I'm using TLSv1.2 along with OpenSSL version 1.1.1g and Apache version 2.4.35 in my Java application. Here I want to enable only 3 protocols(chacha20-poly1305, AES-GCM, AES-CCM), and I want to block the remaining protocols in TLSv1.2.
I added those 3 protocols in SSLCipherSuite which was present in the ssl.conf file.
SSLProtocol -ALL +TLSv1.2
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256
But it is not working. Please find the below error details,
SSLProtocol: Illegal protocol 'TLSv1.2'
Kindly let me know the changes which I need to make only those 3 protocols work.
Related
I would like to setup an Apache web server (in a VM) which only supports ONLY SSLv2 SSLProtocol for testing purposes. Are there any instructions online for that, or could anyone guide me on that?
Thanks in advance!
go to /conf/extra/httpd-ssl.conf and find out following setting:
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
you can adjust the line started with SSLCipherSuite and select protocol you want to use.
Really hope for some help in my problem with SSLCipherSuite... So i have this kind of virtualhost config:
<VirtualHost *:443>
DocumentRoot /home/webz/site.com
ServerName site.com
ServerAlias www.site.com
SSLProtocol -all +TLSv1.1 +TLSv1.2
SSLHonorCipherOrder on
SSLCipherSuite "kEDH:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+AESGCM:EECDH:EDH+AESGCM:EDH+aRSA:HIGH:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!DHE-RSA-SEED-SHA:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!DH+3DES:!DHE-RSA-AES256-GCM-SHA384:!DHE-RSA-AES256-SHA256:!DHE-RSA-AES256-SHA:!DHE-RSA-CAMELLIA256-SHA:!DHE-RSA-DES-CBC3-SHA:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES128-SHA256:!DHE-RSA-AES128-SHA:!DHE-RSA-CAMELLIA128-SHA:!RC4"
SSLCompression off
SSLEngine on
SSLCertificateFile /etc/httpd/ssl/site.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/site.com.key
SSLCertificateChainFile /etc/httpd/ssl/DigiCertCA.crt
</VirtualHost>
Everything works fine also security is ok by test. (https://cryptoreport.websecurity.symantec.com/checker/views/certCheck.jsp)
PROBLEM: I am trying to install payment module (REDSYS) for Opencart 2. Redsys support team are not activating payment module because they ask me to add one off SSLCipherSuite below:
SSL_RSA_WITH_RC4_128_MD5,
SSL_RSA_WITH_RC4_128_SHA,
SSL_RSA_WITH_AES_128_CBC_SHA,
SSL_RSA_WITH_AES_256_CBC_SHA,
SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
At the moment all SSLCipherSuite starts with TLS... :( So how to add one of those SSLCipherSuites with SSL_RSA... ??? Hope there is somebody who knows good SSL and will help...
According to your configuration you have such cipher suites already. For example you've included AES256-SHA which is the same as TLS_RSA_WITH_AES_256_CBC_SHA. And the SSL_ prefix instead of the TLS_ prefix is just a convention from the old times where TLS was called SSL (i.e. TLS 1.0 is in effect SSL 3.1).
It is more likely that your restriction to TLS 1.1 and TLS 1.2 causes the problem, because given that they require you to use such old ciphers and cannot even handle ECDHE ciphers might indicate that they have a very old client which is not able to speak TLS 1.1 or TLS 1.2.
Of course it might also be that you've included different ciphers in other (i.e. not shown) parts of your server configuration which take precedence. To get information what kind of ciphers your server really supports check your site with SSLLabs.
EDIT: The analysis by SSLLabs shows quite clearly that TLS_RSA_WITH_AES_256_CBC_SHA (which is the same as SSL_RSA_WITH_AES_256_CBC_SHA or AES256-SHA) is enabled on the server as requested. If my assumption is correct the real problem is that they use an old client which does not speak TLS 1.1 or TLS 1.2 yet. In this case you could change your configuration for the supported protocol versions to allow TLS 1.0 too:
SSLProtocol all -SSLv3
With this configuration TLS 1.0 and better (i.e. TLS 1.1, TLS 1.2) are supported.
I have a site. I bought SSL certificate for that site. I am getting below message when I click on Padlock Icon.
I would like to display "using an modern cipher suite" instead of "using an obsolete cipher suite" in above image.
How can I do that ??
(Actually I am new in SSL. I know little about SSL and cipher suite. I think I failed to express it properly.)
Head over to the Mozilla SSL Configuration Generator, select your version of Apache and OpenSSL and specify your profile as "Intermediate" (for maximum compatibility). Disable HSTS until you know what it is.
Copy the directives SSLProtocol, SSLCipherSuite and SSLHonorCipherOrder and place them in your Apache configuration file.
