2

When you use a Content Delivery Network (CDN) and want to enable HTTPS, you need to import your certificate there. So you should provide your Private Key to the CDN. Is this secure? I mean CDN can log all of my traffic including my user's login data, and with sharing my private key CDN can decrypt my users' login data and my users aren't safe anymore.

Is this true? what should I do to avoid this besides using HTTPS?

schroeder
  • 125,553
  • 55
  • 289
  • 326
GameO7er
  • 159
  • 4
  • I think this answers you: https://security.stackexchange.com/questions/101521/how-can-cloudflare-provide-a-valid-ssl-certificate-for-domains-not-under-its-con – schroeder Nov 14 '22 at 23:52
  • 1
    A CDN works by looking at each request to determine whether to reject it as malicious or abusive, serve particular content from local cache, or relay it to the origin server. To do this for HTTPS it must decrypt the request first. So if you don't want your data decrypted, you can't use a CDN, you must instead build your own large, expensive, worldwide network of servers with lots of people to keep them all working 24/7. Your choice. – dave_thompson_085 Nov 15 '22 at 02:09
  • Please correct me if I'm wrong. Using CDN for your my website (I mean not object storage like https://cdn.site.com or https://media.site.com) when using SSL is dangerous because I most share my private-key with CDN. So whether Use my own ssl or it's (CDN), finally it can see my users credentials or any sensitive data. right? thanks for your time and help – GameO7er Nov 17 '22 at 12:44

1 Answers1

2

If you have a website example.com and want to use a CDN without technically allowing the CDN to sniff the contents transferred to https://example.com, you can use a separate host for the items that will be served by the cdn (large images, videos...).

This could mean using a hostname like https://cdn.example.com with a separate TLS certificate (that you then merrily share with them, since you're not placing any sensitive data there) or simply a hostname provided by the cdn itself.

Ángel
  • 18,188
  • 3
  • 26
  • 63
  • Thank you for your time and your answer. I don't mean using CDN as object storage. I mean using CDN as a proxy. For example when I wanna using It's either WAF or DDOS protection or etc and the question is does CDN can sniff my user's credentials? or what anything dangerous it can do? – GameO7er Nov 17 '22 at 12:39
  • 1
    The provider (here it's not actung as a CDN, more as a WAF) is inbetween your users and you, watching all the interactions. Of course they can sniff their credentials! – Ángel Dec 04 '22 at 00:19
  • I think [Magic Transit](https://www.cloudflare.com/magic-transit/) could work without TLS certificates blocking DDoS attacks, but they can't act as a WAF with no knowledge of what's inside the TLS layer. – Ángel Dec 04 '22 at 00:21
  • 1
    If you want to keep the credentials outside you could move the authentication to a different subdomain (which would be outside the "CDN"), use a third party provider (such as login with GitHub, Gmail, Outlook...), or not use passwords at all (e.g. webauthn). If the "evil cdn" is purely passive, you might encrypt the passwords client-side with javascript, but an active CDN could modify the website code to still fetch them. – Ángel Dec 04 '22 at 00:23