Blog: Heartbleed

Wildcard SSL certificates, not good value any more, my Heartbleeds

consultant-placeholder10 Ken Munro 15 Apr 2014

Wildcard SSL certificates make for much less hassle and cost when administering your HTTPS services. Why would you need individual certs for every box when one will do?

Buying a certificate for * is so much cheaper than buying one each for:

And you only have one to renew, one expiry date.

The chances of a significant remote compromise are relatively low, assuming one patches systems promptly and users are well educated about security.

Yes, if a reasonably targeted attack was carried out, you might be toast, but fairly unlikely.

And then, even if compromised, so long as you held to the defence in depth principle, compromise of one might not lead to compromise of all.

But then Heartbleed comes along. An attack from the leftfield, changing the game completely.

There was some debate about whether private keys could be stolen from memory, initially “No they can’t” then proven that they could be, thanks to a
really cool project from CloudFlare.

Yes, it takes a bit of effort to recover the key, but it is do-able. Hence why everyone should be renewing their SSL certificates.

Wildcard SSL certs don’t look like such a good idea now, do they…

Compromise one server, compromise the lot.