RemoteCertificateNameMismatch. The issue with the name - wcf

Do not advice to return true from the validation callback. It's a bad practice. Because of I don't know the best practice of a cerfificate validation I want to rely on the default implementation, but I quite don't understand what name of a server certificate should be specified if the client tries to connect to "https://192.168.0.64/Company/ServiceReference.svc/MainService"?

If your server is being accessed by IP address, then you'd need a certificate that is issued by a trusted certification authority, is not yet expired and is named to match your IP address. In your case, it appears this would be 192.168.0.64. Generally speaking though, it's preferable to use a host or DNS name as you may not be able to control whether the IP address of your server changes. If the IP were to change, your certificate would then be invalid because the name would no longer match.

Related

ssl connection, using a hostname that is not in the SAN list of the host's certificate

I am quite new to ssl stuffs but I am afraid I can guess the final answer of the following problem/question:
We are building hardware (let's call them servers) that WILL have IP address modifications along there lifetime. Each Server must be reachable in a secured manner. We are planning to use a TLS 1.3 secured connection to perform some actions on the servers (update firmware, change configuration and so on). As a consequence we need to provide the server's with one certificate (each) so that they can state their identity. PKI issue is out of the scope of this question (we suppose) and we can take for granted that the clients and the servers will share a common trusted CA to ensure the SSL handshake goes ok. The server's will serve http connection on there configured (changeable) IP addresses only. There is no DNS involved on the loop.
We are wondering how to set the servers' certificates appropriately.
As IP will change, it cannot be used as the common name in the server's certificate.
Therefore, we are considering using something more persistent such as a serial number or a MAC address.
The problem is, as there is no DNS in the loop, the client can not issue http request to www.serialNumberOfServer.com and must connect to http://x.y.z.t (which will change frequently (at least frequently enough so that we don't issue a new server's certificate at each time))
If we get it right, ssl handshake requires to have the hostname (that's in the URL we are connecting to) matching either the commonName of the server's Certificate or one of its Subject's Alternative Name (SAN). Right? Here, it would be x.y.z.t.
So we think we are stucked in a situation in which the server cannot use it's IP to prove its identity and the client wants to use it exclusively to connect to the server.
Is there any work around?
Are we missing something?
Any help would be very (VERY) appreciated. Do not hesitated in cas you should need more detailed explanation!
For what it's worth, the development environment will be Qt using the QNetworkAccessManager/QSSlstuffs framework.
If you're not having the client use DNS at all, then you do have a problem. The right solution is to use DNS or static hostname lists (/etc/hosts, eg, on unix* or hosts.txt on windows eg.). That will let you set names appropriately.
If you can only use IP addresses, another option is to put all of your IP addresses into the certificate that the server might use. This is only doable if you have a reasonable small number of addresses that they might get assigned to.
Or you could keep a cache of certificates on the server with one address for each, and have part of the webserver start process to select the right certificate. Requires a bit more complex startup.
Edit: Finally, some SSL stacks (e.g. openssl) let you decide whether or not each particular verification error should be accepted as an error or that it can be ignored. This would let you override the errors on the client side. However, this is hard to implement properly and very prone to security issues if you don't bind the remote certificate properly it means you're subjecting yourself to man-in-the-middle or other attacks by blindly accepting any old certificate. I don't remember if Qt's SSL library gives you this level of flexibility or not (I don't believe so but didn't go pull up the documentation).
Went back on the subject 9 mont later!
Turns out there is an easy solution (at least with Qt framework)
Qt's QNetworkRequest::setPeerVerifyName does the job for us. It allows to connect to an host using its IP and verify a given CN during SSL handshake
See Qt's documentation extract below:
void QNetworkRequest::setPeerVerifyName(const QString &peerName)
Sets peerName as host name for the certificate validation, instead of the one used for the TCP connection.
This function was introduced in Qt 5.13.
See also peerVerifyName.
Just tested it positively right now

For which type of SSL certificate do you need a dedicated IP address?

Hey out there to whoever is reading.
I have a question and it is regarding a UNI question which I can't seem to find the answer when researching so I thought i'd come to the experts of the web.
The question I'm asked is:
3. For which type of SSL certificate do you need a dedicated IP address?
I understand if asking for help with uni is against terms and conditions as I know some websites don't allow it. (But no harm in trying yeah?)
Thankyou to anyone who helps
For which type of SSL certificate do you need a dedicated IP address?
The context of the question is unknown and it is unknown what "type" of SSL certificate actually means in this unknown context. This could be domain validated vs. extended validated or it cold be X.509v1 vs X.509v3 or even other things. But, I'll try to explain the underlying concepts so that you should hopefully be able to come up with an answer yourself.
Validation of the certificate includes checking the target hostname (from the URL in case of HTTPS) against the subjects of the certificate. These subjects can be given as subject alternative names and/or as common name. Commonly none of these subjects has an IP address which means that commonly no fixed IP address is needed for a server using this certificate - all what is needed is that the server is actually reachable by the given hostname (i.e. DNS is properly setup) and that the client is using this hostname to connect to the server (instead of using the IP address only).
But it is possible to also include IP addresses as subject of the certificate. This is uncommon and no public CA (as found as trust anchor in the browser) will issue such a certificate any longer but private CA might do it. The validation is similar to the hostname, i.e. the client has to use the IP address in the URL to access the site and check that the IP address used matches any of the IP addresses given as subject in the certificate. Having a fixed IP will help in this case but actually the only requirement is that the IP address the client uses is included as any of the possible many subjects in the certificate. This means that the server might actually be reachable by different IP addresses as long as all of these are included as subject in the certificate.

