Go and SSL verification

Follow

Comments

3 comments

  • Avatar
    Brett Cave

    *bump*

  • Avatar
    Sara Paul

    Go Server uses self-signed certificates. When an agent and the Go server first negotiate their SSL session, the Go server sends its digital certificate (containing the public key) to the agent. The agent adds Go server to its trust store.


     

    Go server then creates a x.509 certificate for the agent which the agent stores it in its key store. All further SSL communication from the agent happens using this certificate. This certificate is also used to authenticate the agent.

     

    Now, lets assume that there is a man in middle attack with a different certificate. When the agent communicates with the malicious server, the first request will fail to complete because the certificate would not be present in the trust store. The agent then deletes the old certificate from the trust store and starts communicating with the new server. The last step is done so as to ensure easy configuration and administration of Go deployments as typical Go deployments are in an internal network or behind a firewall.
  • Avatar
    Sara Paul

    If you want to prevent a rogue server from using an agent, you can make root the owner of the agent's certificate store, and allow only read only access for the cruise user, so that the Go agent process does not write to the certificate store. Thereby ensuring that no new certificates are accepted from the impersonating server.  

Please sign in to leave a comment.