funsec mailing list archives
Verizon Service, Actiontec Gateway, and SSL Certifcate
From: Jeffrey Walton <noloader () gmail com>
Date: Mon, 29 Apr 2013 02:23:19 -0400
Hi All, I have Verizon service which provides an Actiontec gateway. The gateway is model MI424WR, running firmware 40.20.1. ("Firmware Update" claims its up to date, even though there's been no updates for quite some time, including patches to dhcp and libupnp). Can anyone verify the certificate (and key pair) included with the gateway is unique (or better, static)? Below are the thumbprints and certificate details from OpenSSL after exporting the certificate (from Firefox). Bonus points: does anyone know how to generate a new certificate or upload a new certificate? The Actiontec manual only mentions SSL certificates when it says to ignore warnings and proceed because its safe [1] (seriously!). Thanks Jeff [1] http://support.actiontec.com/doc_files/MI424WR_Vz_User_Manual_4.0.16.1.45.160_v4.pdf $ openssl x509 -in ORname_Jungo\:OpenRGProductsGroup -noout -fingerprint SHA1 Fingerprint=43:88:33:C0:94:F6:AF:C8:64:C6:0E:4A:6F:57:E9:F4:D1:28:14:11 $ openssl x509 -in ORname_Jungo\:OpenRGProductsGroup -noout -text Certificate: Data: Version: 3 (0x2) Serial Number: 0 (0x0) Signature Algorithm: md5WithRSAEncryption Issuer: C=US, CN=ORname_Jungo: OpenRG Products Group Validity Not Before: Jun 3 11:11:43 2004 GMT Not After : May 29 11:11:43 2024 GMT Subject: C=US, CN=ORname_Jungo: OpenRG Products Group Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (1024 bit) Modulus: 00:ce:3d:af:b0:ff:6a:39:22:e5:ac:dd:e5:76:31: 55:c4:a7:2a:8b:61:f6:52:71:bc:8f:a6:bd:a6:63: cc:e4:6d:d2:82:e8:31:6a:cc:6e:9c:05:8e:d2:d3: aa:a8:6d:58:d7:98:e8:10:32:4a:15:a0:ef:22:85: b0:f5:34:1e:95:ff:8c:72:0e:03:30:24:9f:2e:49: fa:5a:07:f2:72:cd:e7:de:a0:dc:fd:19:c8:3e:b3: ec:29:2a:81:bc:e0:f4:c7:c9:f5:72:eb:13:13:0b: 06:7e:a8:2d:ba:24:b1:8f:aa:eb:bf:b9:cc:04:96: 31:f2:d1:65:58:3e:66:fd:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:TRUE, pathlen:5 X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment, Certificate Sign X509v3 Extended Key Usage: TLS Web Client Authentication, Code Signing, E-mail Protection, TLS Web Server Authentication Netscape Comment: Jungo OpenRG Products Group standard certificate Netscape Cert Type: SSL Client, SSL Server, SSL CA Signature Algorithm: md5WithRSAEncryption 9e:d6:d6:cd:8f:e4:52:1a:ad:77:99:4d:f9:91:18:da:06:12: 92:df:5f:5a:88:8b:66:87:7d:86:03:2c:d7:82:3e:24:64:56: b9:10:f5:ad:ef:77:c2:f9:45:d4:51:6f:c4:93:a4:cf:63:0b: 73:47:64:47:4c:f4:fd:6d:fa:cf:b4:f0:ef:2a:49:53:ff:35: 77:29:ed:6b:dc:88:58:b4:b2:c1:d9:f5:fd:8e:80:ed:5e:81: c3:24:05:46:e2:65:83:6f:e7:0c:ff:ad:52:5b:5c:e9:c5:db: 51:ef:06:75:39:b6:20:04:c0:cc:44:7c:38:a1:91:6c:13:2d: 5e:ab _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Verizon Service, Actiontec Gateway, and SSL Certifcate Jeffrey Walton (Apr 28)
- Re: Verizon Service, Actiontec Gateway, and SSL Certifcate Jeffrey Walton (Apr 29)
- Re: Verizon Service, Actiontec Gateway, and SSL Certifcate Jeffrey Walton (Apr 29)
- Re: Verizon Service, Actiontec Gateway, and SSL Certifcate Steve Pirk (Apr 30)
- Re: Verizon Service, Actiontec Gateway, and SSL Certifcate Jeffrey Walton (Apr 30)
- Re: Verizon Service, Actiontec Gateway, and SSL Certifcate Steve Pirk (Apr 30)