Learn about Centmin Mod LEMP Stack today
Become a Member

SSL Improper ciphers on this site

Discussion in 'Domains, DNS, Email & SSL Certificates' started by Floren, Feb 9, 2015.

  1. Floren

    Floren Active Member

    148
    77
    28
    Jun 6, 2014
    Ratings:
    +77
    Local Time:
    8:12 AM
    @eva2000, you should fix the ciphers on your site. Should score 100%, some ciphers you use might present a security risk. Is your goal to support very old/deprecated browsers? I doubt a tech savvy person would use Windows XP IE8 or Android 2.3, java is irrelevant in our case

     
    Last edited: Feb 9, 2015
  2. eva2000

    eva2000 Administrator Staff Member

    53,866
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    11:12 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Hey @Floren

    what problem ? :p;)

    ssllabs_090215_00.png
    ssllabs_090215_01.png
    ssllabs_090215_02.png

    cheers mate :D (y)

    but some folks do need backward compatibility still :)
     
  3. eva2000

    eva2000 Administrator Staff Member

    53,866
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    11:12 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Forums are lucky the impact of WinXP specific browser sessions is relatively low according to my Google Analytics stats. But everyone should look at their own site stats to determine what's best for them :)

    • WinXP Firefox = 833/94731 = 0.8793%
    • WinXP Chrome = 813/94731 = 0.8582%
    • WinXP IE = 115/94731 = 0.1214%
    • WinXP Opera = 58/94731 = 0.0612%
    • Total WinXP browser sessions = 1835/94731 = 1.937%

    ga_browser_sessions_xp_00.png
     
  4. Floren

    Floren Active Member

    148
    77
    28
    Jun 6, 2014
    Ratings:
    +77
    Local Time:
    8:12 AM
    That's weird @eva2000, I ran yesterday the check I saw a bunch of 128 and 112 ciphers enabled?
    Unless you changed them today. :D

    BTW, the Key Exchange score is 90 because you use a 2048 strength for your private key, which is proper at current times. Using a 4096 key would be a waste of processor resources. I'm sticking with mines also at same value, for now. Just in case, don't forget to set the ssl_dhparam in Nginx, many people don't know about it.

    I'm going to write an Nginx SSL tutorial soon, there is a lot of nonsense on the Internet about it.

    Edit: I just noticed, you compiled Nginx with the new OpenSSL 1.0.2 release, nice. :D
     
    Last edited: Feb 10, 2015
  5. eva2000

    eva2000 Administrator Staff Member

    53,866
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    11:12 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Yes i changed them yesterday (my timezone) hence the wink smiley :) And yup have dhparam set and 2048bit for private key as any higher just increases cpu load like you said :)

    Yup OpenSSL 1.0.2 special blend on this forum and for .07 stable and .08 the standard OpenSSL 1.0.2 for Nginx static compiled OpenSSL:)

     
  6. Floren

    Floren Active Member

    148
    77
    28
    Jun 6, 2014
    Ratings:
    +77
    Local Time:
    8:12 AM
    @eva2000, why did you removed the ChaCha+Poly ciphers?
    SSL Server Test: community.centminmod.com (Powered by Qualys SSL Labs)
    For some reason, I cannot force the ChaCha+Poly ciphers to go first on my site, let me know how you managed to do that:
    SSL Server Test: axivo.com (Powered by Qualys SSL Labs)

    They are only taken into account for Android 5.0.0, using Chrome 43.0.2357.45. I released OpenSSL 1.0.2a with ChaCha20 and Poly1305 built-in support for RHEL6/7 and built Nginx against it.
    Code:
    # yum --enablerepo=axivo -q list openssl*
    Installed Packages
    openssl.x86_64             1:1.0.2a-1.el6          @axivo
    openssl-libs.x86_64        1:1.0.2a-1.el6          @axivo
    Available Packages
    openssl.i686               1.0.1e-30.el6.8         updates
    openssl-devel.i686         1.0.1e-30.el6.8         updates
    openssl-devel.x86_64       1:1.0.2a-1.el6          axivo 
    openssl-perl.x86_64        1:1.0.2a-1.el6          axivo 
    openssl-static.x86_64      1:1.0.2a-1.el6          axivo 
    openssl098e.i686           0.9.8e-18.el6_5.2       base 
    openssl098e.x86_64         0.9.8e-18.el6_5.2       base
    
    # openssl ciphers -v | grep CHACHA
    ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=ChaCha20-Poly1305 Mac=AEAD
    ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=RSA  Enc=ChaCha20-Poly1305 Mac=AEAD
    DHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=DH       Au=RSA  Enc=ChaCha20-Poly1305 Mac=AEAD
    
    # nginx -V
    nginx version: nginx/1.9.0
    built by gcc 4.4.7 20120313 (Red Hat 4.4.7-11) (GCC)
    built with OpenSSL 1.0.2a-fips 19 Mar 2015
    TLS SNI support enabled
     
    Last edited: May 4, 2015
  7. eva2000

    eva2000 Administrator Staff Member

    53,866
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    11:12 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    hey @Floren removed them when I reverted to official OpenSSL 1.0.2a right after it's release. Haven't bothered to switch back to OpenSSL 1.02a with chacha20_poly1305 ciphers - guess I should do it :)

    I specifically set the first 2 ciphers to chacha20 in my cipher order i.e.
    Code:
    ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:
     
  8. Floren

    Floren Active Member

    148
    77
    28
    Jun 6, 2014
    Ratings:
    +77
    Local Time:
    8:12 AM
    @eva2000, OpenSSL + ChaCha + Poly = AXIVO :D
    Nope... it does not order it our way, CHACHA is still last:
    george.png
    My current ciphers:
    floren.png
    We need TLS_DHE_RSA_WITH_AES_256_CBC_SHA for curl... the only cipher that functions properly in both RHEL6/7 and supports FS.
     
