Learn about Centmin Mod LEMP Stack today
Register Now

SSL Google Chrome turning of NPN negotiation protocol for HTTPS support

Discussion in 'Domains, DNS, Email & SSL Certificates' started by eva2000, May 17, 2016.

  1. eva2000

    eva2000 Administrator Staff Member

    28,942
    6,570
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,751
    Local Time:
    9:05 AM
    Nginx 1.13.x
    MariaDB 5.5
    May 31, 2016 is the updated deadline for which Google Chrome 51 will disable support for NPN negotiation protocol and thus end of SPDY for HTTP/2 based SSL The day Google Chrome disables HTTP/2 for nearly everyone: May 31st, 2016 and WebPerf - Google dropping SPDY in favor of HTTP 2 | Centmin Mod Community

    Means if you're using a web server on CentOS 5/6/7 and rely on CentOS system OpenSSL version which is below OpenSSL 1.0.2, the connection will downgrade back from HTTP/2 to HTTP/1.1 according to the article.

    Luckily, Centmin Mod Nginx is statically compiled against it's own OpenSSL 1.0.2h or LibreSSL 2.3.4 and won't have issues with HTTP/2 ALPN negotations for HTTPS :)
    Code (Text):
    Operating System    OpenSSL version
    CentOS 5    0.9.8e
    CentOS 6    1.0.1e
    CentOS 7    1.0.1e
    Ubuntu 14.04 LTS    1.0.1f
    Ubuntu 16.04 LTS    1.0.2g
    Debian 7 (Wheezy)    1.0.1e
    Debian 8 (Jessie)    1.0.1k


    openssl 1.0.1 support officially ends Dec 31st, 2016 too
     
    Last edited: May 28, 2016
  2. eva2000

    eva2000 Administrator Staff Member

    28,942
    6,570
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,751
    Local Time:
    9:05 AM
    Nginx 1.13.x
    MariaDB 5.5
    • Like Like x 1
  3. eva2000

    eva2000 Administrator Staff Member

    28,942
    6,570
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,751
    Local Time:
    9:05 AM
    Nginx 1.13.x
    MariaDB 5.5
    Chrome 51 has been released so bye bye SPDY and NPN protocols !

    upload_2016-5-28_22-20-38.png
     
    • Like Like x 1
  4. eva2000

    eva2000 Administrator Staff Member

    28,942
    6,570
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,751
    Local Time:
    9:05 AM
    Nginx 1.13.x
    MariaDB 5.5
    nginx.com blog has an article addressing Chrome ending SPDY and NPN support at Supporting HTTP/2 for Google Chrome Users | NGINX

    It's why Centmin Mod Nginx has always statically compiled against it's own OpenSSL 1.0.2+ or LibreSSL 2.3+ versions instead of relying on CentOS's own OpenSSL 1.0.1e builds :D
     
  5. Revenge

    Revenge Active Member

    287
    64
    28
    Feb 21, 2016
    Portugal
    Ratings:
    +227
    Local Time:
    12:05 AM
    1.9.x
    10.1.x
    I also compile Nginx, but they could use the newer version in their nginx repo instead of the old one. Many people install Nginx from the repo instead of compiling it.
     
  6. eva2000

    eva2000 Administrator Staff Member

    28,942
    6,570
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,751
    Local Time:
    9:05 AM
    Nginx 1.13.x
    MariaDB 5.5
    Yeah i think it depends on what repo and OS is used.
     
  7. Revenge

    Revenge Active Member

    287
    64
    28
    Feb 21, 2016
    Portugal
    Ratings:
    +227
    Local Time:
    12:05 AM
    1.9.x
    10.1.x
    I know, for Centos they compile against the same version that comes with it. But why? Its not necessary...
     
  8. eva2000

    eva2000 Administrator Staff Member

    28,942
    6,570
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,751
    Local Time:
    9:05 AM
    Nginx 1.13.x
    MariaDB 5.5
    Their policy is to offer distro repo nginx versions without non-system dependencies for best compatibility.
     
  9. bassie

    bassie Active Member

    493
    103
    43
    Apr 29, 2016
    Ratings:
    +311
    Local Time:
    1:05 AM
    And best stability.

    + You can't support 2 Nginx editions for each distro.
    In the land of enterprise linux only Ubuntu 16.04 uses openssl 1.0.2. out of the box at this moment.
    That means almost 100% more packages to built and support for the Nginx team.
    Almost impossible task if you ask me.

