2

AWS recommends pinning their root certificate when implementing SSL pinning. My understanding is that SSL pinning for mobile applications mitigates a situation where an attacker has installed a malicious certificate on the device's certificate store. However, if an app is instructed to trust all certificates signed by AWS, couldn't an attacker trivially buy a malicious cert from AWS and install that in order to pull off a MITM?

Prime
  • 474
  • 6
  • 15
  • 1
    TL;DR: No. If you're worried about this, good instincts, but you should read up on [what cert pinning is](https://security.stackexchange.com/q/29988/67089) I'm writing up an actual explanation now. – Nic Jul 10 '19 at 17:53
  • 1
    Is it not an issue because SSL clients check that the domain name matches as well, and AWS wouldn't issue another cert with my registered domain name? – Prime Jul 10 '19 at 18:03
  • 1
    Yup. I'm writing up an answer explaining that in more words right now :) – Nic Jul 10 '19 at 18:04

2 Answers2

8

TL;DR: No. That's not how certificates or pinning work.

All certificate pinning does is limit the root of the trust chain to a smaller set, for a specific domain. It doesn't change how the certificates work. It only adds a new constraint on acceptable roots, without disabling any others, and they all have to match -- domain name, date, etc., and now pinned root.

The only way a MITM like you describe could occur is if someone managed to get a certificate, through Amazon, of your domain. Such a thing is technically possible, of course, because people run the systems and people are fallible. However, if anything, pinning a cert makes that attack harder. Without it, they could attack any trusted root certificate. With cert pinning, they have to attack the one(s) you've pinned.

Nic
  • 1,826
  • 15
  • 22
  • 2
    That last line is most important. With the typical PKI setup, any trusted CA could be compromised or tricked into issuing a cert for your domain to a malicious party. With cert pinning, only certs from the pinned CA are accepted, which eliminates the risk associated with any other CA being compromised. It is always a net positive---assuming the config is updated when necessary. Obviously, an incorrect/outdated config will cause a DoS by rejecting a valid cert. – DoubleD Jul 10 '19 at 22:36
3

That's not what pinning is. Your phone already trusts a CA root that Amazon control, that is why AWS ACM can generate certificates that everyone's phone will accept. Pinning means telling your TLS client in your app to not just accept a certificate for the domain signed by any root trusted by the OS on the phone, but only a certificate for the domain signed by a particular CA.

Z.T.
  • 7,963
  • 1
  • 22
  • 36