How to TLS/SSL secure an internal web server?

I am developing an https-based web server on my machine. This currently works with a self-signed certificate. Of course, my browsers complain about it, but it is okay for me to skip this check and accept my very own certificate.
Now I would like a co-worker to be able to access my https server as well. My machine does neither have an internal host name setup nor a static IP address.
Of course, if I create a certificate for localhost, it will not work for him - as localhost for him is his machine, not mine.
How can I solve this issue?
Is the only way to assign a static IP address or to setup a host name? Is it possible to get a certificate that matches any IP and / or hostname?
(Please note that I know that this is quite counterintuitive to what certificates are meant for, and I highly doubt that you will find someone trust-worthy who issues a certificate for anything, but I still have hope ;-). At the moment, we do not need it for authentication, just for testing. We would replace it with a valid certificate later on.)
You can issue a certificate to multiple Subject Alternative Names (e.g. localhost, machine001.local and 192.168.0.15). Note that, for IP addresses, the SAN must be of type IP address. Most tools that let you do this will let you specify the type (XCA is one of them for example).
I'm not sure how your co-worker can access your machine if it doesn't have either an internal host name or a static IP address. Perhaps you could use something like mDNS to give it a .local name anyway. Alternatively, you can use dynamic DNS services. They would also work even if they resolve the DNS to an IP address that is only routed on your LAN.
Ideally (since you don't want to use a commercial CA), you should create a CA (again, XCA can help) and distribute your CA certificate to your co-workers. In this case you wouldn't even have to add exceptions.
Having a certificate that matches any IP address or hostname wouldn't work. You normally can't have wildcards with IP addresses, and most browsers require more than one "label". Some implementations even make sure you have enough to fall within the scope of an actual domain (e.g. *.something.com or *.something.co.uk).
(Some browsers would let you add exceptions that also comprise the name mismatch (Firefox is one of them), so in this case, the names are not particularly relevant.)

Self signed certificate honoring both, Machine Name & IP Address

I generated a self signed certificate on IIS 7.5. It got generated against the machine name. At present I am testing my website over the IP address. On accessing it on Chrome over https I get a message, "You attempted to reach IP Address, but instead you actually reached a server identifying itself as Machine Name".
How can I ensure that the certificate can honor both the Machine Name and the IP address?
If in case both cannot be honored, how can I make it honor the IP address only?
You should create a certificate with multiple Subject Alternative Names. What you put in the CN at that stage doesn't really matter (it's only a fallback solution when there are no SANs), but putting the host name should help you identify the certificate in various lists.
Note that the entries for host names should be of dNSName type, but the entries for the IP address should be of iPAddress type, so you need a certificate creation tool that supports both. There are more details in this question (not specific to Java).
Note that IP addresses can be OK in a development context, but host names are often better anyway. Few (if any) CAs will issue you with a certificate tied to an IP address.

Two-way SSL Verifications

I'm trying to find out more information on the details of two-way SSL authentication. What I want to know is what verifications are done when one client receives another's certificate. (See the Verify Circle in the image below)
Two way verification http://publib.boulder.ibm.com/infocenter/tivihelp/v5r1/topic/com.ibm.itim.infocenter.doc/images/imx_twowaysslcacert.gif
Does someone has a list of all of the steps? Is there a standards document I can be pointed to? Does each server implement it differently?
Mainly what I'm asking is... Does the server do a verification against the other server's hostname vs the certificates Common name (CN)?
As #user384706 says, it's entirely configurable.
The scenario you're talking about is one where a machine is both a server and a client (and is the client as far as the SSL/TLS connection is concerned).
You don't necessarily gain much more security by verifying that the connection originates from the CN (or perhaps Subject Alternative Name) of the certificate that is presented.
There are a couple of issues:
If the SSL/TLS server is meant to be used by clients that are both end-users and servers themselves, you're going to have two different rules depending on which type of client you're expecting for a particular certificate. You could have a rule base on whether the client certificate has the "server" extended key usage extension or only the client one, but this can get a bit complex (why not).
The client (which is also a server) may be coming through a proxy, depending on the network where it is, in which case the source IP address will not match what you'd expect.
Usually, client-certificate authentication relies on the fact that private keys are assumed to be kept protected. If a private key is compromised by an attacker on the server, the attacker may also have the ability to spoof the origin IP address when making the connection (or making the connection from the compromised server directly). This being said, servers tend to have private keys that are not password-protected, so it may help a little bit in case it was copied discretely.
I think some tools are so strict that they don't only verify the CN to be the FQDN of the incoming connection: they also check that it's the reverse DNS entry for the source IP address. This can cause a number of problems in practice, since some servers may have multiple CNAME entries in the DNS, in which case the CN would be legitimate, but not necessarily the primary FQDN for that IP address.
It all really depends on the overall protocol and general architecture of the system.
RFC 6125 (Representation and Verification of Domain-Based Application Service Identity within Internet Public Key Infrastructure Using X.509 (PKIX) Certificates in the Context of Transport Layer Security (TLS)), recently published, considers this scenario out of scope.
The closest reference I can think of is SIP.
Mainly what I'm asking is... Does the
server do a verification against the
other server's hostname vs the
certificates Common name (CN)?
This is configurable.
It is possible to configure strict checking and not accept connections from entities sending a certificate that the CN does not match the FQDN despite the fact that the certificate is considered as trusted (e.g. signed by a trusted CA).
It is possible to relax this and do not do this check and accept the certificate or delegate the decision to the user. E.g. IE shows a pop up warning saying that certificate's name does not match FQDN. Do you want to proceed anyway?
From security perspective the safest is to do strict verification