Jump to content

Welcome to Smart Home Forum by FIBARO

Dear Guest,

 

as you can notice parts of Smart Home Forum by FIBARO is not available for you. You have to register in order to view all content and post in our community. Don't worry! Registration is a simple free process that requires minimal information for you to sign up. Become a part of of Smart Home Forum by FIBARO by creating an account.

 

As a member you can:

  •     Start new topics and reply to others
  •     Follow topics and users to get email updates
  •     Get your own profile page and make new friends
  •     Send personal messages
  •     ... and learn a lot about our system!

 

Regards,

Smart Home Forum by FIBARO Team


  • 0

HC3: Installing third party CA cert is a security risk


juhoroine

Question

Hello,

 

I'd like to use my own CA certificate with HC3. How can I replace the default Fibaro CA cert?

 

Installing a third party CA cert as trusted certificate authority, as suggested by HC3, imposes a security risk:

By installing a CA cert as a trusted CA, you ultimately trust any certificate signed with that CA (here, the Fibaro CA).

Now, if someone somehow gets access to that CA cert signing key, they can sign, for example, a fake certificate to a bank website.

If the attacker can also manipulate your dns traffic, he could redirect your browser to his phony bank site, with now a seemingly valid certificate.

This can happen, for example, if a device in your home netowk (such as Fibaro box) gets hacked and the attacker gets his own dhcp and dns-servers running in your home network.

 

The certificates are there to protect you from the latter. Don't bypass that security.

Link to comment
Share on other sites

1 answer to this question

Recommended Posts

  • 0

Back on this old discussion.

 

Is there a way to install a third party certificate in HC3 and replacing the fibaro one?

 

Best regards

Raffaele

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...