[openssl-users] ciphers

mlrx openssl.org at 18informatique.com
Wed Feb 17 06:43:32 UTC 2016 

Le 17/02/2016 07:09, Viktor Dukhovni a écrit :
> On Wed, Feb 17, 2016 at 06:29:43AM +0100, mlrx wrote:
> 
>> I have asked stupid questions or it isn't the right way to ask for
>> advices ? What's happening ?
> 
> I, for one, typically ignore posts that ask me to view detached
> content via pastebin and the like.  Present content relevant to
> your question in the body of the message, and try to ask one specific
> and clear question at a time.
> 
> It sounds like you want TLS best-practice advice.  See,
> 
>     https://tools.ietf.org/html/rfc7525

Hello Viktor, thanks for answering.

It all about habits : others ml don't want to overload a thread
with logs anq others big stuff.

The question is : "do I need to do better to secure it?"

Thanks a lot and for the link : it's really useful.

I add my first message with all parts here :
> 
> I have some questions that I don't find answers by myself,
> even after read the cookbook and a lot of web pages.
> To be honest, I'm not really sure it's a problem but I
> need to verify.
> 
> Ok. I am setting up web server to host a critical java application.
> There is Apache in front of Tomcat and I want to enforce connections
> over https only with higher ciphers from TLS 1.2.
> Is it a good way ?

> There is a part of Apache's settings :
> ssl.conf :
>> # Apache 2.4
>> SSLCipherSuite           HIGH:kEECDH:+ECDSA:ECDSA:kEECDH:kEDH:+SHA:STRENGTH:   \
>>                          !aNULL:!eNULL:!LOW:!MEDIUM:!3DES:!MD5:!EXP:!RC4:!DSS: \
>>                          !PSK:!SRP:!kECDH:!CAMELLIA:!IDEA:!SEED
>> SSLHonorCipherOrder      on
>> SSLProtocol              -All +TLSv1.2
>> SSLCompression           off
>> SSLInsecureRenegotiation off

> the vhost file :
>> <VirtualHost *:443>
>>     ServerName   xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>>     ServerAdmin  xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>>     DocumentRoot xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>>     ErrorLog     xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>>     CustomLog    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>>     LogLevel     warn
>> 
>>     <Directory />
>>         Options FollowSymLinks
>>         AllowOverride All
>>     </Directory>
>> 
>>     <Directory xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
>>         Options Indexes FollowSymLinks MultiViews
>>         AllowOverride All
>>         Order allow,deny
>>         allow from all
>>     </Directory>
>> 
>>     ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
>> 
>>     <Directory /usr/lib/cgi-bin>
>>         AllowOverride None
>>         Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
>>         Order allow,deny
>>         Allow from all
>>     </Directory>
>> 
>>     <Directory /usr/share/doc/>
>>         AllowOverride None
>>         Options Indexes MultiViews FollowSymLinks
>>         Order deny,allow
>>         Deny from all
>>         Allow from 127.0.0.0/255.0.0.0 ::1/128
>>     </Directory>
>> 
>>     <IfModule mod_jk.c>
>>         JkMount /* ajp13_worker
>>         JkMount / ajp13_worker
>>     </IfModule>
>> 
>>     <IfModule mod_ssl.c>
>>         SSLEngine on
>>         ServerSignature         Off
>>         BrowserMatch .*MSIE.* nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
>>         SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
>>         SSLCertificateFile     xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>>         SSLCertificateKeyFile  xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>>     </IfModule>
>> </VirtualHost>

> 
> The public part works good, no problem.
> For the moment (testing), I use an auto-signed certificate.
> Of course, I will use "real" CA signed EV certificate in
> production.
> 
> Well, I've did some tests. Here is a part of some nmap and testssl.sh
> results :
>
>> ###############################################################
>> nmap --script ssl-cert,ssl-enum-ciphers -p 443 my.dn.tld
>> 
>> # 443/tcp open  https
>> # | ssl-cert: Subject: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>> # |           Issuer:  xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>> # | Public Key type: ec
>> # | Public Key bits: 256
>> # | Not valid before: 2016-01-05T08:13:37+00:00
>> # | Not valid after:  2017-01-04T08:13:37+00:00
>> # | MD5:   1fc9 5b87 be04 a6a8 0939 d05d 3f24 675a
>> # |_SHA-1: 21be 7dd4 2500 c813 89cc a9c0 ca9a 329a 8beb 9159
>> # | ssl-enum-ciphers: 
>> # |   SSLv3: No supported ciphers found
>> # |   TLSv1.2: 
>> # |     ciphers: 
>> # |       TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA    - strong
>> # |       TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - strong
>> # |       TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - strong
>> # |       TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA    - strong
>> # |       TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - strong
>> # |       TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - strong
>> # |     compressors: 
>> # |       NULL
>> # |_  least strength: strong
>> 
>> ###############################################################
>> testssl.sh / partial results
>> 
>> Null Ciphers : Local problem : No Null Ciphers configured in /usr/bin/openssl
>> 40 bit encryption : not offered (OK)
>> 56 bit encryption : Local problem : No 56 bit encryption configured in /usr/bin/openssl
>> 
>> Has server cipher order ? : nope (NOT ok)
>> Negotiated protocol : TLSv1.2
>> Negotiated cipher : ECDHE-ECDSA-AES256-GCM-SHA384 (limited sens as client will pick)
>> Negotiated cipher per proto : (limited sens as client will pick)
>>     ECDHE-ECDSA-AES256-GCM-SHA384: TLSv1.2
>> No further cipher order check has been done as order is determined by the client
>> 
>> All the rest seems to be ok (green resulsts)
>> 
>> ###############################################################

> Is everything ok or do I need to change something ?
> Could you give some advice to make it safer please ?
> I really want to be closer to the state of the art and understand it.
> 
> A last thing : please, accept my apologies... I don't speak english
> anymore since many many years.

Best regards,
-- 
benoist

More information about the openssl-users mailing list