    Because the source is open, everybody can compile it in any shape.
     
    • Agree Agree x 1
  10. eva2000

    eva2000 Administrator Staff Member

    28,942
    6,570
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,751
    Local Time:
    9:05 AM
    Nginx 1.13.x
    MariaDB 5.5
    yeah

    anyone notice paypal still using SPDY/3.1 for HTTPS - looks like in Chrome they fall back to HTTP/1.1 non-SPDY HTTPS right now heh

    in Opera browser SPDY/3.1 still supported

    upload_2016-6-12_5-52-2.png

    in Chrome SPDY/3.1 support disabled now and served via normal HTTP/1.1 !

    checking paypal site
    Code (Text):
    is-http2 https://paypal.com
    × HTTP/2 not supported by https://paypal.com

    testssl run
    Code (Text):
    testssl https://paypal.com        
    
    No mapping file found
    
    ###########################################################
        testssl       2.7dev from https://testssl.sh/dev/
        (1.499 2016/06/09 13:56:51)
    
          This program is free software. Distribution and
                 modification under GPLv2 permitted.
          USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
    
           Please file bugs @ https://testssl.sh/bugs/
    
    ###########################################################
    
    Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
    on 13cc60d2fa32:/usr/local/http2-15/bin/openssl
    (built: "reproducible build, date unspecified", platform: "linux-x86_64")
    
    
    Testing all IPv4 addresses (port 443): 66.211.169.66 66.211.169.3
    ----------------------------------------------------------------------------------------------------------------------------------------------------------------------
    Start 2016-06-11 20:11:08    -->> 66.211.169.66:443 (paypal.com) <<--
    
    further IP addresses:   66.211.169.3
    rDNS (66.211.169.66):   paypal.com.
    Service detected:       HTTP
    

    Code (Text):
    Testing protocols (via sockets except TLS 1.2, SPDY+HTTP2)
    
    SSLv2      not offered (OK)
    SSLv3      not offered (OK)
    TLS 1      not offered
    TLS 1.1    not offered
    TLS 1.2    offered (OK)
    SPDY/NPN   not offered
    HTTP2/ALPN not offered
    

    Code (Text):
    Testing ~standard cipher lists
    
    Null Ciphers                 not offered (OK)
    Anonymous NULL Ciphers       not offered (OK)
    Anonymous DH Ciphers         not offered (OK)
    40 Bit encryption            not offered (OK)
    56 Bit encryption            not offered (OK)
    Export Ciphers (general)     not offered (OK)
    Low (<=64 Bit)               not offered (OK)
    DES Ciphers                  not offered (OK)
    Medium grade encryption      not offered (OK)
    Triple DES Ciphers           offered
    High grade encryption        offered (OK)
    
    
    Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption as well as 3DES and RC4 here
    
    PFS is offered (OK)  ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
    

    Code (Text):
    Testing server preferences
    
    Has server cipher order?     yes (OK)
    Negotiated protocol          TLSv1.2
    Negotiated cipher            ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH
    Cipher order
        TLSv1.2:   ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA AES128-GCM-SHA256 AES256-GCM-SHA384 AES128-SHA256 AES256-SHA256 AES128-SHA AES256-SHA ECDHE-RSA-DES-CBC3-SHA DES-CBC3-SHA
    
    
    Testing server defaults (Server Hello)
    
    TLS extensions (standard)    "renegotiation info/#65281" "server name/#0" "EC point formats/#11"
    Session Tickets RFC 5077     (none)
    SSL Session ID support       yes
    TLS clock skew               random values, no fingerprinting possible
    Signature Algorithm          SHA256 with RSA
    Server key size              RSA 2048 bits
    Fingerprint / Serial         SHA1 86CF4EB313DDA4BD86A6D096ECC5AEE07EE5E124 / 0E6541916CE8CFB29B7B52710105BAC4
                                  SHA256 5BBFAED9910780ABE40F2473856BA7F0302019AB6EC0746E88594849BC9B2B7A
    Common Name (CN)             "paypal.com" (works w/o SNI)
    subjectAltName (SAN)         "paypal.com" "www.paypal.com"
    Issuer                       "DigiCert SHA2 High Assurance Server CA" ("DigiCert Inc" from "US")
    EV cert (experimental)       no
    Certificate Expiration       187 >= 60 days (2014-12-12 00:00 --> 2016-12-16 12:00 +0000)
    # of certificates provided   2
    Chain of trust (experim.)    "/usr/bin/etc/*.pem" cannot be found / not readable
    Certificate Revocation List  http://crl3.digicert.com/sha2-ha-server-g3.crl
    OCSP URI                     http://ocsp.digicert.com
    OCSP stapling                --
    

