

Ask HN: SSL certificates - bobwaycott

Hi all.<p>There has, over the last year or so, been quite a number of interesting crypto-related news coverage related to not inconsequential vulnerabilities and issues. In briefest terms, I&#x27;d like to get an idea of what the current best practices&#x2F;recommendations are regarding deploying applications&#x2F;services that will operate over HTTPS. For starters--though I&#x27;d love to hear beyond where applicable--if someone is launching a new product wanting to be as up-to-date on best security practices in this regard, a few questions:<p>1. What is the current recommendation for SSL certificates regarding strength, cipher types, etc.? Do wildcard certs have special needs worth being mindful of that non-wildcard certs do not?<p>2. Any recommendations on reputable, reliable, and trustworthy vendors for securing a new SSL certificate that meets current best-practice expectations?<p>3. Aside from ensuring a server is up-to-date with all security-related releases&#x2F;patches, what else should one be mindful of in setting up and deploying a product&#x2F;service that needs to be secure?<p>Thanks in advance to all.
======
4oo4
1) Strength - always at least 2048 bits, 4096 if speed isn't as critical as
security. For your CSR make sure you use SHA256 for signing
([http://itigloo.com/security/generate-an-openssl-
certificate-...](http://itigloo.com/security/generate-an-openssl-certificate-
request-with-sha-256-signature/)) As for ciphers, depends on the tradeoff you
need for compatibility vs. security; I would consult Mozilla:
[https://wiki.mozilla.org/Security/Server_Side_TLS](https://wiki.mozilla.org/Security/Server_Side_TLS)
They also have a handy config generator, depending on what server you're going
to use: [https://mozilla.github.io/server-side-tls/ssl-config-
generat...](https://mozilla.github.io/server-side-tls/ssl-config-generator/)

2) For lowest cost and no bullshit, I'd go with CertSimple
([https://certsimple.com](https://certsimple.com)), or DigiCert
([https://digicert.com](https://digicert.com)).

3) As mentioned below, SSLLabs will point out if any of your config is risky.
Besides that, you might want to add a 301 URL redirect to your web server to
force people to only use SSL and avoid the fatal mistake of someone forgetting
to type http_s_.

Have fun!

~~~
junto

       Besides that, you might want to add a 301 URL redirect to 
      your web server to force people to only use SSL and avoid 
      the fatal mistake of someone forgetting to type http_s
    

Is there any other way to do this. If a user makes a non SSL request to my
server they have potentially already leaked information in that request,
especially if it is a post. Cookies etc are all exposed.

Is there a best practice to prevent users making this first incorrect request
in the first place?

~~~
staunch
Using HSTS and browsers pre-loaded list of sites that are HTTPS-only prevents
leakage:
[https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security)

Also cookies also have a 'secure' flag.

------
colinbartlett
I deploy a couple of new projects every month and I've gotten into a habit of
HTTPS full time everywhere on all projects.

From my experience using SSL Lab's web-based test[1] on all of them, the issue
is less with the cert vendor and more with the server configuration. All the
vendors I have used recently will use a 2048 bit RSA key which will grade as A
just fine on SSL Labs. But it's pretty easy to get lower grades by not having
an up-to-date server which restricts broken ciphers like TLS 1.0 and SSL. Or
by having broken certificate chains.

My favorite vendor is DNSimple because of their extremely easy process for
generation, but they are just reselling Comodo certificates.

1\. [https://www.ssllabs.com/ssltest/](https://www.ssllabs.com/ssltest/)

~~~
bobwaycott
thanks for your thoughts and pointing to the ssllabs test. much appreciated.

------
Sleaker
Mozilla has a great article posted up about this here:
[https://wiki.mozilla.org/Security/Server_Side_TLS](https://wiki.mozilla.org/Security/Server_Side_TLS)

~~~
bobwaycott
thanks for the link to this article.

------
bwblabs
Use 2048 bits, not 4096. I'm kind of paranoid and always try to use the
highest recommendations, HSTS, all-SSL, etc. But in terms of SSL connection
setups / second, your CPU will be the bottleneck, and having 4096 bits will
limit you to about 1/4 of the connection setups / second that 2048 could have
handled. So if the site has low traffic and a enough CPU resources, it could
be ok, but if you ever need to handle a lot of connections: use 2048 bits! (I
learned the hard way ;)

~~~
bobwaycott
that's a great observation. thanks for the recommendation.

------
fensterblick
To answer question #1, a lot of people use the SSL Server test:
[https://www.ssllabs.com/ssltest/analyze.html](https://www.ssllabs.com/ssltest/analyze.html).
It's one way to analyze if your certificates and SSL/TLS settings are
configured correctly. The results are arguable - getting an "A" does not
guarantee safety - but getting an "F" can show that more work needs to be
done.

~~~
bobwaycott
thanks a bunch for the reply.

------
dongs
1:
[https://github.com/cloudflare/sslconfig](https://github.com/cloudflare/sslconfig)

~~~
bobwaycott
thanks for this. always helpful to see what bigger entities are using with
their nginx setups.

