Improving revocation : will Let's Encrypt support OCSP Must-staple?

Ah, I thought flipping it in boulder-config.json was enough, but now I see it’s /test/boulder-config.json in the commit… :unamused: Didn’t look good enough, my bad!

No worries! I know people are excited for this feature, it’s just a matter of time and priorities. :slightly_smiling:

1 Like

Must Staple is now enabled in staging. If you want to use the official client, you can pull the must-staple branch locally and pass the --must-staple flag, or you can generate your own CSR and use the --csr flag with one of the released client versions.

We’ll probably enable it in production sometime Thursday.

2 Likes

I’ll try it tomorrow! :smiley:

Thank you very much!

It’s a pity though Google won’t support it in Chromium/Chrome… Yet… :frowning:

@jsha For some reason, when I put an invalid feature in the TLS Feature Extension attribute in the CSR, Boulder answers with Error: urn:acme:error:serverInternal :: The server experienced an internal error :: Error creating new cert.

I confirmed a Must-Staple TLS Feature Extension CSR can be signed on staging with the following CSR generating command:

openssl req -new -sha256 -key ${PRIVKEY} -subj "/CN=${1}" -reqexts SAN -config <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=DNS:${1}\n1.3.6.1.5.5.7.1.24=DER:30:03:02:01:05")) -out ${CSR}

But when you change DER:30:03:02:01:05 (status_request extension, i.e., OCSP stapling) to DER:30:03:02:01:04 (truncated_hmac extension, not valid in Boulder ofcourse), Boulde generates the above error.

The only thing in the code as far as I can see, which should “catch” this, is:

Which only adds some stats on line 343, but doesn’t result in a clear error message.

Shouldn’t the error be something more along “You’ve requested an invalid TLS Feature Extension”?

3 Likes

Thanks for reporting! I’ve filed a bug, we’ll fix it: https://github.com/letsencrypt/boulder/issues/1650

1 Like

@osiris: This bug is now fixed on staging. Please try again.

@jsha Hi, is the must-staple feature in production yet ?

And if anyone know : http://security.stackexchange.com/questions/119316/how-to-simply-check-if-a-certificate-has-the-ocsp-must-staple-attribute ?

Not yet, sorry. Our Ops team has been busy.

1 Like

Hi i found two points:

  1. I added an new DNS record for the test. But the server (staging) toggle between the old IP and the new one.
    Even old and new one had an DNS TTL of 60sec.
  2. The CSR i Generated always cause an Internal Server Error on the acme side.
    Any hints ?

CSR: MIIBUzCB1wIBADAZMRcwFQYDVQQDEw50ZXN0LnN1Y2hlLm9yZzB2MBAGByqGSM49AgEGBSuBBAAiA2IABMZFTHnwtatfYkVTMTnqupRt6Ue/jcfCukBRPav35LrVJJ4Kr/Pvlk3YXTrbN7n0Tv8yp0atfLleqUBShoLbR/0jQkcKIpj4sTO9FN+onu5v9tuzyBv6iWLq87mepCK63aA/MD0GCSqGSIb3DQEJDjEwMC4wEQYIKwYBBQUHARgEBTADAgEFMBkGA1UdEQQSMBCCDnRlc3Quc3VjaGUub3JnMAwGCCqGSM49BAMCBQADaQAwZgIxAOiqqRhDw1WBwYJQXeNYthuun3r057/bc2PeitdHH/ZX8xOeVwDOtSfojUoeCOlZYQIxAKyT+qJ4i1RgTf+7E6L1xWsV/lKJRss+hmLzLgzPKZBNoSmDPmIR/eAoLZYTMoc+7g==