    Code (Text):
    Testing HTTP header response @ "/"
    
    HTTP Status Code             301 Moved Permanently, redirecting to "https://www.paypal.com/"
    HTTP clock skew              Got no HTTP time, maybe try different URL?
    Strict Transport Security    730 days=63072000 s, just this domain
    Public Key Pinning           --
    Server banner                (no "Server" line in header, interesting!)
    Application banner           --
    Cookie(s)                    (none issued at "/")
    Security headers             --
    Reverse Proxy banner         --
    

    Code (Text):
    Testing vulnerabilities
    
    Heartbleed (CVE-2014-0160)                not vulnerable (OK) (no heartbeat extension)
    CCS (CVE-2014-0224)                       not vulnerable (OK)
    Secure Renegotiation (CVE-2009-3555)      not vulnerable (OK)
    Secure Client-Initiated Renegotiation     VULNERABLE (NOT ok), DoS threat
    CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
    BREACH (CVE-2013-3587)                    no HTTP compression (OK)  - only supplied "/" tested
    POODLE, SSL (CVE-2014-3566)               not vulnerable (OK)
    TLS_FALLBACK_SCSV (RFC 7507), experim.    No fallback possible, TLS 1.2 is the only protocol (OK)
    FREAK (CVE-2015-0204)                     not vulnerable (OK)
    DROWN (2016-0800, CVE-2016-0703), exper.  not vulnerable on this port (OK)
                                               make sure you don't use this certificate elsewhere with SSLv2 enabled services
                                               https://censys.io/ipv4?q=5BBFAED9910780ABE40F2473856BA7F0302019AB6EC0746E88594849BC9B2B7A could help you to find out
    LOGJAM (CVE-2015-4000), experimental      not vulnerable (OK), common primes not checked. See below for any DH ciphers + bit size
    BEAST (CVE-2011-3389)                     no SSL3 or TLS1 (OK)
    RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)
    

    Code (Text):
    Testing all 183 locally available ciphers against the server, ordered by encryption strength
    
    Hexcode  Cipher Suite Name (OpenSSL)    KeyExch.   Encryption Bits
    -------------------------------------------------------------------------
    xc030   ECDHE-RSA-AES256-GCM-SHA384    ECDH 256   AESGCM     256        
    xc028   ECDHE-RSA-AES256-SHA384        ECDH 256   AES        256        
    xc014   ECDHE-RSA-AES256-SHA           ECDH 256   AES        256        
    x9d     AES256-GCM-SHA384              RSA        AESGCM     256        
    x3d     AES256-SHA256                  RSA        AES        256        
    x35     AES256-SHA                     RSA        AES        256        
    xc02f   ECDHE-RSA-AES128-GCM-SHA256    ECDH 256   AESGCM     128        
    xc027   ECDHE-RSA-AES128-SHA256        ECDH 256   AES        128        
    xc013   ECDHE-RSA-AES128-SHA           ECDH 256   AES        128        
    x9c     AES128-GCM-SHA256              RSA        AESGCM     128        
    x3c     AES128-SHA256                  RSA        AES        128        
    x2f     AES128-SHA                     RSA        AES        128        
    xc012   ECDHE-RSA-DES-CBC3-SHA         ECDH 256   3DES       168        
    x0a     DES-CBC3-SHA                   RSA        3DES       168        
    

    Code (Text):
    Running browser simulations (experimental)
    
