Certificate Transparency Those things

There are two changes in HTTPS in this site: First, this site name (iMququ.com) joined Chrome’s HSTS Preload List, which took effect from Chrome 49; I have enabled this HTTPS certificate to enable the Certificate Transparency policy. HSTS Preload List is written in my previous article, more introductions and how to apply for joining, please click here. This article mainly introduces the Certificate Transparency.


The identity authentication of the HTTPS website is completed by the certificate trust chain, and the browser starts to reciprocate the authentication of the school inspection of the school test until the trusted root certificate (the list of root certificates is typically in the operating system, and Firefox is maintained). However, trusted CA (certificate issuing agency) has hundreds, they become a larger attack in the process of identity authentication throughout the website. In fact, currently due to the incorrect issuance of the CA failure; and individual CAs are happening to the third party with the third party, such as monitoring encrypted traffic.

Whether it is a “illegal certificate” that CA is unintentional or interested, it can verify the current certificate chain check mechanism. These CAs issued the “illegal certificate” compared to the “invalid certificate”, which is more difficult to discover, even if it is discovered to rely on the existing mechanism, it is difficult to quickly eliminate the impact.

In addition, the management of domain name owners can also cause domain name configurations to be controlled by third parties, thus can apply to CAs (especially DV type certificates) to CAs (especially DV type certificates). This situation, discovery and treatment are also very troublesome.

Certificate Transparency is to solve these problems, it can be directly translated into certificate transparency, dominated by Google, and standardized by IETF to RFC 6962. The goal of Certificate Transparency is to provide an open audit and monitoring system that allows any domain owner or CA to determine if the certificate is erroneously issued or maliciously used, thereby increasing the security of the HTTPS website.

The Certificate Transparench complete system consists of three parts: 1) Certificate logs; 2) Certificate monitors; 3) Certificate Auditors. The complete work principle can look at the official document: How Certificate Transparency Works.

Simply put, the certificate owner or CA can take the initiative to submit a certificate to the Certificate logs server, and all certificate records will accept audit and monitoring. A browser that supports CT (current only Chrome) will make different reactions according to the certificate status in Certificate logs. CT is not to replace existing CA facilities, but is made as supplement, making it more transparent and more real.

The Certificate logs server is deployed by Google or CA, which lists the currently known servers. After the legal certificate is submitted to the CT Logs server, the server returns Signed Certificate TimeStamp (SCT) to enable CT to use SCT information.

How to enable Certificate Transparency

According to the official document, there are three programs to enable CT, which are described below:

1) Expand via X.509V3

CA pre-signed the certificate and submit the certificate to the CT Logs server to get SCT information, then CA will sign the SCT as the extension of the pre-sign certificate, so that a certificate containing SCT extensions. SCT information (OID is visible by looking at the Certificate response in the TLS handshake phase.

2) Expand through TLS

We can also submit your certificate to the CT logs server, get the SCT coincide. Then enable SIGNED_CERTIFICATE_TIMESTAMP extensions in the Server Hello response in the TLS handshake phase, pass SCT information. After the specific configuration method, you will introduce it to this exhibition first.

Of course, only the client contains Signed_certificate_timestamp extension in the Client Hello request, the server needs to give the corresponding SCT response. 3) Through OCSP stapling

Another way is that CA is issued in accordance with the ordinary process to complete the certificate, then submit the certificate to the CT logs server to get the SCT, then transform the OCSP (Online Certificate Status Protocol, Online Certificate Status Protocol) service, including the SCT information to the OCSP response . Once the server enables OCSP Stapling (OCSP envelopes), you can include the OCSP query results of the certificate in the certificate chain, where SCT information is included.

Simple comparison three programs:

CA cost user cost Remarks X.509V3 expansion high (requires real-time submission of certificates and waits for two certificates) No Digicrt supports this program (VIA) TLS extension is not high (you need to submit a certificate, compile Web Server Add CT Module, modification configuration, etc.) Any certificate can be used in OCSP stapling (requires an asynchronous submission certificate to retrieve SCT, transforming the OCSP service) (enabled Web Server OCSP stapling) Let’s Encrypt plans to support this program (VIA)

Enabling CT is the most general solution via TLS extension, next how to operate in nginx, simply:

1) Get SCT files

With the CT-Submit module, the certificate can be easily submitted to the CT Logs server and get a SCT response. This module needs the support of Go language:

Apt-get install golang wget -o ct-submit.zip -c https://github.com/grahamedgecombe/ct-submit/archive/v1.0.0.zipunzip ct-subsmit.zipcd CT-Submit-1.0.0GO Build

After the compilation is successful, the current directory will appear as an executable of CT-Submit-1.0.0. Then you can submit:

./ct-submit-1.0.0 ct.googleapis.com/aviator ~ / www / SCTS / Aviator.SCT. / CT-SUBMIT-1.0.0 Ct1.digicrt-CT .com / log ~ / www / SCTS / DIGICERT.SCT

The above code is submitted to Google and Digicrt’s servers, and more available servers can be found on this page.

Chained.pem is my site certificate and an intermediate certificate, and the first is the site certificate, followed by an intermediate certificate.

2) Compile NGINX, join the CT module

To let Nginx support send Signed_certificate_timestamp this TLS extension, you need to join the NGINX-CT module. Nginx-CT needs to be compiled with OpenSSL 1.0.2+ or BoringSSL 4FAC72E +, which does not support Libressl. It is recommended to use CloudFlare Patch OpenSSL (VIA):

git clone https://github.com/cloudflare/sslconfigwget -O openssl.zip -c https://github.com/openssl/openssl/archive/OpenSSL_1_0_2g.zipunzip openssl.zipmv openssl-OpenSSL_1_0_2g / opensslcd openssl && patch -p1 <.. .. wget http: zxf nginx-1.9.13.tar.gz nginx https: nginx-ct.zip cd nginx-1.9.13 . nginx-ct-1.0.0 openssl then makes make install. install remember to stop service first otherwise it is likely be able manually kill processes before.>

3) Modify configuration

Finally, modify the NGINX configuration, add the following two lines and restart the service:


Certificate Transparency with Chrome

Finally, there are so many, how do you have any consequences if you don’t enable CT? In fact, there is little impact on most websites. First CT strategy is currently only Chrome support; second Chrome also knows that there is not much website that is now supporting CT, so there is not much impact on the HTTPS website that does not provide SCT information.

For websites using the EV certificate, if SCT information is provided as required, from January 1, 2015, Chrome does not show the small green strip (see this page). General EV certificate providers will embed the SCT information into the certificate. If you have an EV certificate, you can check it. In the event, there is no embedded SCT information in the certificate.

For other types of certificates (OV, DV, etc.), if SCT information is not provided, the latest Chrome just gives an instructions when clicking on the address bar small green lock, the content is as follows:

The Server Did NOT Supply Any Certificate Transparency Information.

The server does not provide any Certificate TransParency information.

Chrome’s prompt content has been adjusted, before this:

The Identity of this Website Has Been Verified by xxx but does not have public audord.

The identity of the site has passed XXX certification, but there is no public audit record.

After providing SCT information, Chrome’s tips are like this:

The Server Supplied Valid Certificate Transparency Information.

The server provides a valid Certificate Transparency information.

The screenshot of this site is as follows: