Common Name (and SAN) in a PEM certificate should match the hostname in case of a web service. However, I found many IPSEC or VPN online documentations (the ones using a self-signed certificate) ignore Common Name field on the certificate request. I am assuming the hostname doesn't matter in case of the usage of certificate in IPSEC and VPN unlike that in web service. Can someone explain this to me?
Asked
Active
Viewed 3,326 times
3
-
1Seems like t his would depend on implementation. It certainly matters in OpenVPN with with `ccd-exclusive`. – Zoredache May 01 '17 at 21:46
-
1Agree, it depends on a client implementation. From what I know, Microsoft IPsec, Microsoft VPN clients (with default settings) perform subject check for connection party and will refuse connection if endpoints' address mismatches the name in the certificate. – Crypt32 May 02 '17 at 03:20
-
Thank you for your answers. It means, then, some IPSEC or VPN doesn't check the Common Name on a certificate. Do you have any examples of that implementation? – flymetothemoon May 02 '17 at 13:30
1 Answers
3
Fun fact: Common names are deprecated from SSL certificates and should be ignored if a Subject Alternative Name is present. Except who are we kidding - there's tens of thousands of clients out there, and there's no guarantee that they're up to date.
But what you're seeing is correct. Common name should only be used if there is no SAN, and I guess the A in SAN no longer stands for "Alternative"...
But that doesn't mean that the host name does not matter! The host name should be specified in the SAN portion of the certificate, or validation will (or should) fail.
Mark Henderson
- 68,823
- 31
- 180
- 259
-
Thanks for your answer. But i am asking in case if IPSEC implementation on Linux not just for web. In many IPSEC or other form of certificate based authentication and encryption, there is no way to check host names properly. If a host is dynamically generate and hard to add those to DNS or hosts file since IPs and names are dynamic in nature, how does cert-based auth works? That is my question. My guess is just the content of cert matters for the authentication. As long as the cert is signed by trusted CA , the host is trusted. And i would like to know the detail of these impkementation. – flymetothemoon May 04 '17 at 03:19
-
@flymetothemoon you mean the _client_ certificate? If so, then you didn't mention that - you just mention IPSec in general, which I interpreted as the server certificate. Can you confirm if you are actually talking about the client certificate? – Mark Henderson May 04 '17 at 10:02
-
I don't know enough that IPSEC would have clear-cut server/client relation since the communication is bidirectional so at any given moment a host will function as both server and client in terms of IPSEC. It would be easier if I give an example. there are 1000 servers that should communicate over IPSEC. What if there is more servers are constantly added on. Let's assume it is hard to add all of them to DNS also it is hard to configure hosts files. So wildcard certs is not possible. Then is it possible to use IPSEC based on certificate? how hostname on cert plays in that case? – flymetothemoon May 04 '17 at 11:41
-
There is always two sides to certificate based authentication, but it only happens once. Like negotiating a TLS connection for the web - you don't negotiate every single time a packet is exchanged, only when the connection is opened. So there is always two different certificates in play, and they both have dual purposes. Their first purposes is to provide a secure channel of encryption. For this, the contents of the certificate do not matter, only that they can exchange properly. The second role is for authentication - this is where the certificate contents DO matter. – Mark Henderson May 04 '17 at 11:53
-
The client uses the certificate chain to identify if this is a cert from a trusted source, and then it uses the names on the certificate to identify if this is a _correct_ certificate. From the servers perspective, it gets the client certificate and checks it against a pre-defined list of rules. Those rules can essentially be anything, or no rules at all. As for the Linux implementation of this, I don't know enough to answer your question. But I think you might need to figure out exactly what you need to know first. – Mark Henderson May 04 '17 at 11:56
-
That clarifies a lot of things . So there is two major roles a cert plays according to your explanation - securing communication channel and authentication. So next step i have to figure out is that a Linux IPSEC implementation, Strong swan in mu case, is using a cert for both or just secure communication. If it is only latter I think hostname won't be matter. I have to find the answer to that. Thanks for the clarification. – flymetothemoon May 05 '17 at 00:11
-
If this answer has been useful to you, feel free to give it an upvote to show others that it's helpful. – Mark Henderson May 05 '17 at 10:52