[SSL Observatory] https://controller.mobile.lan

Tom Ritter tom at ritter.vg
Tue Feb 7 04:38:11 PST 2012


>> Since they cannot know in
>> advance what will be the host name that their customer will provide for the
>> app or appliance (and they don't wish to burden their customer with the task
>> of generating and
>> installing an SSL certificate after installation), they purchase an SSL
>> certificate for an internal-only domain name, and deploy the same private
>> key and certificate in each app or appliance.

I appreciate the engineering difficulty/laziness that leads to this
situation, but ultimately using the same private key in every box
leads to projects like https://code.google.com/p/littleblackbox/

I'd have loved to drop the private key into the thread, but alas, it's
not available... yet.

$ ./littleblackbox -p munich.pem
ERROR: Failed to locate a matching private certificate for
fingerprint: AD:4F:33:6D:7E:07:E2:58:E8:A6:93:D6:42:5B:31:34:CC:7D:4A:21

-tom



More information about the Observatory mailing list