I have a website
secret.example.com, which contains information which must not be disclosed to third parties. In order to protect the information, TLS client authentication was chosen. Whether or not a client is authorized depends on them possessing a client certificate which is signed by the internal CA.
The following snippets of the configuration file provide the client authentication:
ssl_client_certificate /etc/ssl/nginx/secret.example.com/cert/ca.pem; ssl_verify_client on;
ca.pem contains a self-signed certificate authority, created via the following openssl command:
openssl req -new -x509 -nodes -days 1460 -key ca.key.pem > ca.pem
Client certificates would then be signed by this root CA.
What I have tried so far
- Send a certificate signed by the CA – This results, as expected, in the website being displayed correctly.
- Send no certificate – This results in an error returned by the server, claiming no client certificate was sent.
- Send a self-signed certificate by a CA with the same details as the real CA – This results in the error message “The SSL certificate error”, which is not very descriptive, but still does not allow an attacker to see the confidential information.
Is this configuration sufficient to enforce proper authorization? Or does an attacker have any possibility to still access the confidential information?
In order to scope the question further, the following scenarios are explicitly not in the scope of the question:
- Vulnerabilities in nginx (however, “gotchas” in the configuration are in scope)
- Disclosure of information through other sites (e.g.
- Direct attacks on the physical server
- Attacks on the machine of a user, causing disclosure of a client certificate and private key