Thursday, March 2, 2023

TDIL Slack uses let's encrypt

This morning I was going to login to slack from the command line and saw the following message:

┌───────────────────────┤SSL Certificate Verification├────────────────────────┐
│Accept certificate for slack.com?                                            │
│                                                                             │
│The certificate for slack.com could not be validated.                        │
│                                                                             │
│The certificate is not trusted because no certificate that can verify it is  │
│currently trusted.                                                           │
│                                                                             │
│                ┌────────┐ ┌────────┐ ┌──────────────────────┐               │
│                │ Accept │ │ Reject │ │ _View Certificate... │               │
│                └────────┘ └────────┘ └──────────────────────┘               │
└─────────────────────────────────────────────────────────────────────────────┘
Let's probulate a bit:
┌──────────────────────────┤Certificate Information├──────────────────────────┐
│Certificate Information                                                      │
│                                                                             │
│Common name: slack.com                                                       │
│                                                                             │
│Issued By: CN=R3,O=Let's Encrypt,C=US                                        │
│                                                                             │
│Fingerprint (SHA1): 76:bc:49:94:88:fa:90:d6:59:3c:04:0d:81:81:67:58:35:ce:a0 │
│:d5                                                                          │
│                                                                             │
│Activation date: Thu Mar  2 07:32:27 2023                                    │
│                                                                             │
│Expiration date: Wed May 31 07:32:26 2023                                    │
│                                                                             │
│SHA256: 25:6f:90:6b:16:b5:1b:4a:27:27:55:19:9d:1a:76:61:11:b0:d2:7c:6b:b6:b6 │
│:36:48:ac:c5:5a:6c:92:8f:80                                                  │
│                                                                             │
│                     ┌─────────────────────────┐ ┌───────┐                   │
│                     │ View Issuer Certificate │ │ Close │                   │
│                     └─────────────────────────┘ └───────┘                   │
└─────────────────────────────────────────────────────────────────────────────┘
So,
  • They are using Let's Encrypt
  • The certificate is renewed every month
  • The new certificate is not enabled yet (it is 7:20h right now)
What else can we find?
┌────┤Certificate Information├────┐icate Verification├────────────────────────┐
│                                 │                                           │
│Unable to find Issuer Certificate│                                           │
│              ┌────┐             │d not be validated.                        │
│              │ OK │             │                                           │
│              └────┘             │ause no certificate that can verify it is  │
└─────────────────────────────────┘                                           │
│                                                                             │
│                ┌────────┐ ┌────────┐ ┌──────────────────────┐               │
│                │ Accept │ │ Reject │ │ _View Certificate... │               │
│                └────────┘ └────────┘ └──────────────────────┘               │
└─────────────────────────────────────────────────────────────────────────────┘
Very interesting. How about from the command line?
user@desktop:~$ echo ''|openssl s_client -connect slack.com:443 | openssl \
x509 -noout -enddate -startdate
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = slack.com
verify return:1
DONE
notAfter=May 31 07:32:26 2023 GMT
notBefore=Mar  2 07:32:27 2023 GMT
user@desktop:~$ 
Now you too know!