10

I want to make my Synology NAS accessible over the internet. When I create my own certificate and import this on all my devices (PC, Laptop, Smartphone, Tablet, etc.) is this as secure as buying a certificate?

If not, what is the most secure thing I can achieve without spending any extra money?

Jens Erat
  • 24,566
  • 12
  • 82
  • 103
my_username
  • 103
  • 1
  • 6
  • 1
    if you're the only one using it then that's fine. Root CAs are to verify ownership for public websites – KDEx Sep 26 '14 at 13:50
  • 4
    Get a free certificate from StartSSL if you don't want the hassle of manually trusting your own certificate in every browser. – Monstieur Sep 26 '14 at 13:56
  • Completely aside from your actual question, but since you intend to make your Synology available on the Internet, please do be careful what you expose, and keep it patched so something like this doesn't happen to you. – Xander Sep 26 '14 at 13:59
  • This is kinda scary, maybe a VPN would be more secure? – my_username Sep 26 '14 at 14:04
  • VPNs have the same basic flaw: they need to be configured sanely and updated on a regular basis to remain reasonably secure. They aren't magically more secure than TLS – some even use TLS as encryption layer. – David Foerster Sep 26 '14 at 14:05
  • They aren't magically more secure than TLS, but should be way more secure than the Synology boxes, doesn't they? It feels like I am super vulnerable everytime I make something accessible through the web :( – my_username Sep 26 '14 at 14:11
  • The advantage of a VPN is that you may have more control over the “wrapped around” security infrastructure than over the internals of some NAS appliance OS. I'm not familiar with Synology devices myself, but they seem pretty open regarding customising their Linux OS. – David Foerster Sep 26 '14 at 14:17
  • I don't believe the "good guys" always find the VPN security issues before the "bad guys" do. If this situation happens that bad guys find security issues, why doesn't big companies regularly run in trouble because they use VPNs? But it sounds like the VPN thing is more secure than the other way. I think I am going to try it out. Thank you very much! – my_username Sep 26 '14 at 14:28
  • VPN is not* inherently more secure than TLS! It all depends on how up-to-date you can keep your infrastructure.* If at all VPN is more complex and that usually means more opportunities for configuration mistakes and software (security) bugs. VPNs serve a different purpose than TLS. Comparing the two security-wise seems like comparing a bike lock and and door lock to me. Also how do you know big companies don't run into security issues with VPNs while they do with TLS? – David Foerster Sep 26 '14 at 17:43
  • I was more referring to the Synology issues Xander mentioned. When I use TLS I still need to make my Synology fully accessible through the web. When this box have any critical problems (which is in my opinion more possible than any VPN issues) then the attacker have direct access to my Synology. When I use a VPN instead, then the VPN generally secures the connection and on top of this there is the basic Synology "defense" so a possible attacker would have to know about security issues for my VPN and Synology. I hope you know what I am trying to say. – my_username Sep 26 '14 at 21:06
  • Yes, I understand. A VPN will offer an additional line of defense against attackers. Just don't assume your secure just because you have a VPN. – David Foerster Sep 28 '14 at 18:42

4 Answers4

18

The purpose of a public certificate infrastructure is to create a chain of trust between entities that don't trust each other directly. You pay the certificate authorities because other people trust them to issue certificates to trustworthy entities only.

Assuming you trust yourself (or whoever issued the certificate), self-signed certificates are no less secure than those signed by a public CA.

Similar and possibly relevant question: Is a self-signed SSL certificate much better than nothing?

David Foerster
  • 580
  • 4
  • 10
  • Okay thank you! Then I can feel more secure now :) – my_username Sep 26 '14 at 13:52
  • "Assuming you trust yourself (or whoever issued the certificate), self-signed certificates are no less secure than those signed by a public CA." But you have to be careful with the certs, right? In order to prevent a MitM attack, you need a way to verify the certs you personal server is sending to your devices. Can this be done easily? Are there tools for Linux & Android to import SSL certificates to verify connections with certain servers you trust? – Steven Roose Jun 12 '15 at 20:31
  • The easiest way would be to install those certificates on the trusting device (e. g. for OpenSSL) and verify the fingerprint – preferrably through a different, authentic channel. – David Foerster Jun 12 '15 at 22:21
3

Self-signed certificates are perfectly secure, but as a general statement remember that your client's browsers will not trust your website because your public key isn't in their keystore. In this case, the certificate itself acts as the public key, and the client assumes that if the server that handed out the certificate can decrypt a message with it's private key, it must be the genuine owner. In this regard, self-signed certificates are every bit as secure as those signed by a CA assuming you trust the owner of the website, which I'm sure you do.

1

When done properly, self-signed certificates are as secure as certificates issued by commercial certificate authorities. However, consider that you would need to install your own root certificate on each device. Unless you are the only user or have very obedient users who are willing to put up with the hassle of installing the root certificate, you will likely see decreased security in practice, as most users will just dismiss the SSL certificate warnings or disable certificate validation altogether instead. (For a Windows client, for example, the steps to install a root certificate system wide are non-trivial. Beyond that, you would also have to install it once per Firefox profile if you use Firefox.)

In that context, you may find that it is advantageous to spend just a few dollars a year to get a commercial certificate. You could even get a free one. With basic (single hostname, validation of domain control) certificates being so cheap, I don't recommend acting as your own certificate authority for most circumstances.

200_success
  • 2,144
  • 2
  • 16
  • 20
1

When I create my own certificate and import this on all my devices ... is this as secure as buying a certificate?

When you purchase a certificate, the general process goes like:

  1. Generate a private key and a public key (also known as certificate)
  2. Generate a Certificate Signing Request (CSR) from the public key
  3. Send the CSR to a CA, pay some money, and get back a certificate signed by their private key
  4. Install the signed certificate, along with its private key, on your server

When you use a self-signed certificate, the general process goes like:

  1. Generate a private key and a public key (also known as certificate)
  2. Sign the certificate using your private key
  3. Install the signed certificate, along with its private key, on your server

Notice that in neither of these does a CA ever need to see your private key. The key generation is done by you, not by the CA. The CA simply takes the CSR, performs some degree of verification of the information in the certificate, and certifies that it is correct by signing the certificate with their private key and sending the resulting certificate back to you.

Hence, if you can live with the self-signed certificate warning when you browse to the web site and feel comfortable verifying yourself that you are receiving the correct certificate from your server, there is no significant security difference between a CA-signed certificate and a self-signed certificate.

user
  • 7,795
  • 2
  • 31
  • 57