Versions Compared

Old Version 2

changes.mady.by.user trscavo@internet2.edu

Saved on

compared with

New Version 3

changes.mady.by.user trscavo@internet2.edu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This topic describes InCommon policy, requirements, and recommended practices regarding the security of browser-facing endpoints in metadata.This topic focuses and so the focus here is on the keys and certificates used for browser-facing TLS. See the IdP Key Handling and SP Key Handling topics regarding keys used for XML Signature and XML Encryption (resp.).

Handling the Private Key

The A server's private TLS key is used to create a secure channel for transporting messages and content via HTTP. If the private key is lost or stolen, the holder has the power to intercept HTTP messages and content intended for the server.

Warning
titleProtect your private keys!

Positive control of your private keys must be maintained at all times. This includes the private keys used for browser-facing TLS, XML Signature, and XML Encryption.

A private TLS key is necessarily an online key, that is, it must be available to the HTTP server software at runtime. An online key may be encrypted, but the password or passphrase used to decrypt the key generally has to be available in an unencrypted file so that the HTTP server can be restarted in unattended fashion. Therefore an online key is considerably more vulnerable than an offline key, and must be protected accordingly.

If the private TLS key is stored in the file system as an ordinary file, it should have strict permissions to prevent unauthorized copying of the private key. For stronger protection, the private key may be stored in a hardware security module (HSM) that prevents export of the private key.

...

  1. Start with a secure system for your IdP or SP…and keep it that way!
  2. Generate the Certificate Signing Request (and hence the private key) directly on the secure system (IdP or SP)
  3. Prevent the private TLS key from ever leaving the secure system
  4. Ensure ongoing access to the private TLS key is strictly controlled

...

Panel

Here's another way to state these basic security requirements:

  • Until the private TLS key is securely stored on the target system (IdP or SP), it needs to be encrypted, both at rest and in transit.
  • Under no circumstances should an unencrypted private TLS key come to rest on an insecure system or transit the network over an unprotected channel.

...

The above command will store the private key in file server-key.pem and the corresponding CSR in file server-cert.csr. The latter is transmitted to a Certification Authority (CA) for signing. The resulting certificate (and the corresponding private key) are installed on the web server, which is configured for browser-facing TLS (as opposed to the mutually authenticated back-channel exchanges associated with SAML Web Browser SSO, which are discussed in the IdP Key Handling topic).

Warning
titleTest your OpenSSL software installation

OpenSSL is a subtly complicated tool having many versions with various capabilities (and bugs). It recommended that all OpenSSL commands be tested in advance to ensure that the tool is functioning as expected.

...