Re: [openssl-users] ciphers

2016-02-17 Thread Salz, Rich 
If all you want is TLS 1.2, then this line is enough:

> >> SSLProtocol  -All +TLSv1.2
> >> SSLCompression   off
> >> SSLInsecureRenegotiation off


-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] ciphers

2016-02-16 Thread Viktor Dukhovni 
On Wed, Feb 17, 2016 at 07:43:32AM +0100, mlrx wrote:

> >> # Apache 2.4
> >> SSLCipherSuite   
> >> HIGH:kEECDH:+ECDSA:ECDSA:kEECDH:kEDH:+SHA:STRENGTH:   \
> >>  
> >> !aNULL:!eNULL:!LOW:!MEDIUM:!3DES:!MD5:!EXP:!RC4:!DSS: \
> >>  !PSK:!SRP:!kECDH:!CAMELLIA:!IDEA:!SEED

This setting is a horrible mess, whichever site recommended this,
never listen to anything they recommend again.  I sure hope Apache
provides a more sensible default, but if you must, try one of:

  * !COMPLEMENTOFDEFAULT:AESGCM+aRSA+kEECDH:AESGCM+aRSA+kEDH:@STRENGTH
  * !COMPLEMENTOFDEFAULT:AES+aRSA+kEECDH:AES+aRSA+kEDH:@STRENGTH
  * !COMPLEMENTOFDEFAULT:AES+aRSA+kEECDH:AES+aRSA+kEDH:AES+aRSA+kRSA:@STRENGTH

The first one gives you the RFC7525 ciphers, the second allows
non-AEAD ciphers, and the third also non-PFS ciphers.  Which is
best for you depends on what clients you need to interoperate with.

You'll want a 2048-bit RSA key, secp384r1 or secp256r1 for an EECDH
curve, and DH parameters based on a 2048-bit EDH safe prime.

This answers one possible question about your configuration.

-- 
Viktor.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] ciphers

2016-02-16 Thread Viktor Dukhovni 
On Wed, Feb 17, 2016 at 07:43:32AM +0100, mlrx wrote:

> > Present content relevant to
> > your question in the body of the message, and try to ask one specific
> > and clear question at a time.
> 
> The question is : "do I need to do better to secure it?"

I think this fails the specificity requirement.  If something in
the TLS BCP RFC is not clear, feel free to ask for help.

-- 
Viktor.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] ciphers

2016-02-16 Thread mlrx 
Le 17/02/2016 07:09, Viktor Dukhovni a écrit :
> On Wed, Feb 17, 2016 at 06:29:43AM +0100, mlrx wrote:
> 
>> I have asked stupid questions or it isn't the right way to ask for
>> advices ? What's happening ?
> 
> I, for one, typically ignore posts that ask me to view detached
> content via pastebin and the like.  Present content relevant to
> your question in the body of the message, and try to ask one specific
> and clear question at a time.
> 
> It sounds like you want TLS best-practice advice.  See,
> 
> https://tools.ietf.org/html/rfc7525

Hello Viktor, thanks for answering.

It all about habits : others ml don't want to overload a thread
with logs anq others big stuff.

The question is : "do I need to do better to secure it?"

Thanks a lot and for the link : it's really useful.

I add my first message with all parts here :
> 
> I have some questions that I don't find answers by myself,
> even after read the cookbook and a lot of web pages.
> To be honest, I'm not really sure it's a problem but I
> need to verify.
> 
> Ok. I am setting up web server to host a critical java application.
> There is Apache in front of Tomcat and I want to enforce connections
> over https only with higher ciphers from TLS 1.2.
> Is it a good way ?

> There is a part of Apache's settings :
> ssl.conf :
>> # Apache 2.4
>> SSLCipherSuite   HIGH:kEECDH:+ECDSA:ECDSA:kEECDH:kEDH:+SHA:STRENGTH: 
>>   \
>>  
>> !aNULL:!eNULL:!LOW:!MEDIUM:!3DES:!MD5:!EXP:!RC4:!DSS: \
>>  !PSK:!SRP:!kECDH:!CAMELLIA:!IDEA:!SEED
>> SSLHonorCipherOrder  on
>> SSLProtocol  -All +TLSv1.2
>> SSLCompression   off
>> SSLInsecureRenegotiation off

