back to article Had a bad weekend? Probably, if you're a Sectigo customer, after root cert expires and online chaos ensues

On Saturday, at 10:48 UTC, Sectigo's AddTrust legacy root certificate expired, causing a bit of weekend havoc for thousands of websites and services that rely on it for making a secure TLS/SSL connection. "Generally speaking, this is affecting older, non-browser clients (notably OpenSSL 1.0.x) which talk to TLS servers which …

  1. john.jones.name
    Mushroom

    the whole ecosystem is clownish becuase of Certification Authority (CA)

    honestly depending on where your certification authority (CA) is located is where the law applies and what help legally they can be compelled to provide...

    personally I would prefer a system that is tied to DNS so that you know what law applies...

    1. Anonymous Coward
      Anonymous Coward

      Re: the whole ecosystem is clownish becuase of Certification Authority (CA)

      tied to DNS so that you know what law applies

      The law of the jungle?

  2. fnusnu

    "Of particular concern, the university said, are systems and devices that haven't seen security updates since 2015, such as Apple Mac OS X 10.11 (El Capitan) or earlier, Apple iOS 9 or earlier, Google Android 5.0 or earlier, Microsoft Windows Vista & 7 (if the Update Root Certificates Feature has been disabled since before June 2010), Microsoft Windows XP (if an Automatic Root Update has not been received since before June 2010), Mozilla Firefox 35 or earlier, Oracle Java 8u50 or earlier, and embedded devices (e.g. copy machines) that have not installed a firmware update since before mid 2015."

    "In a perfect world, all of your libraries would be up-to-date and you wouldn't be using clownish TLS implementations like GnuTLS," wrote Ayer.

    The only clowns here are those still using obsolete crap...

    1. Pinjata

      I'm guessing there are a lot of people who still own and use five year old Android 5 devices...

      1. fnusnu

        Then they are taking a massive risk.

    2. Anonymous Coward
      Anonymous Coward

      The only clowns here are those still using obsolete crap

      Define "Obsolete"

      In my world, obsolete means it doesn't do what's required of it because of changed requirements. My 2005 model laptop still does pretty well all that I require of it, so not "obsolete" other than by external influences that would like me to upgrade "because".

      As it happens I was having a conversation with a friend a little while ago, and he was moaning about how his old AM/FM radio still works fine, but his much much newer computer (Win XP vintage I think) "doesn't work" with a lot of stuff now. No, not that he can't get new programs to run, but that stuff it used to be able to do - view websites - is getting more and more hit and miss. From his PoV he doesn't use internet banking, and doesn't do anything to warrant "massive security" - all he sees is things breaking ina way that looks like it's designed to make him spend money (from his meagre pension) on upgrades.

      Anyway, does anyone have any simple instructions on how a user can mitigate this from the user end ? In my case, OSX 10.10.5 which is the latest that runs on my laptop, with the latest Safari that runs on it, and all updates installed (not that we've had any for some time). AIUI there are two certificates involved, and the old one has expired - can we manually install the other one to work around it, or is it really a case of waiting for all sites to get fixed ? Yes, I confess that I'm not an expert on certificates.

  3. naive

    It is not only old stuff

    Also haproxy on weekly updated CentOS servers suffer from it. This SSL with its centralistic setup is just there to squeeze money out of people in collusion with the browser manufacturers. Why can organizations not easily integrate the CA functionality into their external DNS server, fill everything with self generated certificates instead of having to pay the SSL racketeering mob $ 100,- every year for each certificate ?.

    Because Sectigo bought Comodo, certificates get invalidated.. thx a lot guys.

    1. dajames Silver badge

      Re: It is not only old stuff

      ... fill everything with self generated certificates instead of having to pay the SSL racketeering mob $ 100,- every year for each certificate ...

      Issuance of SSL/TLS certificates is not necessarily expensive -- the likes of Let's Encrypt provide free TLS certificates, after all. Some commercial certificates do look expensive by comparison, but some carry insurance against any fraud that may take place despite the security afforded by TLS. In those cases a large part of the payment is a premium paid to an insurance company.

      Without that insurance the certificate has no material value, so it's not all racketeering.

    2. john.jones.name
      Go

      TLS cert in DNS -> DANE

      "integrate the CA functionality into their external DNS server"

      you can do that now with DANE for example backward compatible for browsers :

      https://blog.apnic.net/2017/01/06/lets-encrypt-dane/

  4. This post has been deleted by its author

    1. Steve Davies 3 Silver badge
      Facepalm

      Re: Yesterday (1st July), (3rd July)

      I see you have invented the 'Time Machine'.

      Can't you use it to get into the Root Cert store and fix it?

      However, as you say...

