Discovering SSL Servers with Unsafe SSL/TLS Renegotiation

What is Renegotiation Vulnerability?

SSL/TLS Renegotiation Vulnerability was announced in November 2009. The vulnerability could allow an MITM attack if the SSL server side or SSL client side initiates an SSL renegotiation. Typically, an SSL server can initiate an SSL renegotiation when it wants to authenticate the client with an client certificate on the existing SSL connection or upgrade encryption strength. An SSL client can initiate an SSL renegotiation when it wants to upgrade the encryption strength or avoid using the same encryption key for too much data. A better description of the problem can be found in this blog post by Ivan Ristic.

 

Checking Tool is Available

Certificate Discovery feature in Kousec Server Certificate Manager RC-1a or later is able to detect SSL servers that accept those unsafe SSL/TLS renegotiation requests. By simply following Certificate Discovery pages, you will get a list of server certificate validation results along with this vulnerability check.

 

Example

Below is a sample report generated in our testing environment. The right-most column indicates whether it has successfully completed the unsafe SSL renegotiation with the server.

 

Discovery Report Screenshot

 

Notes

 

Download the Tool

Download Kousec Server Certificate Manager

 

More Information on Kousec Server Certificate Manager

Product Information Page