SSL客户端如何验证服务器的证书？ [英] How can the SSL client validate the server's certificate?

问题描述

我正在建立一个应用程序，我计划使用OpenSSL保护数据传输。

I am building an application and I am planning on using OpenSSL for securing data transfers.

我计划只让客户端验证服务器的证书。我困惑了如何应该保护服务器的证书。我想加密包含私钥的服务器证书，但我不想对此加密使用任何硬编码密钥。

I am planning on only having the client validate the server's certificate. I am confused on how I should secure the server's certificate. I would like to encrypt the server's certificate containing the private key, but I do not want to use any hard coded keys for this encryption.

什么是常见做法其次是使用SSL的应用程序？

What are some of the common practices followed by applications employing SSL?

推荐答案

只是为了确保我们的术语一致，SSL证书两个组件：

Just to make sure we have our terminology straight, an "SSL certificate" is really composed of two components:

• 公开证书


• 私钥

公共证书组件由您选择的CA（证书颁发机构）签名，之后可以自由分发。它不需要加密或加密，实际上它会发送到客户端连接到您的服务器作为SSL协商的一部分。

The public certificate component is signed by your chosen CA (certificate authority), after which it can be freely distributed. It does not need to be secured or encrypted, and indeed it will be sent to clients that connect to your server as part of the SSL negotiation.

私钥组件应该受保护。在大多数情况下，这只是作为加密文件存储在服务器上。高级解决方案使用专用的防篡改加密硬件（HSM - 硬件安全模块）来存储私钥。这些范围从基于智能卡的解决方案到具有m / n控制等多键，网络使能的设备等。与HSM相关的风险（更不用说成本），我不会进入这里。

The private key component should be protected. In the majority of cases, this is simply stored as an encrypted file on the server. Upscale solutions use dedicated "tamperproof" crypto hardware (HSMs -- hardware security modules) to store the private key. These range from smart-card based solutions to multi-key, network enabled appliances with m/n controls etc etc. There are risks (not to mention costs) associated with HSMs that I will not go into here.

许多应用程序只是将私钥保留在磁盘上。有几个选项来保护密钥文件：

Many applications simply retain the private key on disk. There are a couple of options to secure the key file:

• 依靠系统和文件权限安全（即不加密私钥） 。例如，大多数ssh守护程序都会执行此操作。


• 使用服务器提供的任何机制来加密文件 - 密码保护的加密是大多数Web服务器的标准功能。 （如果您使用OpenSSL API滚动自己的文件，请选择一种显而易见的原生键格式）。

是一种安全权衡。特别是，如果您对私钥文件使用密码保护加密，并且您遇到意外的应用程序重新启动（例如断电），则有人需要在重新启动时为应用程序提供密码。将密码存储在由系统初始化脚本读取的文件中（至少由两个Web服务器供应商鼓励）在实际安全性方面增加很少。很难建议保持私钥文件未加密，但如果你是一个小商店的唯一管理员/技术，你应该肯定考虑如果服务器重新启动时，如果你不可用，可能发生什么，以及什么成本可能对你的业务。

As always, there is a security trade-off. In particular, if you are using password-protected encryption on the private key file and you experience an unexpected application restart (eg power outage), then somebody will need to be available to provide the password to the app as it restarts. Storing the password in a file that is read by system initialization scripts (as encouraged by at least two web server vendors) adds little in terms of real security. It's hard to recommend leaving the private key file unencrypted but if you are the sole admin/techy in a small shop, you should definitely consider what might happen if the server reboots when you are not available, and what the costs might be to your business.

这篇关于SSL客户端如何验证服务器的证书？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！