      Failure to renew certificates on time is increasingly common

      It will only get worse and we will see more 'Bork Bork' postings. Someone somewhere thought that Secure Certificates that expire was a good idea. Shame they didn't think it through properly esp wrt renewals. The annual costs for this must run into the billions or even the same as the GDP of a few countries.

      1. dajames Silver badge

        Re: Yesterday (1st July), (3rd July)

        Someone somewhere thought that Secure Certificates that expire was a good idea.

        Expiry of key certificates is a crude way to ensure that old, obsolete, certificates get retired -- it was introduced before key revocation lists became commonplace . The idea is that if we believe that there won't be a practical attack on a given cryptographic key (for a given algorithm and key length) for N years, we can issue a certificate that's valid for no more than N years and can be reasonably confident that the key will be safe to use until after its certificate expires..

        Of course, those who issue certificates commercially do so as a business. They make a profit each time they re-issue a certificate, so they have no incentive to sell very long-lived certificates.

        Commercial certificates that offer financial guarantees against fraud are backed by insurance, and insurance companies are understandably reluctant to sell long-term policies, especially when the degree of risk increases unpredictably over time as attacks on the algorithm involved become more sophisticated. They want to asses the risk and set a premium for a relatively short term so that they can to set a higher premium or insist on a more secure algorithm on renewal if the degree risk has increased.

        I'd suggest, in fact, that certificates should routinely be issued with a predictable short term -- say: one year -- so that updating them became a routine, well-understood, and unsurprising process.

        1. Quenda

          Re: Yesterday (1st July), (3rd July)

          Key revocation lists are not checked by most browsers (including Chrome) and are generally considered to be broken. Better to have short expiry with an auto renew process like Lets Encrypt.

      2. Claptrap314 Silver badge

        Re: Yesterday (1st July), (3rd July)

        You obviously don't know how to think like an attacker.

        The bad guys are real. NO fortress is impenetrable. NO cypher is indefinitely secure. It is much, much safer to autoexpire a cert than to ensure that the secrets it protects have a short enough lifespan that it is actually useful.

        The world being full of lazy idiots means that cert expiration screwups are going to be a thing. As another has said, the best solution is to make the periods short enough that updating become routine.

        Except, the better idiot will figure out how to screw that up as well.

  5. Pascal Monett Silver badge

    "OpenSSL was, and is, fundamentally shit at verifying 'real' certificates"

    Wow. Looks like there aren't many SSL-capable programmers that want to tackle the problem.

    A shame for an open spec.

  6. Santa from Exeter

    Optional

    "In a perfect world, all of your libraries would be up-to-date and you wouldn't be using clownish TLS implementations like GnuTLS," wrote Ayer. "

    In a perfect world twats like Ayer with product to sell and an axe to grind would be ignored by El Reg rather than quoted.

  7. heyrick Silver badge

    "fundamentally shit at verifying 'real' certificates" and "you wouldn't be using clownish TLS implementations"

    Funny. It's quite easy to slag off implementations that break, but it's rather harder to write a good implementation.

    Maybe those mouthy gits might like to help make some crypto that works, eh?

  8. Chris Gray 1
    Meh

    Ipify.org via curl

    Ah, that's the root cause. I run my toy domain over a dynamic IP address from my provider. There are scripts that determine my actual IP address by querying "ipify.org" using Linux program "curl" (fetches from a single URL). That broke because of a certifcate problem. The logged error told me how to disable the security in "curl", but since my IP address is pretty stable, I chose to sit and wait for a bit. After a couple of days I semi-automatically got an updated certificate bundle from Ubuntu and lo, the problem fixed itself.

    Even though I run a couple of services here, I am constitutionally unable to be a proper sysadmin, so its mostly a lot of fingers crossed that nothing breaks! Why am I unable? Poor memory - sysadmin requires a good memory of obscure commands, and of how all sorts of stuff actually works. And yes, I do have a router acting as a firewall, thanks.

  9. tip pc Silver badge

    when you have no control over key aspects of your solution, anything can and will happen

    the really fun thing is that many users don't even know they are dependant on third parties for their stuff to work correctly.

    Funny how some think that running older systems is the issue, when they have no clue as to how the newer systems work and that it doesn't have to be that way.

    If there was a good way to notify about the issue and obtain user approval that would be a great start, but not suitable for systems that run headerless.

    Even better would be a some kind of automatic management system that auto magically fixed these things.

  10. Claverhouse Silver badge
    Stop

    Bug-Killer to the Stars

    Sectigo is the worst name ever.

    .

    That is all.

  11. keydutch

    does anybody now if there are any other similar expirations in near future?

    and i wonder if there are tools to check the certificate?

    UPD: look like immuniweb just added the option to check it in ssl test

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021