I currently use a server SSL certificate without a pass-phrase in order to allow Apache to start up unattended.
There are signs from customers to require us to protect the SSL certificate more securely. I'm not sure yet what they are aiming for, but for now I guess that they don't want an unprotected SSL certificate on the disk. I suppose I can't avoid having it in the clear inside Apache's memory but let's assume that's acceptable.
I came up with an elaborate system to keep the pass-phrase in the memory of a process on an internal server (i.e. not on the front-line web server) and hand it over to the front-line server using an Apache SSLPassPhraseDialog (http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslpassphrasedialog). The internal server will have to have the pass-phrase typed in to it when it starts, and we'll have multiple such servers load-balanced for high availability.
My question is:
- How do the "big boys" protect their SSL certificate? Do they just force their stuff to type the pass phrase on server restart or do they keep it unencrypted like the rest of us?
- My experience with open source is that there is a very good chance that someone has already solved whatever problem I face – is such a system available already?
- Would it be reasonable, from business level perspective, to just say that we keep the certificate unencrypted and just have rapid procedures to revoke it if stolen?
Best Answer
Lets review Public Key Infrastructure basics first in a hierarchical PKI model.
Therefore, your concern with Apache should be around the private key, not the public key. The typical way a security engineer might protect a private key is to use a hardware security module. A hardware security module (HSM) can come in many form factors including a smartcard, a PCIe card, a PCI card, a USB dongle, a USB stick, a network based HSM, or others. Accordingly, these can cover a large amount of budgets and security capabilities.
There are some HSMs that have validated security implementations such as FIPS 140-2 in levels 1 (software generally) 2 physical (tamper resistance) 3 physical (tamper resistance & intrusion response) and 4 physical (tamper resistance, intrusion response and key zeroization).
To evaluate if your business should do something, I'd look at doing a cost benefit analysis & a risk assessment that includes ALE, ARO, and SLE calculations. However, if you are doing business over the web, it might be better to bring in a web security professional to evaluate all of your infrastructure and come up with a consolidated list of vulnerabilities and weaknesses, with a prioritized remediation plan that you can work with your management.