The Turkish certificate publisher TURKTRUST issued two SSL intermediary certificates that could end up used to issue certificates for arbitrary domains.
With one of the intermediary or SubCA certificates, an SSL certificate ended up issued for *.google.com, but also put into use. The incident is the result of a chain of unfortunate circumstances and there is no evidence of abuse at the company, TURKTRUST officials said.
Google found the problem Christmas Eve because of its certificate pinning mechanisms in Chrome which detected the unauthorized certificate for the domain. Google analyzed the certificate and found it issued by an intermediate certificate authority with the full authority of the TURKTRUST certificate authority; it then alerted TURKTRUST and other browser vendors.
According to circulated information, the company issued the two certificates in August 2011. Apparently the company incorrectly configured their systems after a software change which is why, in two cases, they issued SubCA certificates instead of the usual web site certificates to customers.
The two certificates ended up issued to *.EGO.GOV.TR and e-islem.kktcmerkezbankasi.org, according to a Microsoft Advisory. It was the *.EGO.GOV.TR domain which went on to issue the wildcard certificate for the Google domain.
Apparently the erroneously issued SubCA certificate ended up installed on an IIS server that provided webmail services, TURKTRUST officials said. On December 6 though, the certificate and corresponding private key exported to a Checkpoint firewall appliance. This firewall acted as a SSL man in the middle, and, for this purpose, it issued certificates for HTTPS web sites accessed by users behind the firewall. So, when a user behind the firewall eventually requested a google.com site, the firewall created the Google certificate.
The certification body said it immediately cancelled the SubCA certificate after receiving information from Google about its discovery. The other certificate ended up cancelled before use, at the customer’s request, the authority said.
According to Microsoft’s advisory, the SubCAs came from a root certificate called “TURKTRUST Elektronik Sunucu Sertifikasi Hizmetleri.” Mozilla said in its security blog that it was also going to remove a certificate for “TÜRKTRUST Bilgi İletişim ve Bilişim Güvenliği Hizmetleri A.Ş. (c) Aralık 2007”, a newer root certificate due to be in a future Firefox, but was in Firefox 18 beta.
Mozilla will be adding the two SubCA certificates to its certificate blacklist during its next update, due January 8. Microsoft has already adjusted its certificate trust list (CTL).