The Upcoming Change to SHA256 Certificates and Why You Should be Concerned.

I recently did a health check for a customer where I listed this finding as a concern and marked it high priority and high impact:

Customer makes use of SHA1 SSL certificates for providing remote access into the Citrix environment.

The customer asked in the health check review call – well why does this matter? Citrix supports SHA-1 SSL certificates and everything works fine today – why the concern?

Well, if you haven’t heard yet – the SHA1 signing algorithm (used to digitally sign the SSL certificate) has found to be cryptographically weak in its ability to provide a unique signature, leading the potential for the signing algorithm to be vulnerable to attack. As a result, the recommendation from a security prospective is to move away from using SSL certificates that use SHA1 and replace them with certificates that use SHA256 signing algorithms.

Major industry leaders have already made plans to withdraw support for SHA1 in their OS and browsers (worth a read):

MicrosoftDeprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate

Google - Gradually sunsetting SHA-1

Mozilla - Phasing Out Certificates with SHA-1 based Signature Algorithms

In fact – some of the changes to withdraw support for SHA-1 have already been put in place – Google Chrome no longer marks an SSL website that uses SHA1 as secure:

Mattm

Today – SSL certificate authorities have already begun the transition to SHA-256 certificates. Most major certificate authorities will no longer issue a SHA1 certificate by default; some even won’t let you get a SHA1 certificate now without calling, many are refusing to issue SHA1 certificates:

Symantec/Verisign: SHA-1 Hash Algorithm Migration

GoDaddy: Information About Requiring the SHA-2 Hash Function

GeoTrust: Migrating to SHA-2 Certificates

Why? - Microsoft has announced that effective January 1, 2016, they will remove support for SHA1 certificate authorities from the root certificate trust program. This means any website that still uses a SHA1 certificate will no longer be trusted by Microsoft OS’s.

What does this mean for your Citrix deployment?

Citrix environments that are secured by SSL certificates that make use of a SHA1 signing algorithm may be affected if the ICA/Receiver client base is still using older version that do not support SHA2 when the SSL certificate is replaced with a SHA2 certificate. This means any NetScaler Gateway/Access Gateway sites are still using a SHA1 certificate from a publicly issued certificate authority could be affected by the upcoming depreciation of SHA1.

Now, I said older versions of the ICA client are affected….how old?

  • On Windows, any Citrix ICA/Receiver client before Online Plugin 12.3 or Receiver 3.2 do not support SHA2 certificates.
  • On Mac OS X, any Citrix Receiver client older than Receiver for Mac 11.7 do not support SHA2 certificates.

If you have ICA clients that are running an older version – they will NOT be able to access Citrix through the NetScaler Gateway/Access Gateway after the SSL certificate is replaced with a SHA256 certificate. As always – upgrading to the latest Citrix Receiver release is recommended when deploying to endpoints.

Today – if you have older ICA clients in the field, begin assessment of existing Citrix clients deployed to the user community to determine the potential impact. Begin planning to upgrade those clients to minimize impact and disruption to the user community when SHA256 certs are issued and replaced.

This does not impact deployments that go directly to a Citrix XenApp or XenDesktop resource (no NetScaler Gateway/Access Gateway). Only deployments where users connect to a NetScaler Gateway/Access Gateway are affected.

What about Citrix Secure Gateway? CSG does not support SHA-2 SSL certificates, so deployments that still use CSG will need to be replaced with NetScaler once SHA1 support is depreciated.