Chapter 18 Β· Flashcards

Digital Certificates Flashcards

Click each card to reveal the answer.

0 / 16 flipped
What is a digital certificate?
A digitally signed document binding a public key to an identity (domain, person, organization). Issued and signed by a Certificate Authority (CA) after identity verification. The CA's signature vouches that the public key belongs to the claimed identity.
What standard defines the digital certificate format?
X.509 β€” the ITU-T standard used by all TLS/SSL certificates. Key fields: Subject, Issuer, Public Key, Validity Period (Not Before/Not After), Subject Alternative Names (SANs), Serial Number, and the CA's digital signature.
What is a Certificate Authority (CA)?
A trusted third party that issues and signs digital certificates after verifying the requestor's identity. Public CAs are trusted by browsers worldwide (DigiCert, Let's Encrypt, GlobalSign). Private CAs are trusted only within an organization's systems.
What is a Root CA?
The top-level CA. Its certificate is self-signed and pre-installed in OS/browser trust stores (the trust anchor). Root CAs almost never sign end-entity certificates directly β€” they sign intermediate CA certificates. Private keys stored in HSMs in secured facilities.
Why do CAs use Intermediate CAs instead of the Root CA signing server certs directly?
Defense in depth. If an Intermediate CA is compromised, it can be revoked without compromising the Root CA. The Root CA remains isolated and secure. Only the Intermediate CA's certificates are invalidated β€” the Root CA continues to be trusted and can sign a replacement Intermediate CA.
What is a CSR?
Certificate Signing Request β€” a message from a server admin containing the server's public key and identity claims, signed with the server's private key. Submitted to a CA for certificate issuance. The private key is NEVER included β€” only the public key. The CA signs the CSR contents and returns the certificate.
What is a self-signed certificate?
A certificate signed by its own private key (subject = issuer). Not trusted by browsers by default β€” users see an "untrusted" warning. Used for internal testing, internal services (with manual trust configuration), or Root CA certificates (which are necessarily self-signed).
What is a Subject Alternative Name (SAN)?
A certificate extension listing all domain names, IPs, or email addresses the certificate covers. Modern certificates must list all covered names as SANs. Can cover multiple unrelated domains. Browsers check SANs (not just the Common Name) to validate a connection.
What does a wildcard certificate cover?
All subdomains at ONE level: *.example.com covers www.example.com, api.example.com, mobile.example.com. Does NOT cover sub-sub-domains (staging.api.example.com) or the apex domain (example.com) unless separately listed. One compromised wildcard cert exposes all subdomains.
What is a Certificate Revocation List (CRL)?
A list published by a CA of all revoked certificate serial numbers. Browsers download and cache CRLs periodically. Drawback: large files, caching lag means browsers may accept revoked certs until the cache refreshes. Soft-fail behavior (accept cert if CRL unreachable) is exploitable.
What is OCSP?
Online Certificate Status Protocol β€” real-time certificate revocation check. Client queries the CA's OCSP responder with a serial number; responder replies "Good," "Revoked," or "Unknown." More timely than CRL, but adds latency per connection and exposes browsing activity to the CA.
What is OCSP Stapling?
The server queries its own OCSP status and includes the CA's signed, timestamped OCSP response in the TLS handshake. Client receives cert + revocation status together β€” no extra round-trip, no privacy leak to CA, works even if CA's OCSP responder is temporarily offline.
What was Heartbleed?
CVE-2014-0160 β€” a critical OpenSSL bug allowing attackers to read up to 64KB of server memory per request, potentially including TLS private keys, session keys, and credentials. Required: patch OpenSSL β†’ revoke all certificates β†’ generate new key pairs β†’ issue new certs. Demonstrated the importance of revocation infrastructure.
What is certificate pinning?
Configuring an application to only accept a specific certificate or public key for a connection, regardless of the OS trust store. Prevents MITM attacks even if a rogue CA is trusted. Risk: pins must be updated when certificates renew β€” mobile apps with hard-coded pins can break when certs rotate.
What is Certificate Transparency (CT)?
A framework requiring CAs to log all issued certificates in public, append-only CT logs. Browsers require CT log inclusion for trust. Allows domain owners to monitor for unauthorized certificates issued for their domains. A CA issuing a rogue certificate will have it publicly logged β€” detectable.
What is the certificate chain of trust?
Root CA (pre-trusted in OS/browser) β†’ Intermediate CA (signed by Root CA) β†’ End-entity certificate (signed by Intermediate CA, installed on server). Browser verifies each link going up: server cert ← Intermediate CA ← Root CA ← trusted store. All links must verify for the connection to be trusted.