Thread: How to tell a fake SSL certificate from a real one
View Single Post
  #10 (permalink)  
Old 10-28-2007, 02:43 PM
Joan Battaglia
Guest
  
Posts: n/a
Default Re: How to tell a fake SSL certificate from a real one
On Sun, 28 Oct 2007 05:36:07 -0400, Nil wrote:
I followed everyone's advice and installed Tor/Vidalia/Privoxy.
I learned it's UP TO ME to determine if a certificate is fake.
So, I test the system - and I take your advice to READ the certificate
warning - but I still don't know what to do with the result.

Is THIS a fake certificate?

Here's what happened.
I went to http://torcheck.xenobite.eu/index.php
I clicked on the HTTPS-Mode button to see what it would say
Up popped a "Security Error: Domain Name Mismatch"
Which warned
You have attempted to establish a connection with
torcheck.xenobite.eu. However the security certificate
presented belongs to 217.160.111.190. It is possible, though
unlikely, that someone may be trying to intercept your
communication with this web site.
And, then:
If you suspect the certificate shown does not belong to
torcheck.xenobite.eu, please cancel the connection and notify
the site administrator.

So what do I do?
Most of these posts say to examine the certificate, so I press
the "View Certificate" button.

It says:
This certificate has been verified for the following uses:
SSL Server Certificate
Huh? Is that telling me something?

Then it says:
Issued To
Common Name (CN) 217.160.111.190
Organization (O) Kraus Computertechnik
Organizational Unit (OU) StartCom Free Certificate Member
Serial Number 01:84:54
To which my head is spinning - I guess I'm supposed to tell from this
if it's legitimate or not - but I don't know where to look.

It goes on:
Issued By
Common Name (CN) StartCom Class 1 Primary Intermediate Free CA
Organization (O) StartCom Ltd.
Organizational Unit (OU) Secure Certificate Signing
Huh? I still don't know what is wheat and what is chaff.

Moving on:
Validity
Issued On 9/25/2007
Expires On 9/24/2008
Does this tell me anything useful other than when it will expire.

Lastly:
Fingerprints
SHA1 Fingerprint
D3:CF:DC:24:BC:3E:E9:59:27:2B:82:51:27:67:D2:E8:61 :11:B9:1B
MD5 Fingerprint:
24:00:31:6D:F3:3B:E2:90:BC:73:CE:4D:BF:9C:2A:D7

I won't even go into what it says in the DETAILS tab!
Oh my. If all this which I'm supposed to read actually means something to
you guys, then you ARE rocket scientists!

What do I (decidedly not a rocket scientist) do with this information?
Is this a fake certificate or a real certificate?
How would I know?

Reply With Quote
 

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45