WoSign S/MIME Certificates: Server-Side Generation & Security

TL;DR

WoSign S/MIME certificates were generated on the server side, which presented significant cyber security risks. This practice has been discontinued as of late 2023/early 2024 following widespread reports and concerns. New certificates should be safe, but older ones are best avoided or treated with extreme caution. We’ll explain why and what to do.

Understanding the Problem

Traditionally, S/MIME certificates require a user’s private key to be generated on their device – this is crucial for security. WoSign previously offered a service where they generated these keys on their servers and then sent the certificate to the user. This meant WoSign (or anyone who compromised WoSign) had access to your private key, undermining the entire point of S/MIME encryption.

Why Server-Side Generation is Bad

1. Private Key Exposure: If WoSign’s servers were hacked, attackers could decrypt past and future emails signed with those certificates.
2. No User Control: Users didn’t have control over the key generation process or where their private keys were stored initially.
3. Trust Issues: It breaks the chain of trust inherent in Public Key Infrastructure (PKI). S/MIME relies on you being the *only* one with your private key.

Is My Certificate Affected?

Certificates issued before late 2023/early 2024 are highly likely to have been generated server-side. Certificates issued after this date should be safe, as WoSign has changed their process.

How to Check Your Certificate

1. Check the Issuance Date: Most email clients (Outlook, Thunderbird, etc.) will display the certificate’s issuance date when you view its details. Look for dates before December 2023.
2. Contact WoSign Support: If unsure, contact WoSign support directly and ask if your specific certificate was generated server-side.

What to Do If You Have an Affected Certificate

1. Revoke the Certificate: Immediately revoke the certificate through WoSign’s revocation portal. This prevents it from being used further.
2. Generate a New Certificate (From a Reputable Provider): Obtain a new S/MIME certificate from a provider that guarantees client-side key generation. Popular options include DigiCert, Sectigo, and GlobalSign. Ensure the process involves generating the private key on your computer or device.
3. Verify Client-Side Generation: When requesting a new certificate, look for clear instructions about importing a Certificate Signing Request (CSR) generated by your email client. This confirms the key is created locally.
   For example, in OpenSSL you would generate a CSR like this:

   openssl req -newkey rsa:2048 -nodes -keyout mydomain.key -out mydomain.csr

4. Inform Recipients: If you’ve sent emails signed with the compromised certificate, inform recipients that those messages may no longer be considered securely signed.

How to Ensure Future Certificates are Safe

1. Choose a Reputable Provider: Research providers and read reviews before purchasing S/MIME certificates.
2. Client-Side Key Generation is Essential: Confirm the provider requires you to generate your private key locally using your email client or a trusted software tool.
3. Avoid Browser-Based Generators: Do not use online tools that claim to generate S/MIME certificates directly in your browser, as these often rely on server-side generation.

Resources

• WoSign’s official announcements regarding the change (check their website for updates).
• Cyber security blogs and news articles covering the WoSign issue (search online for “WoSign S/MIME server-side”).