Security Advisories

September 1, 2011 - Fraudulent DigiNotar certificates

Security Advisories ID:    SA59
Version:    1.0
Status:    Published
Published date:    08/31/2011
 

Advisory Status

Final

Advisory Severity

Informational

Summary

Digital certificate issuer DigiNotar reported an incident August 30, 2011 in which an attacker was able to issue fraudulent SSL and EVSSL certificates for several domains. Upon discovering the breach, DigiNotar has revoked the certificates. Software such as browsers and proxies that are not configured to check the revocation status of server certificates are vulnerable to man-in-the-middle and spoofing attacks.

Affected Products

By default, all versions of SGOS trust the DigiNotar CA. Any ProxySG that is not configured to check the revocation status of a certificate presented during an HTTPS session is vulnerable.

Details

DigiNotar has identified "several dozen" fraudulent certificates. The domains they were issued for include mozilla.com, yahoo.com, torproject.org, and google.com.  DigiNotar has not made a complete list available.  In ProxySG, the DigiNotar CA is named Diginotar_root_ca.  DigiNotar has revoked the known fraudulent certificates.

ProxySG only validates server certificates if the SSL proxy has been enabled. Revocation checking must be enabled separately. Blue Coat encourages customers using SSL proxy to enable revocation checking for all HTTPS connections. If revocation checking has not been enabled and configured for HTTPS connections, ProxySG will accept any one of the fraudulent certificates as valid until the certificates expire.

ProxySG supports two mechanisms for revocation checking: Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP). ProxySG 5.3, 5.4, 5.5, and 6.x support both mechanisms. ProxySG 4.3 supports only CRLs.

Both mechanisms require administrative configuration in order to be active. CRLs must be manually imported by the administrator for each CA. OCSP must be configured to use a specific OCSP responder or to use the OCSP responder specified in the certificate. For more information on configuring CRLs and OCSP, see the "Managing X.509 Certificates" in the ProxySG Administrator's Guide. Links to the documentation can be found in the References section below.

Blue Coat recommends that customers perform the following actions:

  • Enable server certificate validation.
  • Enable CRLs and/or OCSP for revocation checking.
  • If using CRLs, install the latest DigiNotar CRL and ensure all other CRLs are current.  Contact DigiNotar to determine the location for this CRL.
  • If using OCSP, examine the ignore settings for the OCSP responder. Ignoring failures, especially failures to connect with the OCSP responder, allows an attacker to circumvent revocation checking.

Workarounds

ProxySG will only check the revocation status of server certificates if the SSL proxy has been enabled. Customers who have not enabled the SSL proxy should ensure browsers have been upgraded with the latest security patches and have revocation checking enabled.

Customers who have enabled the SSL proxy but are unable to implement revocation checking can remove the DigiNotar CA from the list of trusted CAs used by the SSL Client. The name of the CA in ProxySG is Diginotar_root_ca. The CA certificate can be added back into the list of trusted CAs at a later time if desired.

Any CA certificate that is no longer trusted can be removed from the list of available CAs on ProxySG. After a CA certificate has been removed, it can no longer be in or added to a list of trusted CAs unless it is imported again.

Patches

Firefox, Internet Explorer, and other products have released patches that automatically reject the known fraudulent certificates and/or have removed DigiNotar as a trusted CA. SGOS will not be modified.

References

DigiNotar press release:  www.vasco.com/company/press_room/news_archive/2011/news_diginotar_reports_security_incident.aspx.

Microsoft Security Advisory 2607712: www.microsoft.com/technet/security/advisory/2607712.mspx.

Mozilla Firefox blog post: blog.mozilla.com/security/2011/08/29/fraudulent-google-com-certificate/.

For more information on CRLs and OCSP, see the "Managing X.509 Certificates" section of the SGOS documentation: 5.3, 5.4, 5.5, 6.1, 6.2. In SGOS 4.3, see the "Using Certificate Revocation Lists" section.

Advisory History

2011-09-01 Initial public release.


Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
 
 
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.
 
 

Your response will be used to improve our document content.

Ask a Question