英文:
[golang]Is it possible to write TLS server without certificate?
问题
你已经有一个将InsecureSkipVerify设置为true的TLS配置的客户端。如何为这个客户端编写一个接受任何证书的服务器呢?tls.config能在服务器端设置InsecureSkipVerify为true吗?
英文:
From client I already have tls config which sets InsecureSkipVerify to true. How to write server for this client which take any cert.
Can tls.config help in server too? like setting InsecureSkipVerify to true?
答案1
得分: 3
不,正如@JimB告诉你的那样,没有证书TLS是无法工作的。
原因很简单:TLS是关于安全性的,而证书是提供安全性的加密密钥(TLS使用所谓的“非对称加密”,其中每个参与方都有一个由私钥和公钥组成的密钥对;在进行TLS握手时,公钥部分会发送给另一方)。
但另一方面,TLS提供的安全性是双重的:
- 它提供参与交换的各方的相互认证。
- 它提供传输通道的加密。
证书用于这两个方面:它们包含的加密密钥用于(2),它们所包含的所有者身份(由颁发特定证书的机构进行验证)用于(1)。
我不打算详细讨论(1)的工作原理(尽管我真诚地建议你阅读一些相关理论),但(1)是你实际上想要规避的部分。
好消息(对你来说)是这可以很便宜地实现:
- 可以告诉TLS客户端不验证服务器的身份。
- 可以告诉TLS服务器做同样的事情(通常这是它们的默认模式,对于常规网站来说很典型)。
- 可以为你的TLS服务器创建所谓的自签名证书。
后者只需要一个能够生成X.509证书的工具;通常使用OpenSSL来完成这个任务;只需在谷歌上搜索一下。
如果你使用的是Debian或Debian衍生版(如Ubuntu、Mint等),可以考虑安装ssl-cert软件包并使用它提供的make-ssl-cert程序。
要准确一点,它们只保护交换的初始阶段,在此阶段各方生成并相互发送用于对称加密的密钥,然后用于加密通信通道,并定期重新生成(和重新交换)。这是因为对称算法要快得多。
英文:
No, as @JimB told you, TLS can't work without certificates.
The reasoning is simple: TLS is all about security, and certificates
are cryptographic keys which provide that security (TLS uses a so-called
"asymmetric cryptography" where each party has a key pair consisting of
a private and public parts; the public part is what get sent to another party
when doing a TLS handshake).
But on the other hand the security TLS provides is two-fold:
- It provides mutual authentication of the parties participating in the
exchange. - It provides encryption of the transmission channel¹.
Certificates are used for both aspects: the fact they contain cryptographic keys is used for (2), and the fact they have owner's identity encoded
in them (and verified by whoever was issued a particular cercificate)
is used for (1).
Let me not digress into discussing how (1) works in detail
(though I truly urge you to read some theory on it) but (1) is what
you actually want to sidestep.
The good (for you) thing is that it's cheaply doable:
- The TLS clients can be told to not verify the server's identity.
- The TLS servers can be told to do the same (and often it's the default
mode they operate in—which is typical for regular websites
for instance). - You can create a so-called self-signed certificate for your TLS
server.
The latter requires nothing but something which is able to generate
X.509 certificates; OpenSSL is typically used for this;
just google for it.
If you're on Debian or Debian derivative (like Ubuntu, Mint etc)
consider installing the ssl-cert package and using
the make-ssl-cert program it provides.
¹ To be precise, they only protect the very initial phase of the exchange during which the parties generate and send to each other keys used for symmetric encryption, which are then used to encrypt the communication channel, and are regenerated (and re-exchanged) periodically. This is done because symmetric algoritms are way faster.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论