For example:
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder on
I have implemented SSL(https) in my website, but when I checked the certificate it is showing poodle vulnerability. So it suggests me that I needed to change SSL 3.0 to TLS. I am using Apache2.4. Please guide me how can I change SSL 3.0 to TLS.
Put the following in the VirtualHostconfiguration section for your site:
SSLProtocol all -SSLv2 -SSLv3
It will disable SSLv2 & SSLv3, while keeping the others (TLS 1.0+) enabled.
Apache
To disable SSLv3 on your Apache server you can configure it using the following, both in the SSL configuration section and in all SSL-enabled virtual hosts explicitly:
SSLProtocol All -SSLv2 -SSLv3
I'm trying to get a Fedora 14 server running Apache 2.2.17 to pass a PCI-DSS compliance scan by McAfee ScanAlert. My first attempt using the default SSLCipherSuite and SSLProtocol directives set in ssl.conf...
SSLProtocol ALL -SSLv2
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
failed citing that weak ciphers were enabled. Scans with ssllabs and serversniff tools revealed that 40 and 56 bit keys were indeed available.
I then changed to...
SSLProtocol -ALL +SSLv3 +TLSv1
and tried all of the following strings reported on various sites to pass PCI scans from assorted vendors...
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH
SSLCipherSuite ALL:!ADH:!NULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv3:+TLSv1:-SSLv2:+EXP:+eNULL
SSLCipherSuite ALL:!ADH:!NULL:!EXP:!SSLv2:!LOW:RC4+RSA:+HIGH:+MEDIUM
SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
SSLCipherSuite ALL:!ADH:!NULL:!EXP:!SSLv2:!LOW:!MEDIUM:RC4+RSA:+HIGH
I am restarting apache after updates and apachectl configtest says that my syntax is ok. Subsequent ScanAlert scans have all failed and other scanning tools continue to show 40 and 56 bit ciphers available. I have tried adding SSLProtocol and SSLCipherSuite directly to the VirtualHost in httpd.conf and that has not helped.
It actually feels like something somewhere is overriding these settings but I cannot find anything anywhere that sets these values other than ssl.conf.
If someone could provide a known good SSLCipherSuite that has passed a recent PCI scan it would help a lot in tracking down my problem.
Thanks.
As new vulnerabilities are discovered and browsers are upgraded, the answers here can (will) become outdated. I'd suggest you rely on Mozilla SSL Configuration Generator to check which configuration you should use.
UPDATE 2018: It's reasonable to enforce Perfect Forward Secrecy now, unless you need to support older browsers specifically. As of November 2018, only the "modern" profile will enable Perfect Forward Secrecy. Read more about it at:
SSL Labs: Deploying Forward Secrecy
Configuring Apache, Nginx, and OpenSSL for Forward Secrecy
After hours of searching and hair pulling I found my problem.
The default SSLProtocol and SSLCipherSuite directives in my ssl.conf are stored in a default container labeled as <VirtualHost _default_:443>.
My actual site has it's own container labeled with it's IP address eg: <VirtualHost 64.34.119.12:443>. Changing the values in the _default_ container had no affect but adding the stronger SSLProtocol and SSLCipherSuite directives directly to the site specific VirtualHost container finally allowed them to take effect.
Still not sure why adjusting the _default_ container or having them in the VirtualHost container in httpd.conf didn't work.
As a definitive answer to the question, I used...
SSLCipherSuite ALL:!ADH:!NULL:!EXP:!SSLv2:!LOW:!MEDIUM:RC4+RSA:+HIGH
to pass my ScanAlert scan. I would bet that most of the other strings above would work as well.
Did you tell Apache to enforce cipher order?
SSLHonorCipherOrder on
FYI - I found that this setting:
SSLCipherSuite HIGH:!SSLv2:!ADH
Produced the exact same list of protocols as this setting:
SSLCipherSuite ALL:!ADH:!NULL:!EXP:!SSLv2:!LOW:!MEDIUM:RC4+RSA:+HIGH
According to:
openssl ciphers -v 'ALL:!ADH:!NULL:!EXP:!SSLv2:!LOW:!MEDIUM:RC4+RSA:+HIGH'
openssl ciphers -v 'HIGH:!SSLv2:!ADH'
The following configuration is recommended by Qualys, it gave us a A on their scanner
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"
Yes, also make sure Apache is able to read the new configuration. I place this directly inside the virtual host container.
From their website: https://community.qualys.com/blogs/securitylabs/2013/08/05/configuring-apache-nginx-and-openssl-for-forward-secrecy
Look here Mozilla Wiki.
The goal of this document is to help operational teams with the configuration of TLS on servers.