最後更新: 2022-05-18
目錄
- Certicate 內的 Authority Info (AIA)
- ocsp 的 uri
- Apache 設定
- Nginx 設定
- OCSP 的 openssl 測試
- Browser
- Online Checking
介紹
OCSP was created as an alternative to certificate revocation lists (CRL)
Certificate revocation lists (CRL)
The browser downloads a list of revoked certificate serial numbers and
verifies the current certificate, which increases the SSL negotiation time
OCSP
A time-stamped OCSP response signed by the CA to the initial TLS handshake
If the client does not receive a stapled response, it will just contact the OCSP server by itself.
However, if the client receives an invalid stapled response, it will abort the connection.
Stapling
If OCSP stapling is enabled, in your response, in the OCSP Response Data section, it should say the following:
OCSP Response Status: successful (0x0)
An OCSP responder
A server typically run by the certificate issuer
OCSP can be vulnerable to replay attacks (解決: nonce, a validity period)
MustStaple TLS extension
If a browser encounters a certificate with this extension that is used without OCSP Stapling, then it will be rejected.
Note
The RFC 6066 specification the server's CertificateStatus reply may only include an OCSP response for a single cert.
For server certificates with intermediate CA certificates in their chain (the typical case nowadays)
only partially achieves the => "saving roundtrips and resources"
TLSv1.3 automatically removes this limitation,
Under TLS 1.3 a server can send multiple OCSP responses,
typically one for each certificate in the certificate chain.
# For TLS 1.2
Under TLS 1.2 only one stapled response can be sent by a server,
the OCSP response associated with the end-certificate.
RFC 6961 defines a Multiple Certificate Status Request extension,
which allows a server to send multiple OCSP responses in the TLS handshake.
Certicate 內的 Authority Info (AIA)
Method: CA Issuers
Location: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
Method: Online Certificate Status Protocol (OCSP)
Location: http://ocsp.sectigo.com
ocsp 的 uri
Web Server 要使用 stapling, 首先它要去到 ocsp 的 link
openssl x509 -in server.crt -noout -ocsp_uri
http://ocsp.sectigo.com
0
Apache 設定
version > 2.3.3
# OCSP Settings
SSLUseStapling on
SSLStaplingCache shmcb:logs/stapling_cache(128000)
* Before you can enable OCSP stapling on your Apache server,
the Intermediate Certificate must be properly installed.
Nginx 設定
version > 1.3.7
ssl_stapling on;
ssl_stapling
Enables or disables 'stapling of OCSP' responses by the server
For the OCSP stapling to work, the certificate of the server certificate issuer should be known.
If the ssl_certificate file does not contain intermediate certificates,
the certificate of the server certificate issuer should be present in the ssl_trusted_certificate file.
Other Settings
ssl_stapling_verify
Enables or disables verification of OCSP responses by the server.
verify chain of trust of OCSP response using Root CA and Intermediate certs
要配合 ssl_trusted_certificate 使用
ssl_trusted_certificate
ssl_trusted_certificate /etc/nginx/ssl/fullchain.pem;
For verification to work, the certificate of the server certificate issuer, the root certificate, and all intermediate certificates
should be configured as trusted using the ssl_trusted_certificate directive.
ssl_trusted_certificate (in order from top(CA) to bottom(intermediate certificates))
OCSP 的 openssl 測試
openssl
openssl s_client -connect datahunter.org:443 \
-servername datahunter.org -status < /dev/null 2>&1 \
| grep -i "OCSP response"
-status
Sends a certificate status request to the server. The server response (if any) is printed out.
成功
OCSP response: OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response
失敗
OCSP response: no response sent
人手 Checking
ocsp_uri=ocsp.sectigo.com
openssl ocsp -issuer chain.pem \
-cert server.crt -text \
-verify_other chain.pem \
-url http://$ocsp_uri -header "HOST" "$ocsp_uri"
OCSP Request Data:
....
OCSP Response Data:
OCSP Response Status: successful (0x0)
....
WARNING: no nonce in response
Response Verify Failure
140354618222480:error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found:ocsp_vfy.c:92:
server.crt: good
This Update: May 15 20:01:23 2022 GMT
Next Update: May 22 20:01:23 2022 GMT
-issuer filename
This option MUST come before any -cert options.
-verify_other filename
File containing additional certificates to search when attempting to locate the OCSP response signing certificate.
Some responders omit the actual signer's certificate from the response:
this option can be used to supply the necessary certificate in such cases.
Remark
openssl x509 -noout -subject -in server.crt
Browser
Firefox
OneCRL is a list of intermediate certificates that have been revoked by CAs in Mozilla’s root program,
and is pushed to Firefox users in application updates.
Firefox’s default settings also query OCSP responders to confirm the validity of SSL/TLS certificates.
“soft-fail” policy
Chrome
It relies on CRLSets for revocation checking.
Revoked certificates which is pushed to the browser as a software update.
chrome://components/
Edge
Windows maintains a list of revoked or otherwise blacklisted certificates in a file called disallowedcert.stl
Online Checking
https://www.ssllabs.com/ssltest/index.html