HTTPS
Published on 2015-07-21 | Last modified on 2015-07-21
Update (2015-07-21): fix the link to the Apache configuration file.
This document will not explain why to use HTTPS for your site, but assume you are already convinced :-)
Certificate Authority
So if you want to do HTTPS everyone focuses only on the certificate and the costs, but the costs seem to be going down or reach zero in some cases, although that can be treacherous in some cases, like StartSSL. Personally I've used https://namecheap.com, because at the time they were one of the cheaper ones that supported SHA-256 for signing the certificates. I do not recommend to use StartSSL because they have a ridiculous policy regarding revoking certificates. You have to pay to revoke. This is SO bad, and considering you may require revocation at some point because someone compromised your server... not a great prospect. You can also use CAcert (not recommended), or wait for Let's Encrypt.
Generating the signing request
Many tutorials only tell you to do the wrong thing. Either they are old, or obsolete or do crazy things. It is important to generate the private key on a physical device, e.g. your laptop, as virtual machines potentially have bad random due to the lack of entropy.
Below is the procedure I used for IndieCert. To generate the private key:
$ openssl genrsa -out indiecert.net.key 2048
Create a file indiecert.net.cnf containing the following:
[req]
prompt = no
distinguished_name = distinguished_name
[distinguished_name]
CN = www.indiecert.net
[v3_req]
subjectAltName = DNS:www.indiecert.net, DNS:indiecert.net
Now generate the CSR:
$ openssl req -sha256 -new -reqexts v3_req -config indiecert.net.cnf -key indiecert.net.key -out indiecert.net.csr
Because OpenSSL (and the config) is so tricky to get right, also here the output of the CSR in "human readable" form:
$ openssl req -in indiecert.net.csr -noout -text
Certificate Request:
Data:
Version: 0 (0x0)
Subject: CN=www.indiecert.net
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: <strong>(2048 bit)</strong>
Modulus:
00:b8:fa:6b:12:e8:50:c8:22:db:ea:2e:1a:99:dc:
8d:45:ff:89:ac:c8:1d:6d:02:25:ff:17:fa:4b:67:
00:28:39:16:82:12:e1:82:52:ae:06:1b:2a:6f:2f:
af:bd:a5:41:46:91:86:81:67:02:50:fc:f8:44:a7:
67:66:e2:69:48:08:e1:25:8a:2d:c0:b1:8e:b7:05:
f3:7f:ab:68:0e:46:41:5a:f3:e2:dd:c8:60:70:c4:
9a:4b:e7:34:1b:8c:07:5d:da:72:42:1a:ee:8e:4b:
ce:ec:da:6e:3e:b7:b2:b9:d2:41:78:09:ad:4d:3a:
8a:ab:51:ec:32:9d:7b:ba:c5:3d:81:c4:11:78:8c:
e4:04:ef:67:24:88:f2:28:33:c8:71:1c:e2:c6:f2:
38:2e:57:6c:94:6f:f8:a9:fd:4d:4a:67:29:d9:2e:
3c:7e:11:1a:cf:39:d2:e2:89:11:38:6a:09:10:36:
8c:93:04:28:79:f7:a7:f4:5c:8f:f3:2e:2c:0a:a5:
90:74:cb:63:4a:c8:d9:d2:1d:ab:4b:6a:1e:eb:f1:
8e:85:f4:5b:90:1c:51:d5:df:b1:82:6c:b2:a6:d0:
7e:01:0b:44:ec:96:3e:2d:0f:6e:87:21:2d:70:26:
