The United States Computer Emergency Readiness Team (CERT) issued a report in which it warned companies and other organizations against using HTTPS or TLS interception products. CERT said that such products often make those companies' communications less secure, because the products don’t properly validate server connections and may use weaker cryptography.
Intercepting encrypted TLS connections is quite a common occurrence within organizations as part of their security solutions. The idea is that it’s better to decrypt all encrypted communications internally to check for malware and spam. However, according to CERT, this kind of thinking may expose companies to other dangers.
The way HTTPS inspection works is by intercepting HTTPS traffic and performing a man-in-the-middle (MITM) attack on the network connection. In MITM attacks, sensitive data is transmitted to a (usually malicious) party spoofing the server the client intends to reach. However, browsers may show warnings when this happens because the client certificate and the spoofed server certificate don’t match.
To avoid these warnings, when organizations do MITM attacks against their own connections, they install “trusted” certificates on the client machines that match up with the interception product. However, the problem with this solution is that the client can no longer validate the certificate of the server.
Therefore, even if the connection between the interception product and the client machine is secure, both the interception product and the clients may be receiving data from a spoofed server.
According to CERT, many interception products do not properly validate the certificate chain of the server before re-encrypting the data and forwarding it to the clients. CERT found that many of the interception products don’t forward the certificate chain errors to the clients, so the clients would be unaware that the data was sent to a spoofed server.
If for whatever reason companies refuse to drop HTTPS interception products from their enterprise security architecture, CERT recommends they use sites such as BadSSL.com to test the security of their connections. The tests should show whether or not their HTTPS inspection products are properly verifying the certificate chains of the servers and if they are using weak cryptography when re-encrypting the connections.
At a minimum, if the BadSSL.com certificate tests prevent clients with access to the internet from connecting, then the clients should also refuse the connections done through the HTTPS inspection products.