> the vhost file :
>> 
>> ServerName   xxx
>> ServerAdmin  xxx
>> DocumentRoot xxx
>> ErrorLog xxx
>> CustomLogxxx
>> LogLevel warn
>> 
>> 
>> Options FollowSymLinks
>> AllowOverride All
>> 
>> 
>> 
>> Options Indexes FollowSymLinks MultiViews
>> AllowOverride All
>> Order allow,deny
>> allow from all
>> 
>> 
>> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
>> 
>> 
>> AllowOverride None
>> Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
>> Order allow,deny
>> Allow from all
>> 
>> 
>> 
>> AllowOverride None
>> Options Indexes MultiViews FollowSymLinks
>> Order deny,allow
>> Deny from all
>> Allow from 127.0.0.0/255.0.0.0 ::1/128
>> 
>> 
>> 
>> JkMount /* ajp13_worker
>> JkMount / ajp13_worker
>> 
>> 
>> 
>> SSLEngine on
>> ServerSignature Off
>> BrowserMatch .*MSIE.* nokeepalive ssl-unclean-shutdown downgrade-1.0 
>> force-response-1.0
>> SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
>> SSLCertificateFile xxx
>> SSLCertificateKeyFile  xxx
>> 
>> 

> 
> The public part works good, no problem.
> For the moment (testing), I use an auto-signed certificate.
> Of course, I will use "real" CA signed EV certificate in
> production.
> 
> Well, I've did some tests. Here is a part of some nmap and testssl.sh
> results :
>
>> ###
>> nmap --script ssl-cert,ssl-enum-ciphers -p 443 my.dn.tld
>> 
>> # 443/tcp open  https
>> # | ssl-cert: Subject: x
>> # |   Issuer:  x
>> # | Public Key type: ec
>> # | Public Key bits: 256
>> # | Not valid before: 2016-01-05T08:13:37+00:00
>> # | Not valid after:  2017-01-04T08:13:37+00:00
>> # | MD5:   1fc9 5b87 be04 a6a8 0939 d05d 3f24 675a
>> # |_SHA-1: 21be 7dd4 2500 c813 89cc a9c0 ca9a 329a 8beb 9159
>> # | ssl-enum-ciphers: 
>> # |   SSLv3: No supported ciphers found
>> # |   TLSv1.2: 
>> # | ciphers: 
>> # |   TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA- strong
>> # |   TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - strong
>> # |   TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - strong
>> # |   TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA- strong
>> # |   TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - strong
>> # |   TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - strong
>> # | compressors: 
>> # |   NULL
>> # |_  least strength: strong
>> 
>> ###
>> testssl.sh / partial results
>> 
>> Null Ciphers : Local problem : No Null Ciphers configured in /usr/bin/openssl
>> 40 bit encryption : not offered (OK)
>> 56 bit encryption : Local problem : No 56 bit encryption configured in 
>> /usr/bin/openssl
>> 
>> Has server cipher order ? : nope (NOT ok)
>> Negotiated protocol : TLSv1.2
>> Negotiated cipher :

Re: [openssl-users] ciphers

2016-02-16 Thread Viktor Dukhovni 
On Wed, Feb 17, 2016 at 06:29:43AM +0100, mlrx wrote:

> I have asked stupid questions or it isn't the right way to ask for
> advices ? What's happening ?

I, for one, typically ignore posts that ask me to view detached
content via pastebin and the like.  Present content relevant to
your question in the body of the message, and try to ask one specific
and clear question at a time.

It sounds like you want TLS best-practice advice.  See,

https://tools.ietf.org/html/rfc7525

-- 
Viktor.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] ciphers

2016-02-16 Thread mlrx 
Le 12/02/2016 19:15, mlrx a écrit :
> Hello !
> 
> I have some questions that I don't find answers by myself,
> even after read the cookbook and a lot of web pages.
> To be honest, I'm not really sure it's a problem but I
> need to verify.
> 
> Ok. I am setting up web server to host a critical java application.
> There is Apache in front of Tomcat and I want to enforce connections
> over https only with higher ciphers from TLS 1.2.
> [...]
> 
> Best regards,

Hello !

I have asked stupid questions or it isn't the right way to ask for
advices ? What's happening ?

Regards,
-- 
benoist
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] ciphers

2016-02-12 Thread mlrx 
Hello !

I have some questions that I don't find answers by myself,
even after read the cookbook and a lot of web pages.
To be honest, I'm not really sure it's a problem but I
need to verify.

Ok. I am setting up web server to host a critical java application.
There is Apache in front of Tomcat and I want to enforce connections
over https only with higher ciphers from TLS 1.2.
Is it a good way ?

There is a part of Apache's settings :
ssl.conf :

the vhost file :


The public part works good, no problem.
For the moment (testing), I use an auto-signed certificate.
Of course, I will use "real" CA signed EV certificate in
production.

Well, I've did some tests. Here is a part of some nmap and testssl.sh
results :


Is everything ok or do I need to change something ?
Could you give some advice to make it safer please ?
I really want to be closer to the state of the art and understand it.

A last thing : please, accept my apologies... I don't speak english
anymore since many many years.

Best regards,
-- 
benoist

-- 
benoist
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users