2048

... Enter pass phrase for private.key: Verifying - Enter pass phrase for private.key:

Private/Public key pair

Generate a

Cer?ficate Signing Request (CSR)

$ openssl req -nodes -new -key private.key -out server.csr

... Country Name (2 letter code) [AU]:US Common Name (eg, YOUR name) []:www.example.com ...

Generate a

for a self-signed cer?ficate

Sign the cer?ficate

$ openssl x509 -req -days 365 -in server.csr -signkey private.key -out certificate.pem

hTps://devcenter.heroku.com/ar?cles/ssl-cer?ficate-self

Request a trusted Cer@ficateGenerate a

Generate a

for a trusted cer?ficate

Request the Cer?ficate (*)

Request generally means purchase.

You can purchase an SSL cer?ficate either from a CA, or a reseller.

Some providers offer visual tools that help you with the request process (e.g. by genera?ng the CSR)

Request a trusted Cer@ficateGenerate a

Generate a

for a trusted cer?ficate

Request the Cer?ficate (*)

• Select the cer?ficate type

• Submit the CSR

• Validate the request

• Obtain the cer?ficate

! (DV) Domain Validated asserts control of a domain

! (OV) Organiza?on Validated asserts control of a domain as well basic organiza?onal vepng

! (EV) Extended Valida?on asserts control of a domain as well extended organiza?onal vepng

Cer@ficate Types

5 Now you should have

1. A CSR file

2. A cer?ficate file

3. A private key file

4. (op0onally) A list of

intermediate cer?ficate files

Deploying an SSL cer@ficate

Install the cer@ficate on the server along with the private key, and intermediate cer?ficate chain.

Configure HTTPS configure protocol version, cypher suite and cypher sepngs.

To deploy HTTPS you need to:

History of secure protocolsSSL 1 Never released

SSL 2 1996 A number of security flaws

SSL 3 1995 Broken. Vulnerable to POODLE aTack

TLS 1.0 1999

TLS 1.1 2006

TLS 1.2 2008IV

Example configserver { listen 443 ssl http2; listen [::]:443 ssl http2;

# ssl certificate config ssl_certificate /path/to/certificate_and_intermediates; ssl_certificate_key /path/to/private_key;

# ssl session config ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off;

# protocol and cipher config ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; ssl_prefer_server_ciphers on; }

hTps://mozilla.github.io/server-side-tls/ssl-config-generator/hTps://cipherli.st/

Heroku$ heroku addons:create ssl:endpoint Adding ssl:endpoint on example... done, v1 ($20/mo)

$ heroku certs:add server.crt server.key Adding SSL Endpoint to example... done example now served by example-2121.herokussl.com. Certificate details: Expires At: 2012-10-31 21:53:18 GMT Issuer: C=US; ST=CA; L=SF; O=Heroku; CN=www.example.com Starts At: 2011-11-01 21:53:18 GMT

hTps://devcenter.heroku.com/ar?cles/ssl-endpoint

hTps://devcenter.heroku.com/ar?cles/ssl-cer?ficate-dnsimpleIV

Caddy server

hTps://caddyserver.com/

Caddy server

hTps://www.ssllabs.com/ssltest/

Lifecycle of a Cer@ficate

6 Requested

! Issued

& Expired

4 Revoked

7 Rekeyed

Serving HTTPS

Cookie security$ curl -I https://dnsimple.com

HTTP/1.1 200 OK Server: nginx Date: Tue, 15 Mar 2016 15:52:08 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive ETag: W/"f2d21600cdff911b9ee6a44dabcda234" Cache-Control: max-age=0, private, must-revalidate Set-Cookie: _session=eccefb19761929d668000056d1b2; path=/; HttpOnly; secure X-Request-Id: 9d77f4c5-ab6b-443e-91bd-76a0383d8ab5 X-Runtime: 0.016254 Strict-Transport-Security: max-age=31536000

Cookie security$ curl -I https://dnsimple.com

Mixed Content security error

Chrome security debugger

HSTS Header$ curl -I https://dnsimple.com

HSTS Header

The first ?me your site is accessed using HTTPS and it returns the Strict-Transport-Security header, the browser records this informa?on, so that future aTempts to load the site using HTTP will automa?cally use HTTPS instead.

When the expira?on ?me specified by the Strict-Transport-Security header elapses, the next aTempt to load the site via HTTP will proceed as normal instead of automa?cally using HTTPS.

Strict-Transport-Security: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

HSTS Header

The first ?me your site is accessed using HTTPS and it returns the Strict-Transport-Security header, the browser records this informa?on, so that future aTempts to load the site using HTTP will automa?cally use HTTPS instead.

When the expira?on ?me specified by the Strict-Transport-Security header elapses, the next aTempt to load the site via HTTP will proceed as normal instead of automa?cally using HTTPS.

Strict-Transport-Security: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

HSTS HeaderStrict-Transport-Security: max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

hTps://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security

hTps://hstspreload.appspot.com/

Public Key Pinning

hTps://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning

Public-Key-Pins: pin-sha256="base64=="; max-age=expireTime [; includeSubdomains][; report-uri="reportURI"]

Public-Key-Pins: max-age=5184000; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="

SecurityHeaders.io

Let's Encrypt

Bulletproof SSL and TLS

hTp://bit.ly/codemo?on2016-sslbook

⋆⋆⋆⋆⋆

Simone Carle4! hTps://simonecarlep.com

@weppos

Thanks!

Let's go HTTPS

Internet

Transcript of Let's go HTTPS

Let's Go Crazy

Let's go! 4th edition unit 4 let's talk

Let's Go 1a. Unit3. Let's Build

Let's Go! August 2012

Let's Go Out-UAE

Let's Go-lang

Let's go gardening!

Let's GO! December

Let's Go Mobile

Let's Go 2- U 1 Let's Start. Ppt

Let's go fly

MF90 Let's go

LET'S GO PICNIC

Let's go to london

Let's Go 4 Workbook

ZTE MF65 Let's go

Let's Go Shopping!

Clean screen - Let's go!

Let's go to Canada

Let's go international