DoD's public.cyber.mil is using an untrusted root CA

DoD's public.cyber.mil is using an untrusted root CA(cyber.mil)

2 points by thom_nic 266 days ago | 3 comments

elmerfud 266 days ago |

https://usgovpki.apps.deas.ecs.mil/dod/cas-all-simple/index....

I don't know if their change was intentional but the DoD does publish their CAs for use. I also have to say that if you are blindly trusting the CAs that your browser includes to determine the legitimacy, authenticity or security of your data going to the target of your intention, you are in for a very rude awakening when you learn how they work and how most of them issue certificates.

The way most certificates are signed nowadays is only as strong as the DNS hijacking protection they have. Preloaded CAs make for an ease of browsing experience but protection they actually provide is only in the encrypted transit and not much beyond that.

thom_nic 266 days ago | |

This is fair, but I would venture to guess 99% of people including software developers and even most IT professionals completely rely on the vendor pre-installed root CAs.

thom_nic 266 days ago |

DOD Cyber Exchange, home of DISA STIGs among other resources, appears to be signed by a root CA "US DoD CCEB Interoperability Root CA 2" which does not appear to be in any browser list of trusted root CAs. This seems to have changed at some point, because public.cyber.mil used to be accessible without any browser warnings. Certificate chain:

    $ gnutls-cli --print-cert public.cyber.mil 443 </dev/null
    Processed 150 CA certificate(s).
    Resolving 'public.cyber.mil:443'...
    Connecting to '23.9.224.83:443'...
    - Certificate type: X.509
    - Got a certificate list of 2 certificates.
    - Certificate[0] info:
     - subject `CN=comm-cyber.mil,OU=DISA,OU=PKI,OU=DoD,O=U.S. Government,C=US', issuer `CN=DOD SW CA-74,OU=PKI,OU=DoD,O=U.S. Government,C=US', serial 0x087ef6, RSA key 2048 bits, signed using RSA-SHA256, activated `2025-08-11 17:51:06 UTC', expires `2026-09-12 17:51:06 UTC', pin-sha256="zqDELcwzXa0DHRYN6o+J5FGm2fSFXYb3O0knmjH3MrE="
            Public Key ID:
                    sha1:2925dac566b06932f1995cc904f1e723e26d6f5d
                    sha256:cea0c42dcc335dad031d160dea8f89e451a6d9f4855d86f73b49279a31f732b1
            Public Key PIN:
                    pin-sha256:zqDELcwzXa0DHRYN6o+J5FGm2fSFXYb3O0knmjH3MrE=


    -----BEGIN CERTIFICATE-----
    ...snip
    -----END CERTIFICATE-----

    - Certificate[1] info:
     - subject `CN=DOD SW CA-74,OU=PKI,OU=DoD,O=U.S. Government,C=US', issuer `CN=DoD Root CA 6,OU=PKI,OU=DoD,O=U.S. Government,C=US', serial 0x4a, RSA key 2048 bits, signed using RSA-SHA384, activated `2023-05-16 16:05:29 UTC', expires `2029-05-15 16:05:29 UTC', pin-sha256="NJVFdvvbhMFMXyUHKDk1RLnMkkY5Qt9eP3Q0Q8QHPUk="

    -----BEGIN CERTIFICATE-----
    ...snip
    -----END CERTIFICATE-----

    - Status: The certificate is NOT trusted. The certificate issuer is unknown. 
    *** PKI verification of server certificate failed...
    *** Fatal error: Error in the certificate.

$ gnutls-cli --print-cert public.cyber.mil 443 </dev/null Processed 150 CA certificate(s). Resolving 'public.cyber.mil:443'... Connecting to '23.9.224.83:443'... - Certificate type: X.509 - Got a certificate list of 2 certificates. - Certificate[0] info: - subject `CN=comm-cyber.mil,OU=DISA,OU=PKI,OU=DoD,O=U.S. Government,C=US', issuer `CN=DOD SW CA-74,OU=PKI,OU=DoD,O=U.S. Government,C=US', serial 0x087ef6, RSA key 2048 bits, signed using RSA-SHA256, activated `2025-08-11 17:51:06 UTC', expires `2026-09-12 17:51:06 UTC', pin-sha256="zqDELcwzXa0DHRYN6o+J5FGm2fSFXYb3O0knmjH3MrE=" Public Key ID: sha1:2925dac566b06932f1995cc904f1e723e26d6f5d sha256:cea0c42dcc335dad031d160dea8f89e451a6d9f4855d86f73b49279a31f732b1 Public Key PIN: pin-sha256:zqDELcwzXa0DHRYN6o+J5FGm2fSFXYb3O0knmjH3MrE= -----BEGIN CERTIFICATE----- ...snip -----END CERTIFICATE----- - Certificate[1] info: - subject `CN=DOD SW CA-74,OU=PKI,OU=DoD,O=U.S. Government,C=US', issuer `CN=DoD Root CA 6,OU=PKI,OU=DoD,O=U.S. Government,C=US', serial 0x4a, RSA key 2048 bits, signed using RSA-SHA384, activated `2023-05-16 16:05:29 UTC', expires `2029-05-15 16:05:29 UTC', pin-sha256="NJVFdvvbhMFMXyUHKDk1RLnMkkY5Qt9eP3Q0Q8QHPUk=" -----BEGIN CERTIFICATE----- ...snip -----END CERTIFICATE----- - Status: The certificate is NOT trusted. The certificate issuer is unknown. *** PKI verification of server certificate failed... *** Fatal error: Error in the certificate.