sensu icon indicating copy to clipboard operation
sensu copied to clipboard
verified publisher icon sensu

Sensu SSL tool generates 2048-bit RSA, SHA1 certificates by default, which are not future-proof

Open danielkza opened this issue 9 years ago • 4 comments

As per title, the OpenSSL configurations that are bundled with the SSL tool are somewhat poor. SHA1 certificates are being deprecated for usage in browsers. SHA2 is widely available and considered superior almost all criteria.

2048-bit RSA keys, while not considered insecure at the present moment, will probably not stay that way for the next 5 years, which is the default validity configured by the tool. It would be preferable to default to something more robust (such as a larger key length), or at least provide the option of doing so, for users looking to set up Sensu in an easy but secure way.

Expected Behavior

The Sensu SSL tool generates certificates with future-proof crypto parameters.

Current Behavior

The Sensu SSL tool uses an outdated hash function in SHA1, and a non-future proof key configuration in 2048-bit RSA.

Possible Solutions

  • Use SHA256 instead of SHA1
  • Use 3072/4096-bit RSA keys

Steps to Reproduce (for bugs)

Use the Sensu SSL tool as documented and inspect generated certificates (e.g. by running openssl x509 -in server/cert.pem -text -noout).

danielkza avatar Nov 13 '16 18:11 danielkza

This seems reasonable, we will investigate our options. The current Sensu SSL tooling can be found @ https://github.com/sensu/sensu-docs/blob/master/docs/0.26/tools/ssl_certs.tar, however, we probably want to replace this method of certification generation altogether.

portertech avatar Nov 14 '16 22:11 portertech

My only issue with a 4096-bit key by default is that it takes ages on a small VM (as in, one used for testing). Future-proof'd hash? Yes please! Larger than 2048/3072? Ehhhh.... that seems like it'd bite a fair amount of new users unnecessarily. Perhaps make it easy/obvious to generate large keys for production-ready deployments via CLI?

law avatar Jan 11 '17 20:01 law

I agree we need to increase to sha2 and understand the concerns around key length for small vms. I feel like in the world we live in now with solutions like Let's Encrypt people should use externally verified certs for production environments.

majormoses avatar May 13 '17 16:05 majormoses

Now it is critical, certificates generated with sha1 trigger "tlsv1 alert insufficient security" error in rabbitmq, nobody can connect. Should be replaced with sha256 ASAP. RSA 2048 works fine.

Personally I prefer easy-rsa. If there is no plan to maintain your ssl_certs utility, it should be removed and documentation should provide some links to external tools.

sekrett avatar Dec 29 '18 10:12 sekrett