7

I'm currently testing a free personal SSL certificate (S/MIME client / authentication) from https://www.startssl.com, which installed directly into Firefox. Now when I store backup, I have to enter a password. But how is the certificate stored in Firefox itself secured? Shouldn't I have to enter a password at some point?

Tobias Kienzler
  • 7,658
  • 11
  • 43
  • 68

2 Answers2

4

The "master password" that Firefox allows you to set, when remembering passwords for sites, is also used to protect the private keys for personal certificates (that is, they are encrypted with a key derived from that master password). Firefox may fail to suggest setting such a password when generating a new key if you instructed it not to use one.

Note that some other browsers let the operating system handles such things (e.g. under MacOS X, Chrome uses the OS-provided "Keychain" system for private key storage). Firefox, out of tradition, is self-contained in that respect.

Thomas Pornin
  • 322,884
  • 58
  • 787
  • 955
  • So since I never allowed Firefox to store passwords and therefore I didn't have to setup a master password, the certificate is currently unprotected :-/ Could I NTFS encrypt a specific file instead of setting up a master password? – Tobias Kienzler Oct 16 '12 at 11:43
  • 1
    Tobias, just set a masterpassword and it will encrypt everything. – Lucas Kauffman Oct 16 '12 at 12:38
  • 1
    I am not sure about NTFS encryption; however, the relevant files are in your Firefox profile (see your Application Data/Mozilla/Firefox/Profiles/... ; the files are `cert8.db` and `key3.db`). – Thomas Pornin Oct 16 '12 at 12:40
3

The SSL certificate to authenticate to startSSL is like a key, FF does provide a way for someone with access to the machine to export the keys, unless you set the password manager's password. (see Thomas Pornin)

If that password is not set you will be dependable on your OS security.

Lucas Kauffman
  • 54,229
  • 17
  • 113
  • 196
  • So it is stored unencrypted? That doesn't sound very secure... Is there at least a file which I could/should NTFS-encrypt then? – Tobias Kienzler Oct 16 '12 at 09:39
  • Well yea, it relies on the OS security I think (as I said it might be that the master password also will encrypt private keys) I just always use full disk encryption to protect my OS, so if I loose my laptop or someone gets physical access to they would not be able to access my private key. – Lucas Kauffman Oct 16 '12 at 09:48
  • 1
    Firefox doesn't rely on the OS at all for managing certificates and private keys. It uses its own Software Security Device (Option -> Advanced -> Encryption -> Security Devices) or PKCS#11 modules. If you don't use a master password on it, someone will be able to extract and save the private key and the certificate (export to .p12) (e.g. when FF is running or after copying the user's profile). Hence, it's important to use a master password. – Bruno Oct 16 '12 at 12:44
  • @Bruno That sounds pretty annoying, especially the fact that there is not a single warning on this. But could I also use NTFS encryption of my Firefox profile instead? – Tobias Kienzler Oct 16 '12 at 12:55
  • @TobiasKienzler, you can use NTFS encryption if you want, but it's certainly better (or complementary) to use FF's encryption by setting a master password in your FF settings. This should encrypt `key3.db` as Thomas said. – Bruno Oct 16 '12 at 13:05
  • @Bruno At the added inconvenience of having to enter that additional password while the NTFS encryption is unlocked at login... But let me put this in a new question [Should I use a Firefox master password or NTFS encrypt my profile?](http://security.stackexchange.com/q/22683/3272) – Tobias Kienzler Oct 16 '12 at 13:12
  • @Bruno if you don't set the password it **will** rely on the OS security. I stated in my answer as well that you need to use the set the password if you want to protect your PKS. – Lucas Kauffman Oct 16 '12 at 13:15
  • @LucasKauffman, well, fair enough, but "*Firefox installs this certificate but does not provide a way that if someone gets access to your machine they will be able to extract the keys.*" is a bit misleading. It really depends on how the machine itself is secure. Without FF password, anyone who can get to `cert8.db` and `key3.db` can get the private key and cert. – Bruno Oct 16 '12 at 13:27
  • @Bruno I'll change my answer to make it clear, now it's indeed a bit obscure – Lucas Kauffman Oct 16 '12 at 15:54
  • It's still that same sentence that's a bit odd "*Firefox installs this certificate but does not provide a way that if someone gets access to your machine they will be able to extract the keys*". FF does provide a way for someone with access to the machine to export the keys, especially if the master password isn't set. – Bruno Oct 16 '12 at 16:22
  • Been a long day, sorry :) – Lucas Kauffman Oct 16 '12 at 16:35