Am 05.04.2015 um 18:39 schrieb Leif Hedstrom:
thanks, that does the trick and MSIE11 is using AES-GCM now that information *really* belongs to the TLS manpages not just records.configIE 11 / Win 7 R TLS 1.2 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) FS IE 11 / Win 8.1 R TLS 1.2 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) FSReindl, I think you know more about this than most of us, if you have the cycles to update the docs, that’d be great :) I’ll commit any github pull requests for the docs that you can muster up. Cheers, — Leif
thanks for your feedback (docs.trafficserver.apache.org seems to be down BTW) - while i am not that good in using git/github it would be great to make a refercence to "proxy.config.ssl.server.dhparams_file" on the "ssl_multicert.config" page to make clear the needed step as well as how to create the file
the intention of the 2048 prime while using a RSA4096 certificate is to avoid troubles with older browsers like Firefox on some Linux distributions before allow use of ECDHE (Redhat/Fedora not so long ago) and works with FF 2.0 recently tested again
newer browsers would use anyways ECDHE with the config belowhttps://www.ssllabs.com/ssltest/ is currently the best known tool for testing (hopefully the screenshot makes it through the list) while "Session resumption (tickets) Yes" makes me still wondering given "ssl_ticket_enabled=0" is in use
______________________________________________________________ openssl gendh -out /etc/trafficserver/ssl/dhparams.pem -2 2048 chmod 0644 /etc/trafficserver/ssl/dhparams.pemCONFIG proxy.config.ssl.server.dhparams_file STRING /etc/trafficserver/ssl/dhparams.pem
______________________________________________________________additionally there should be a serverside cipher-ordering preferring ECDHE AES-GCM followed by DHE AES-GCM, AES128 preferred according to https://www.schneier.com/blog/archives/2009/07/another_new_aes.html
the cipher suites are more or less current mozilla recommendations while i played around over weeks with tuning them and test aginst ssl-labs coming to the same conclusion (ignoring ECDSA for now) with the goal to support as much as possible clients with their best supported ciphers preferred
CONFIG proxy.config.ssl.server.honor_cipher_order INT 1CONFIG proxy.config.ssl.server.cipher_suite STRING ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-CAMELLIA256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:CAMELLIA128-SHA:CAMELLIA256-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA:!LOW:!MEDIUM
______________________________________________________________that would be the httpd config for the same results while the dhparams in that case can be just included in the "SSLCertificateFile"
SSLProtocol All -SSLv2 -SSLv3 SSLFIPS Off SSLCompression Off SSLInsecureRenegotiation Off SSLSessionTickets Off SSLVerifyClient none SSLHonorCipherOrder OnSSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-CAMELLIA256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:CAMELLIA128-SHA:CAMELLIA256-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA:!LOW:!MEDIUM
signature.asc
Description: OpenPGP digital signature
