On 21/10/14 16:05, Ryan O'Hara wrote: > On Tue, Oct 21, 2014 at 04:56:31PM +0200, Thomas Heil wrote: >> Hi, >> >> On 21.10.2014 16:26, John Leach wrote: >>> Hi, >>> >>> I'm trying to disable sslv3 with the "no-sslv3" bind option, but it's >>> not working. >>> >>> The option is accepted and the restart is successful, but sslv3 is still >>> accepted: >>> >>> $ openssl s_client -ssl3 -connect localhost:443 >>> >>> New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA >>> Server public key is 1024 bit >>> Secure Renegotiation IS supported >>> Compression: NONE >>> Expansion: NONE >>> SSL-Session: >>> Protocol : SSLv3 >>> Cipher : DHE-RSA-AES256-SHA >>> Session-ID: >>> D74EC1760F565669B7CD8D21636D05AABC9E047DAC94133E62240B3824EB8176 >>> Session-ID-ctx: >>> Master-Key: >>> 11417200F033C2B542B4FA3A7DC3C00214EFE92C7709FD406014D047D75DBA40573447ED5808962211AF323860367DEE >>> Key-Arg : None >>> PSK identity: None >>> PSK identity hint: None >>> SRP username: None >>> Start Time: 1413900818 >>> >>> double checked with nmap. >>> >>> Tested with haproxy 1.5.3 and 1.5.4 on Ubuntu 14.10, Fedora 20 and Centos 7. >>> >>> Config is as simple as: >>> >>> >>> frontend myfrontend >>> bind 0.0.0.0:443 ssl crt /etc/haproxy/mycert.pem no-sslv3 >>> default_backend mybackend >>> reqadd X-Forwarded-Proto:\ https >> Ive checked your config on centos 7 with the official version 1.5.2 and >> it works. > > I also tried 1.5.2 on RHEL7 and it also works.
thanks for the sanity checks.
Looking more closely (on Ubuntu 14.04), I just changed certificates and
SSLv3 is indeed disabled now, as expected.
I was originally testing with this 1024bit sha1 self-signed junk cert,
which seems to force SSLv3 to be enabled despite being explicitly
disable in the config:
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 12227704756894696610 (0xa9b188b0f51004a2)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=GB, ST=Some-State, O=Internet Widgits Pty Ltd
Validity
Not Before: Oct 17 16:50:51 2014 GMT
Not After : Mar 1 16:50:51 2836 GMT
Subject: C=GB, ST=Some-State, O=Internet Widgits Pty Ltd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Whereas this new cert is a 2048bit sha512 cert, which allows SSLv3 to be
disabled (tls 1.1 is working fine).
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 980730 (0xef6fa)
Signature Algorithm: sha512WithRSAEncryption
Issuer: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing
Authority/[email protected]
Validity
Not Before: May 4 11:23:10 2014 GMT
Not After : Oct 31 11:23:10 2014 GMT
Subject: CN=johnleach.co.uk
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
So looks like the choice of certificate/key can transparently force
SSLv3 to be re-enabled. Can anyone else confirm? junk self-signed cert
attached.
Thanks,
John.
--
http://brightbox.com
ssl_cert.pem
Description: application/x509-ca-cert
