Getting rid of Apache pass-phrase dialogs

Patrick — Thu, 20 Aug 2009 06:14:51 +0000

Throughout the internet, HTTPS is used to encrypt traffic between a web server and its clients and thus provide a secure way of communicating with a server. Unfortunately, the best encryption is (somewhat) worthless, if you can’t be 100 percent sure that you are communicating with the right server. If Alice wants to send her credit card number to Bob, all encryption is worthless, if Mallory can trick her into thinking that he is Bob. SSL certificates to the rescue. If Alice trusts Carol and Carol has issued a SSL certificate to Bob, Alice can be sure that Bob is actually Bob and not someone else. SSL certificates are usually protected by private keys. You need the private key to use the SSL certificate. These private keys are usually encrypted with a pass-phrase. If Mallory manages to compromise Bobs server and steal the private key file, he can not (mis-)use it, because it is encrypted. That’s the theory.

However, Bobs web server needs to read the private key file to utilize the SSL certificate. If it is encrypted, Bob has to either store the pass-phrase somewhere or enter it by hand every time he starts the web server. If Bob uses Apache, he will get a so-called pass-phrase dialog. By default it looks like this (on the command line):

https-www:/etc/apache2-itk/# /etc/init.d/apache2-itk start
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.
Server secure.example.org:443 (RSA)
Enter pass phrase:
OK: Pass Phrase Dialog successful.
.

While entering the pass-phrase of an SSL certificate by hand is a very secure approach, it has its share of problems:

Upon reboot of Bobs server, the web server will not start automatically. It will hang, because it waits for the pass-phrase to be entered. Likewise, if the web server is restarted automatically for some reason (e.g. by monitoring software) the web server will hang on start-up, because it waits for the pass-phrase to be entered.
For security reasons, it is unwise to use the same pass-phrase for all private keys. Also, Bob shouldn’t use overly simple pass-phrases, that are easy to remember. If Bob needs tenths (or even hundreds) of private keys he can’t possibly remember every single pass-phrase.
It takes some time until Bob has looked up the corresponding pass-phrase in his mind or in his secure pass-phrase store. Even if he manages to immediately know every pass-phrase in use at his web server, it takes some time until he has entered the pass-phrase.

For the sacrifice of some security, you can mitigate these issues. If you really don’t care much for security, you can either not use a pass-phrase in the first place or – if you somehow entered a pass-phrase by accident – remove the pass-phrase from the key file. To remove the pass-phrase from an RSA private key use:

openssl rsa -in secure.example.org-2009.key -out secure.example.org-2009.key.unprotected

If you want a somewhat more secure approach (depending on the implementation), you can check out the SSLPassPhraseDialog directive of the Apache mod_ssl module. Using this directive, you can tell Apache to ask an external script for the pass-phrase of your certificates:

SSLPassPhraseDialog exec:/path/to/script

Apache will supply two arguments to the script. The first argument is of the form servername:portnumber, e.g. secure.example.org:443 and the second argument is either RSA or DSA. The script would print the corresponding pass-phrase to stdout. Of course, you still need to store the pass-phrases somewhere. How much security you sacrifice using this construct depends on the implementation of your external script. But it might be a slight bit more secure than just using no pass-phrase for the private key files at all.

Self-signed encryption. Do you care?

Patrick — Sat, 08 Aug 2009 12:55:08 +0000

I’m impressed. Really. And I tell you why in a second: Due to a misconfiguration, a secure connection (HTTPS) has been enforced for all visitors coming to this blog for a few months now. I didn’t notice this at first, because I use a special WordPress plugin to enforce HTTPS for the admin user (myself) only. Actually, administering this blog in a secure way is the only reason I started to offer HTTPS access to this blog at all. To safe myself a few bucks, I used my own certificate authority to issue myself a certificate. I guess that a maximum of 5 visitors/day trust this certificate authority by default. And this is a very optimistic guess. This means that for most visitors, it was very difficult to actually access this blog, because modern browsers nag the user very much, if they detect any certificate issues with a site. Still – and that’s what I am so impressed with – I lost only about one third of the visitors by enforcing a secure connection. And I get a lot of visitors – especially through search engines. It seems that most visitors, that are coming in via Google for example, do not really care, if they need to dismiss a number of security warnings to access this site. Or most visitors of this blog have disabled these checks. I don’t know. What this probably means is that

most of you are technically savvy
and you care enough to take the additional work required to access the content on this site.

Still, I disabled HTTPS enforcement again because

it kept most feed readers out (I can only guess how many people were affected by this, because I don’t really track the number of subscribers to my RSS feed)
and one third of the visitors of this blog are still a lot of visitors, if you just look at the bare numbers.

Anyway, I thought that I would loose a lot more visitors by enforcing HTTPS with a self signed certificate. You proved me wrong ;).

Too Far Afield » https

Getting rid of Apache pass-phrase dialogs

Self-signed encryption. Do you care?