b6:3a:f5:81:e4:a8:2d:b4:ca:8a:d3:29:ad:0f:c3:
9d:49
Exponent: 65537 (0x10001)
Attributes:
Requested Extensions:
X509v3 Subject Alternative Name:
DNS:www.indiecert.net, DNS:indiecert.net
Signature Algorithm: <strong>sha256WithRSAEncryption</strong>
52:f7:9d:14:b4:43:de:52:0b:6f:aa:ff:7a:32:cf:ca:5e:6c:
09:94:32:02:77:8c:ed:03:07:6e:e6:d4:a8:12:74:21:fb:bc:
a8:e5:ac:c4:af:6a:df:86:c0:05:07:3c:9e:53:de:ab:bb:37:
55:2a:f3:f8:1d:fe:6e:92:21:44:bb:3e:c4:a9:fe:a4:4d:f4:
68:1d:6b:fe:59:ea:95:d6:4f:2b:9f:cc:f9:0d:a2:7e:e0:96:
8d:32:8b:1c:39:d4:b6:b2:6e:70:98:b2:c1:da:df:5f:72:e2:
50:0a:54:08:05:f7:82:23:8f:89:4f:94:c4:0c:a1:7b:33:cc:
ed:0f:5d:87:ed:98:64:e7:b2:ef:1f:12:08:6c:8a:6e:dc:d2:
85:f9:77:ec:77:ce:53:63:a7:21:37:21:53:51:cb:7e:a8:d3:
a5:e6:43:e2:96:de:10:83:e4:8a:8a:05:1d:5f:65:31:8d:d1:
8c:8d:2f:9e:04:1c:9e:d5:c9:88:40:eb:7d:7d:34:8d:43:37:
71:d9:fd:45:34:4a:b2:c2:80:0f:85:2d:ed:5c:0d:5d:ef:ae:
3b:94:ea:3a:ea:3b:ad:f3:90:46:6e:a6:4a:d6:c7:57:36:3a:
c2:71:ef:f7:d8:8d:cc:16:c1:2f:6f:ca:3f:bb:e0:2d:73:bc:
04:59:89:07
It is important to make sure you have at least an 2048 bits public key, and that SHA-256 was used for the signature. This will in most cases trigger the CA to also use SHA-256 if they still support SHA-1 as well.
Most CAs will override the CN and the Subject Alternative Name in most cases, but it doesn't hurt to get it right yourself :-)
CA procedure
The CA will now take this CSR and sign it and send you a signed certificate and also in most cases a certificate chain:
$ openssl x509 -inform PEM -in www_indiecert_net.crt -noout -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f1:ce:c2:0e:e7:b4:2f:d8:c4:a5:78:c5:e9:f5:4b:07
Signature Algorithm: <strong>sha256WithRSAEncryption</strong>
Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA
Validity
Not Before: Feb 18 00:00:00 2015 GMT
Not After : Feb 18 23:59:59 2016 GMT
Subject: <strong>OU=Domain Control Validated, OU=PositiveSSL, CN=www.indiecert.net</strong>
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:e1:4c:bd:f2:03:cb:cd:d9:33:b4:56:c4:a3:52:
2d:47:4e:1a:df:5a:8b:9e:75:01:51:29:9a:37:83:
63:d5:44:b4:6d:fa:b2:c1:a4:97:76:44:b1:f3:e6:
96:8f:40:40:85:fe:04:f6:04:65:ae:8d:e1:79:60:
32:eb:21:6f:8b:9c:85:2d:d9:38:aa:ea:7c:50:d0:
fd:25:29:a3:16:ef:c5:d1:ae:bc:0f:7d:82:41:8e:
cb:df:d2:da:41:4d:fd:2e:4c:4c:7f:32:aa:7a:10:
aa:73:99:21:f3:e1:a1:14:7b:5a:ca:f9:69:87:b1:
35:6f:86:56:6a:54:57:1d:8b:fd:1f:7a:56:d3:44:
67:54:99:8d:8c:70:2c:ba:4c:00:ff:6b:a4:0b:bf:
0e:c9:dc:b9:ea:bb:0c:9e:a5:02:b2:c9:34:4e:e2:
34:be:7f:e5:a5:e5:ed:d0:97:7f:6c:c0:aa:a9:b8:
24:76:78:12:49:e5:a5:f8:08:71:3f:55:d4:21:04:
7c:c0:5c:31:20:87:29:5e:a1:bd:b1:7d:63:e9:3f:
0e:f2:a8:fb:1f:d8:e8:51:0f:89:84:dc:5d:da:7a:
69:a5:cd:48:ba:39:63:d8:ae:39:29:cd:a7:8f:94:
06:9a:7f:da:c7:b6:f4:71:a1:58:03:ef:10:b4:22:
a1:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
keyid:90:AF:6A:3A:94:5A:0B:D8:90:EA:12:56:73:DF:43:B4:3A:28:DA:E7
X509v3 Subject Key Identifier:
FD:00:76:8D:04:A1:3E:B1:41:2B:49:8A:D1:CD:93:89:32:3C:38:B5
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.6449.1.2.2.7
CPS: https://secure.comodo.com/CPS
Policy: 2.23.140.1.2.1
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl
Authority Information Access:
CA Issuers - URI:http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt
OCSP - URI:http://ocsp.comodoca.com
X509v3 Subject Alternative Name:
<strong>DNS:www.indiecert.net, DNS:indiecert.net</strong>
Signature Algorithm: <strong>sha256WithRSAEncryption</strong>
69:c1:22:36:c1:2b:5d:43:34:c0:d7:a6:06:03:53:02:f4:85:
ee:29:72:c2:82:37:56:af:ba:f8:1e:c9:2c:bf:da:fb:38:47:
43:8d:c1:d3:94:48:b3:49:41:1c:f5:89:7c:97:23:88:0a:b3:
cb:47:28:13:a2:a7:d2:d2:3c:40:5b:1b:8b:98:ae:70:4c:ea:
67:77:e1:b8:d4:de:c7:0e:fd:09:ff:56:72:a8:30:eb:0d:0a:
87:fe:2c:3f:9d:2e:7a:e3:de:47:22:79:dd:2a:58:da:38:78:
14:2b:70:95:ee:8b:ce:9c:78:b0:ce:a7:cb:27:dd:98:36:f8:
b4:f8:4c:44:35:b9:9d:d4:8c:cc:5b:c6:48:6e:25:12:e3:ce:
9e:40:c7:c4:b9:d1:23:6b:93:83:e2:4e:29:7e:10:1a:31:72:
d0:a0:24:97:3d:ea:b1:89:27:0b:49:0c:33:c7:ff:f2:e9:cb:
4b:fe:a7:0a:10:c3:11:65:dc:f0:4a:07:32:63:d4:73:d5:30:
77:9d:f4:fc:d3:51:04:11:51:af:8d:f6:37:d1:de:61:3c:74:
5d:6a:64:f0:c6:99:45:21:1e:44:1c:01:61:99:3e:c1:a7:e4:
a0:d1:39:f0:56:33:e6:7b:db:6d:22:73:c4:7f:d0:22:2e:54:
93:0e:59:e4
Installation
Now you can use the certificate, the key and the certificate chain and configure them in your web server. If you run your own server you SHOULD use Mozilla's configuration generator to make sure you configure your server in a secure way.
If you use some virtual hosting provider, like e.g. Uberspace.de you can probably upload your key, certificate and chain using SSH and instruct them to configure the certificate for you.
Validation
This is where most people stop. They will never validate their configuration and make sure SSLv3 is disabled, the chain is configured properly or the weak ciphers are disabled.
Go to SSL Server Test provided by Qualys. Enter your domain name and check the results. If you do not get a rating A or A+ you are doing something wrong and should evaluate the results of the test. As an example, you can view the IndieCert report.
If you prefer a free software solution you can also look at SSL Decoder. But it is advisable to also check using the Qualys tool mentioned above.
Next Steps
Now that the basics are done, you should not stop here, but consider a few other things:
What did I do so far?
For IndieCert I followed most of these steps, but didn't get around to implementing Public Key Pinning yet. You can check the Apache configuration I use here.