    Android 2.3.7                 No connection
    Android 4.0.4                 No connection
    Android 4.1.1                 No connection
    Android 4.2.2                 No connection
    Android 4.3                   TLSv1.2 0000
    Android 4.4.2                 TLSv1.2 0000
    Android 5.0.0                 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
    Baidu Jan 2015                No connection
    BingPreview Jan 2015          TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
    Chrome 47 / OSX               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
    Firefox 31.3.0ESR / Win7      TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
    Firefox 42 / OSX              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
    GoogleBot Feb 2015            TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
    IE6 / XP                      No connection
    IE7 / Vista                   TLSv1.2 0000
    IE8 / XP                      TLSv1.2 0000
    IE8-10 / Win7                 TLSv1.2 0000
    IE11 / Win7                   TLSv1.2 ECDHE-RSA-AES128-SHA256
    IE11 / Win8.1                 TLSv1.2 ECDHE-RSA-AES128-SHA256
    IE10 / Win Phone 8.0          TLSv1.2 0000
    IE11 / Win Phone 8.1          TLSv1.2 ECDHE-RSA-AES128-SHA256
    IE11 / Win Phone 8.1 Update   TLSv1.2 ECDHE-RSA-AES128-SHA256
    IE11 / Win10                  TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
    Edge 13 / Win10               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
    Edge 12 / Win Phone 10        TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
    Java 6u45                     No connection
    Java 7u25                     No connection
    Java 8u31                     TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
    OpenSSL 0.9.8y                No connection
    OpenSSL 1.0.1l                TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
    OpenSSL 1.0.2e                TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
    Safari 5.1.9/ OSX 10.6.8      No connection
    Safari 6 / iOS 6.0.1          TLSv1.2 ECDHE-RSA-AES128-SHA256
    Safari 6.0.4/ OS X 10.8.4     No connection
    Safari 7 / iOS 7.1            TLSv1.2 ECDHE-RSA-AES128-SHA256
    Safari 7 / OS X 10.9          TLSv1.2 ECDHE-RSA-AES128-SHA256
    Safari 8 / iOS 8.4            TLSv1.2 ECDHE-RSA-AES128-SHA256
    Safari 8 / OS X 10.10         TLSv1.2 ECDHE-RSA-AES128-SHA256
    Safari 9 / iOS 9              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
    Safari 9 / OS X 10.11         TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
    
    Done 2016-06-11 20:12:18    -->> 66.211.169.66:443 (paypal.com) <<--
    
     
    Last edited: Jun 12, 2016
  11. Revenge

    Revenge Active Member

    287
    64
    28
    Feb 21, 2016
    Portugal
    Ratings:
    +227
    Local Time:
    12:05 AM
    1.9.x
    10.1.x
    Its so easy to implement http2, i don't know why so many big sites did not do it yet.
     
    • Like Like x 1
  12. eva2000

    eva2000 Administrator Staff Member

    28,942
    6,570
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,751
    Local Time:
    9:05 AM
    Nginx 1.13.x
    MariaDB 5.5
    Maybe their web servers tied to system OpenSSL and that is stuck on OpenSSL <1.0.2 like OpenSSL 1.0.1 ?
     
  13. eva2000

    eva2000 Administrator Staff Member

    28,942
    6,570
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,751
    Local Time:
    9:05 AM
    Nginx 1.13.x
    MariaDB 5.5
    • Like Like x 1
  14. Revenge

    Revenge Active Member

    287
    64
    28
    Feb 21, 2016
    Portugal
    Ratings:
    +227
    Local Time:
    12:05 AM
    1.9.x
    10.1.x
    Probably is that. But this company's have a lot of resources, i don't believe it would be hard for them to update openssl.
    If we look at Cloudflare, they are always at the vanguard of technology.
     
  15. bassie

    bassie Active Member

    493
    103
    43
    Apr 29, 2016
    Ratings:
    +311
    Local Time:
    1:05 AM
    In theory it is easy.

    But if you're really big (Netcraft top listed etc.) and have hundreds of thousands of server.
    Case changed.
    You can't change something like Openssl at your server farm on the fly.
    Way to many risks.

    They need to be absolutely sure and that takes a lot of time (developing, testing (simulation testcases with as many known situations as possible) etc).
    Before they could deploy it in batches. Never in one time.

    If your core business is the collection of personal data just like Facebook then that's priority number one on a stable environment. HTTP/2 is nice but not top priority for them. It helps a little bit in order to optimize the whole. But one of the many.

    As to whether Cloudflare is fast with new technology,
    it is their core business to deliver internet media files in all its facets, which is why they are fast with this kind of specific new technology.
     
    Last edited: Jun 12, 2016
    • Like Like x 2
  16. eva2000

    eva2000 Administrator Staff Member

    28,942
    6,570
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,751
    Local Time:
    9:05 AM
    Nginx 1.13.x
    MariaDB 5.5
    well looks like Opera 38 following Chrome's lead and turned off NPN and SPDY/3.1 support too

    upload_2016-6-23_1-44-43.png
     
  17. eva2000

    eva2000 Administrator Staff Member

    28,942
    6,570
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,751
    Local Time:
    9:05 AM
    Nginx 1.13.x
    MariaDB 5.5
    progress https://bugzilla.redhat.com/show_bug.cgi?id=1276310
     
    • Informative Informative x 1
    • Useful Useful x 1