首頁 » web

Online Certificate Status Protocol (OCSP)

由 datahunter 在 三, 18/05/2022 - 16:08 發表

最後更新: 2022-05-18

目錄

  • Certicate 內的 Authority Info (AIA)
  • ocsp 的 uri
  • Apache 設定
  • Nginx 設定
  • OCSP 的 openssl 測試
  • Browser
  • Online Checking

介紹

OCSP was created as an alternative to certificate revocation lists (CRL)

Certificate revocation lists (CRL)

The browser downloads a list of revoked certificate serial numbers and
    verifies the current certificate, which increases the SSL negotiation time

OCSP

A time-stamped OCSP response signed by the CA to the initial TLS handshake

If the client does not receive a stapled response, it will just contact the OCSP server by itself.

However, if the client receives an invalid stapled response, it will abort the connection.

Stapling

If OCSP stapling is enabled, in your response, in the OCSP Response Data section, it should say the following:

OCSP Response Status: successful (0x0)

An OCSP responder

A server typically run by the certificate issuer

OCSP can be vulnerable to replay attacks (解決: nonce, a validity period)

MustStaple TLS extension

If a browser encounters a certificate with this extension that is used without OCSP Stapling, then it will be rejected.

Note

The RFC 6066 specification the server's CertificateStatus reply may only include an OCSP response for a single cert.

For server certificates with intermediate CA certificates in their chain (the typical case nowadays)

    only partially achieves the  => "saving roundtrips and resources"

TLSv1.3 automatically removes this limitation,

Under TLS 1.3 a server can send multiple OCSP responses,
typically one for each certificate in the certificate chain.

# For TLS 1.2

Under TLS 1.2 only one stapled response can be sent by a server,

    the OCSP response associated with the end-certificate.

RFC 6961 defines a Multiple Certificate Status Request extension,

    which allows a server to send multiple OCSP responses in the TLS handshake.

 

 

Certicate 內的 Authority Info (AIA)

 

Method: CA Issuers
Location: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt

Method: Online Certificate Status Protocol (OCSP)
Location: http://ocsp.sectigo.com

 

ocsp 的 uri

 

Web Server 要使用 stapling, 首先它要去到 ocsp 的 link

openssl x509 -in server.crt -noout -ocsp_uri

http://ocsp.sectigo.com

curl http://ocsp.sectigo.com

0

 

Apache 設定

 

version > 2.3.3

# OCSP Settings
SSLUseStapling on
SSLStaplingCache shmcb:logs/stapling_cache(128000)

* Before you can enable OCSP stapling on your Apache server,
   the Intermediate Certificate must be properly installed.

 

Nginx 設定

 

version > 1.3.7

ssl_stapling        on;

ssl_stapling

Enables or disables 'stapling of OCSP' responses by the server

For the OCSP stapling to work, the certificate of the server certificate issuer should be known.
If the ssl_certificate file does not contain intermediate certificates,
the certificate of the server certificate issuer should be present in the ssl_trusted_certificate file.

Other Settings

ssl_stapling_verify

Enables or disables verification of OCSP responses by the server.
verify chain of trust of OCSP response using Root CA and Intermediate certs
要配合 ssl_trusted_certificate 使用

ssl_trusted_certificate

ssl_trusted_certificate /etc/nginx/ssl/fullchain.pem;

For verification to work, the certificate of the server certificate issuer, the root certificate, and all intermediate certificates
should be configured as trusted using the ssl_trusted_certificate directive.
ssl_trusted_certificate (in order from top(CA) to bottom(intermediate certificates))

 

OCSP 的 openssl 測試

 

openssl

openssl s_client -connect datahunter.org:443 \
  -servername datahunter.org -status < /dev/null 2>&1 \
  | grep -i "OCSP response"

-status

Sends a certificate status request to the server. The server response (if any) is printed out.

成功

OCSP response:
OCSP Response Data:
    OCSP Response Status: successful (0x0)
    Response Type: Basic OCSP Response

失敗

OCSP response: no response sent

人手 Checking

ocsp_uri=ocsp.sectigo.com

openssl ocsp -issuer chain.pem \
   -cert server.crt -text \
   -verify_other chain.pem \
   -url http://$ocsp_uri -header "HOST" "$ocsp_uri"

OCSP Request Data:
....
OCSP Response Data:
    OCSP Response Status: successful (0x0)
....
WARNING: no nonce in response
Response Verify Failure
140354618222480:error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found:ocsp_vfy.c:92:
server.crt: good
        This Update: May 15 20:01:23 2022 GMT
        Next Update: May 22 20:01:23 2022 GMT

-issuer filename

This option MUST come before any -cert options.

-verify_other filename

File containing additional certificates to search when attempting to locate the OCSP response signing certificate.

Some responders omit the actual signer's certificate from the response:

this option can be used to supply the necessary certificate in such cases.

Remark

openssl x509 -noout -subject -in server.crt

 

Browser

 

Firefox

OneCRL is a list of intermediate certificates that have been revoked by CAs in Mozilla’s root program,
and is pushed to Firefox users in application updates.

Firefox’s default settings also query OCSP responders to confirm the validity of SSL/TLS certificates.
“soft-fail” policy

Chrome

It relies on CRLSets for revocation checking.
Revoked certificates which is pushed to the browser as a software update.
chrome://components/

Edge

Windows maintains a list of revoked or otherwise blacklisted certificates in a file called disallowedcert.stl

 

Online Checking

 

https://www.ssllabs.com/ssltest/index.html

 

 

 

»
  • 瀏覽次數: 533