Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //

Authentication

11/28/2011
08:19 PM
50%
50%

Four SSL Certificate Management Tips For Holiday E-Commerce Success

Don't let CA compromises, expired SSL certificates break your Internet authentication processes

With Cyber Monday kicking off the first week of hot-and-heavy e-commerce action this holiday season, keeping consumers spending safely is a top-of-mind concern for most retailers. One of the keys to maintaining a smooth and secure customer experience is making sure that nothing "breaks" the process of SSL authentication.

Coming off a year full of certificate authority (CA) compromises, SSL certificate management is more important than ever. The following tips from authentication experts are important considerations for retailers and other organizations that depend on SSL to authenticate user communication and transactions.

1. Avoid Expiration At All Costs
Expiration of certificates is an important part of the security mechanism of certificates, says Jeff Hudson, CEO of Venafi. But it requires organizations to be on their toes to ensure that certificates remain current lest they interrupt the customer experience. At very best, an expired certificate will send up an error message on shoppers' browsers, warning them that the trusted connection is no longer able to be validated. But in some scenarios, an expiration can shut a system down.

"When certificates are used in server-to-server communication, it's not like they pop up a dialogue box that says, 'This certificate has expired or is from an unknown party, would you like to proceed anyway?' When servers communicate with each other, they don't have that option," Hudson says. "If they don't get a correct response from a challenge, they stop working. And sometimes it is hard to tell they're not working. Last year, the Target RedCard system went down for eight hours because of an expired certificate."

2. Know Where Your Certificates Are
Many times the reason why retail outfits and other large organizations allow certificates expiration dates to lapse without any action is that the people in charge of renewing had no clue the certificate existed in the first place.

Organizations with hundreds or thousands of certificates tend to fall down when they manage them all by spreadsheet and spread out the responsibility across server and website owners rather than centrally managing the task.

"The problem with a lot of larger operations is that they tend to manage certificates via spreadsheets, and that can create challenges," says Deena Thomchick, director of product marketing at Symantec.

According to Hudson, it is common for big retailers and other enterprises to not even know how many certificates they have in place.

"We recently walked into a very large retailer and asked them how many certificates they had. They told us 15,000," he says. "When we did a discovery, we determined that they had 30,000."

In order to get control of the situation, it might make sense to automate the discovery process, scan for certificates, and start setting up an automated way to renew certificates before expiration becomes a problem. Once that's done, it is easiest to centralize the whole process by developing infrastructure that allows a central administrator to handle all the certificates, authorizing issuance to individual business unit- or server-owners as they request them. "You want a platform that can accommodate one administrator who oversees all of the different certificates but can also be distributed so that individuals who are responsible for individual servers can tap into a centralized system and make their request," Thomchick says.

3. Don't 'Train' Users To Proceed Past Certificate Errors
In an ideal world, organizations want to train their users to immediately stop a transaction or a communication when a certificate error pops up. That's why expiration is so brutal.

"Under normal practices, if your site admins fall asleep at the wheel and don't renew certificates in time every year, your users are going to get used to that, and when they visit your site they'll say, 'This happens all the time, I'm just going to click 'OK,'" says Nicholas Percoco, senior vice president at Trustwave's SpiderLabs. "So you don't want that to ever happen on your site." But there are other considerations you'll need to think about to keep users from thinking it is OK to trip merrily along past a certificate error. For example, Percoco warns against mixing content on your site.

"That means if you have an https connection, you shouldn't have content pulled in from other places that are on your domain that are sent only over http," he says. "You want to make sure that all pages are over SSL and are tested."

Similarly, make sure that all forms submitted are done so using SSL so that if a customer clicks into a "Contact Us" link in the middle of an e-commerce transaction, no error will crop up in the process.

4. Centralize Management, Diversify Certificate Authorities
While the centralization of certificate management should be a goal for any organization that has to keep track of a multitude of SSL certificates, diversity isn't necessarily a bad thing -- particularly when it comes to the certificate authorities that you use. After the recent issues certificate authorities have faced with compromises, it makes sense for organizations to hedge their bets and work with multiple CAs should future compromises occur.

"Companies have to use multiple CAs. Certificate authorities are a supplier of trust, so if one of them goes bad you can switch with another one," Hudson says.

But the only way to do that is if you are able to easily identify and organize your certificates.

"That way when one of them is compromised, then you'll be able to swap them out with noncompromised ones within a matter of hours, not days or weeks or months," Hudson says. "Imagine if you don't even know where they are installed on your network. How are you going to be able to swap them out then?"

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Florida Town Pays $600K to Ransomware Operators
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/20/2019
Pledges to Not Pay Ransomware Hit Reality
Robert Lemos, Contributing Writer,  6/21/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-12960
PUBLISHED: 2019-06-25
LiveZilla Server before 8.0.1.1 is vulnerable to SQL Injection in functions.internal.build.inc.php via the parameter p_dt_s_d.
CVE-2019-12961
PUBLISHED: 2019-06-25
LiveZilla Server before 8.0.1.1 is vulnerable to CSV Injection in the Export Function.
CVE-2019-12962
PUBLISHED: 2019-06-25
LiveZilla Server before 8.0.1.1 is vulnerable to XSS in mobile/index.php via the Accept-Language HTTP header.
CVE-2019-12963
PUBLISHED: 2019-06-25
LiveZilla Server before 8.0.1.1 is vulnerable to XSS in the chat.php Create Ticket Action.
CVE-2019-12964
PUBLISHED: 2019-06-25
LiveZilla Server before 8.0.1.1 is vulnerable to XSS in the ticket.php Subject.