Press Release | Oct. 7, 2021

Avoid Dangers of Wildcard TLS Certificates, the ALPACA Technique

FORT MEADE, Md. — NSA released the Cybersecurity Information Sheet, “Avoid Dangers of Wildcard TLS Certificates and the ALPACA Technique” today, warning network administrators about the risks of using poorly scoped wildcard Transport Layer Security (TLS) certificates. NSA recommends several actions web administrators should take to keep their servers secure. This guidance also outlines the risks of falling victim to a web application exploitation method called Application Layer Protocols Allowing Cross-Protocol Attacks (ALPACA), which malicious cyber actors can use to access sensitive information.
 
NSA is releasing this guidance as part of our mission to help secure the Department of Defense (DoD), National Security Systems (NSS) and Defense Industrial Base (DIB). Administrators should assess their environments and mitigate wildcard certificates and ALPACA risks.
 
Wildcard certificates are used to authenticate multiple servers and simplify credential management, saving time and money. However, if one server hosting a wildcard certificate is compromised, all other servers that can be represented by the wildcard certificate are put at risk. A malicious cyber actor with a wildcard certificate’s private key can impersonate any of the sites within the certificate’s scope and gain access to user credentials and protected information.
 
The ALPACA technique, which exploits hardened web applications through non-HTTP services secured using a TLS certificate whose scope matches the web application, further increases the risk of using poorly scoped wildcard certificates.
 
NSA recommends NSS, DoD, and DIB administrators ensure their organization’s wildcard certificate usage does not create unmitigated risks, making their web servers vulnerable to ALPACA techniques. The Cybersecurity Information Sheet provides mitigations for poorly implemented certificates and ALPACA, including:
 

  • Understanding the scope of each wildcard certificate used in your organization
  • Using an application gateway or web application firewall in front of servers, including non-HTTP servers
  • Using encrypted DNS and validating DNS security extensions to prevent DNS redirection
  • Enabling Application-Layer Protocol Negotiation (APLN), a TLS extension that allows the server/application to specify permitted protocols where possible
  • Maintaining web browsers at the latest version with current updates

 
For more details on how to harden wildcard certificates against the ALPACA technique, read the full information sheet.
 
For additional cybersecurity guidance, visit https://www.nsa.gov/Press-Room/Cybersecurity-Advisories-Guidance/