{“header”: {“alg”:“ES384”,“jwk”:{“crv”:“P-384”,“kty”:“EC”,“x”:“cB_MZcEEBpJnyKSj-za2rOSpOCO69Rtl1-tiQpHd4hReav96b4k71jRmYPZg6r5G”,“y”:"_CRvh6A4OdQivpAkUGUfTuO84ZnLsDbgPpIxKVBXIYxE–Gi65IjOhypqdjG-fFE"}}, “protected”: “eyJub25jZSI6ICJsZUk2UmxPOHhDNnMwb1l1b1VHWnhnU0UyMUp3NnFBU3pRZVFvWHFqLTUwIn0”, “payload”: “eyJyZXNvdXJjZSI6ICJuZXctY2VydCIsICJjc3IiOiAiTUlJQlV6Q0Ixd0lCQURBWk1SY3dGUVlEVlFRREV3NTBaWE4wTG5OMVkyaGxMbTl5WnpCMk1CQUdCeXFHU000OUFnRUdCU3VCQkFBaUEySUFCTVpGVEhud3RhdGZZa1ZUTVRucXVwUnQ2VWVfamNmQ3VrQlJQYXYzNUxyVkpKNEtyX1B2bGszWVhUcmJON24wVHY4eXAwYXRmTGxlcVVCU2hvTGJSXzBqUWtjS0lwajRzVE85Rk4tb251NXY5dHV6eUJ2NmlXTHE4N21lcENLNjNhQV9NRDBHQ1NxR1NJYjNEUUVKRGpFd01DNHdFUVlJS3dZQkJRVUhBUmdFQlRBREFnRUZNQmtHQTFVZEVRUVNNQkNDRG5SbGMzUXVjM1ZqYUdVdWIzSm5NQXdHQ0NxR1NNNDlCQU1DQlFBRGFRQXdaZ0l4QU9pcXFSaER3MVdCd1lKUVhlTll0aHV1bjNyMDU3X2JjMlBlaXRkSEhfWlg4eE9lVndET3RTZm9qVW9lQ09sWllRSXhBS3lULXFKNGkxUmdUZi03RTZMMXhXc1ZfbEtKUnNzLWhtTHpMZ3pQS1pCTm9TbURQbUlSX2VBb0xaWVRNb2MtN2cifQ”, “signature”: “v1-sVVtyp5GgT9jIlnLW3vX1MLhqSrzur45-aIOznq1gW1GURG8Rjb0BdIEMxoVAall-TitPpTDLk1TUp1yFKZh1MiLamjYb3UnodU1I1AOezd-ISFd005e6MFI_AdX9”}
391 ms POST https://acme-staging.api.letsencrypt.org/acme/new-cert HTTP-500 Internal Server Error {“type”:“urn:acme:error:serverInternal”,“detail”:“Error creating new cert”,“status”:500}
2016-04-06T18:32:50.205 INFO REQ-LOG (127.0.0.1 , 101700) ZIP( -1 < 669) in 11551(ms) for[200] GET https://127.0.0.1/acmeAdmin CipherSuite(TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256) param:{“acmeServer”:[“https://acme-staging.api.letsencrypt.org/directory"],“addFQDN”:[“test.suche.org”],“keyLen”:[“384”],“keyTyp”:["EC”]}

Very strange… I can get a RSA public key certificate with the must-staple feature, but when I use an ECDSA key (with must-staple), it malfunctions…?

ECDSA itself is not the problem, but the combination ECDSA and Must-Staple is…

Unfortunately, an internal server error is hard to debug… Could it be this line?

https://github.com/letsencrypt/boulder/blob/master/ra/registration-authority.go#L590

@Osiris should i fill an bug ticket for this ?
Since you can reproduce it. It should not be an fault on my implementation.

Already done ;) 

Osiris opened the bug 1706 with an good description

Summary: This feature was not supported in the ECDSA profile.
Should be supported on production if it go live.

Attention: currently only OCSP-Staple is allowed as supported feature by 1.3.6.1.5.5.7.1.24.

Hi, any timeline when the EC fix will be available for testing in staging environment?

This is now fixed in staging. You should be able to issue ECDSA + Must-Staple certificates against staging.

Nice :grin:
I can confirm that it is now working.

Sorry for the delay on this, all. We realized that our CP doesn’t currently list the Must Staple extension as one of the ones we may provide in certificates. We need to update the CP before we can flip on the config. That’s taken a little longer than expected because the necessary staff members have been quite busy. Will post again once we’re able to turn it on.

Thanks,
Jacob

3 Likes

OK we will wait. Will i hope that this will not be an long term feature. If there is no time frame mentioned yet.

1 Like

You “should” also update your CPS:

keyUsage. This extension is present and marked critical. Bit positions for digitalSignature and
keyEncipherment are set

But keyEncipherment isn’t set for ECDSA certificates:

Might wanna look into that :slight_smile:

Actually, from reading the CP, the CPS is the most logical choice to put the TLS Feature Extension too I think.

1 Like