> DoD Cyber Exchange site is undergoing a TSSL Certification renewal
I'm imagining someone searching around for a consulting or testing company that will help them get a personal TSSL Certification, whatever that is (a quick search suggests that it does not exist, as one would expect). And perhaps they have no idea what TLS is or how any modern WebPKI works, which is extra amazing, since cyber.mil is apparently a government PKI provider (see the top bar).
Of course, the DoD realized that their whole web certificate system was incompatible with ordinary browsers and they wrote a memo (which you have to click past the certificate error to read):
https://dl.dod.cyber.mil/wp-content/uploads/pki-pke/pdf/uncl...
saying that, through February 2024, unclassified DoD sites are permitted to use ordinary commercial CAs.
If the DoD were remotely competent at this sort of thing, they would (a) have CAA records (because their written policy does nothing whatsoever to tell the CA/B-compliant CAs of the world not to issue .mil certificates, (b) run their own intermediate CA that had a signature from a root CA (or was even a root CA itself), and (c) use automatically-renewed short-lived certificates for the actual websites.
cyber.mil currently uses IdenTrust, which claims to be DoD approved. They also, ahem, claim to support ACME:
> In support of the broader CA community, IdenTrust—through HID and the acquisition of ZeroSSL—actively contributes to the development and maintenance of major open-source ACME clients, including Caddy Server and ACME.sh. These efforts help promote accessibility, interoperability, and automation in certificate management.
Err... does that mean that they actually support ACME on their DoD-approved certificates or does that mean that they bought some companies that participate in the ACME ecosystem? (ACME is not amazing except in contrast to what came before and as an exercise in getting something reasonable deployed in a very stodgy ecosystem, but ACME plus a well-designed DNS-01 implementation plus CAA can be very secure.)
The offending certificate is:
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:01:95:b4:87:b3:a3:a9:12:e0:d7:21:f8:b3:91:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=IdenTrust, OU=TrustID Server, CN=TrustID Server CA O1
Validity
Not Before: Mar 20 17:09:07 2025 GMT
Not After : Mar 20 17:08:07 2026 GMT
Subject: C=US, ST=Maryland, L=Fort Meade, O=DEFENSE INFORMATION SYSTEMS AGENCY, CN=public.cyber.mil
They are literally telling users to click through the browser errors about the bad cert. They don't mention that there is a very specific error they should be looking for (expired cert). This gives any MITMer the opportunity right now to replace downloaded executables with malware-laden ones using nothing more than a self-signed cert and a proxy. You can bet your boots China, NK, Iran, Russia are all having a good laugh. Biggest military in the world and they can't get a web server working.
It blows me away that a bank can't afford to do for themselves what Certbot and Lets Encrypt does for me, for free.
Like, pay a guy a whole week to automate this and it will save you the 12hrs losses every time your cert expires.
TSSL renewal does not cause downtime.. If it's actually done of course.
Good stuff.
Someone please verify that the exclamation point inside of the warning icon has always been gold and that this website's design hasn't fallen victim to Trump's dragon-like gold hoarding obsession.
Is there more..?
Checked on Chrome too, I see nothing.
iOS Chrome