  9. eva2000

    eva2000 Administrator Staff Member

    53,866
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    11:12 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Just switched back to openssl-1.02a with chacha20_poly1305 ciphers

    order seems right
    Code:
    cipherscan community.centminmod.com:443
    ........
    Target: community.centminmod.com:443
    
    prio  ciphersuite                  protocols              pfs                 curves
    1     ECDHE-RSA-CHACHA20-POLY1305  TLSv1.2                ECDH,P-256,256bits  prime256v1
    2     ECDHE-RSA-AES256-GCM-SHA384  TLSv1.2                ECDH,P-256,256bits  prime256v1
    3     ECDHE-RSA-AES256-SHA384      TLSv1.2                ECDH,P-256,256bits  prime256v1
    4     ECDHE-RSA-AES256-SHA         TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits  prime256v1
    5     DHE-RSA-AES256-GCM-SHA384    TLSv1.2                DH,4096bits         None
    6     DHE-RSA-AES256-SHA256        TLSv1.2                DH,4096bits         None
    7     DHE-RSA-AES256-SHA           TLSv1,TLSv1.1,TLSv1.2  DH,4096bits         None
    
    Certificate: trusted, 2048 bit, sha256WithRSAEncryption signature
    TLS ticket lifetime hint: 43200
    OCSP stapling: supported
    Cipher ordering: server
     
  10. Floren

    Floren Active Member

    148
    77
    28
    Jun 6, 2014
    Ratings:
    +77
    Local Time:
    8:12 AM
    @eva2000, is this your OpenSSL build or mines?
     
  11. eva2000

    eva2000 Administrator Staff Member

    53,866
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    11:12 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    My own for Centmin Mod Nginx static OpenSSL
     
  12. eva2000

    eva2000 Administrator Staff Member

    53,866
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    11:12 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    did you try a full nginx stop and start instead of restart after making changes ? I see chacha20 in proper order now for your site

    Code:
    cipherscan axivo.com:443                      
    ......
    Target: axivo.com:443
    
    prio  ciphersuite                  protocols              pfs                 curves
    1     ECDHE-RSA-CHACHA20-POLY1305  TLSv1.2                ECDH,P-256,256bits  prime256v1
    2     ECDHE-RSA-AES256-GCM-SHA384  TLSv1.2                ECDH,P-256,256bits  prime256v1
    3     ECDHE-RSA-AES256-SHA384      TLSv1.2                ECDH,P-256,256bits  prime256v1
    4     ECDHE-RSA-AES256-SHA         TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits  prime256v1
    5     DHE-RSA-AES256-SHA           TLSv1,TLSv1.1,TLSv1.2  DH,2048bits         None
    
    Certificate: trusted, 2048 bit, sha256WithRSAEncryption signature
    TLS ticket lifetime hint: 600
    OCSP stapling: supported
    Cipher ordering: server
    edit: okay weird that ssllabs doesn't report right order for you
     
  13. Floren

    Floren Active Member

    148
    77
    28
    Jun 6, 2014
    Ratings:
    +77
    Local Time:
    8:12 AM
  14. eva2000

    eva2000 Administrator Staff Member

    53,866
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    11:12 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Yeah in browser doesn't report chacha20 for axivo.com but does for my forums. Strange that cipherscan reports the right order !
     
  15. Floren

    Floren Active Member

    148
    77
    28
    Jun 6, 2014
    Ratings:
    +77
    Local Time:
    8:12 AM
    @eva2000, my scan does not show it? Running it on a VM with OpenSSL 1.0.2a installed:
    Code:
    $ ./cipherscan www.axivo.com
    custom openssl not executable, falling back to system one from /usr/bin/openssl
    .....
    Target: www.axivo.com:443
    
    prio  ciphersuite                  protocols              pfs                 curves
    1     ECDHE-RSA-AES256-GCM-SHA384  TLSv1.2                ECDH,P-256,256bits  prime256v1
    2     ECDHE-RSA-AES256-SHA384      TLSv1.2                ECDH,P-256,256bits  prime256v1
    3     ECDHE-RSA-AES256-SHA         TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits  prime256v1
    4     DHE-RSA-AES256-SHA           TLSv1,TLSv1.1,TLSv1.2  DH,2048bits         None
    
    Certificate: trusted, 2048 bit, sha256WithRSAEncryption signature
    TLS ticket lifetime hint: 600
    OCSP stapling: supported
    Cipher ordering: server
    Not happy. :(
     
  16. eva2000

    eva2000 Administrator Staff Member

    53,866
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    11:12 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    double check your system you're running cipherscan from is actually using openssl version that supports chacha20_poly1305 ciphers as it isn't even listed in cipherscan output
     
  17. Floren

    Floren Active Member

    148
    77
    28
    Jun 6, 2014
    Ratings:
    +77
    Local Time:
    8:12 AM
    @eva2000, if I run it from built-in openssl file that comes with cipherscan, it works:
    Code:
    $ ./cipherscan www.axivo.com
    ......
    Target: www.axivo.com:443
    
    prio  ciphersuite                  protocols              pfs                 curves
    1     ECDHE-RSA-CHACHA20-POLY1305  TLSv1.2                ECDH,P-256,256bits  prime256v1
    2     ECDHE-RSA-AES256-GCM-SHA384  TLSv1.2                ECDH,P-256,256bits  prime256v1
    3     ECDHE-RSA-AES256-SHA384      TLSv1.2                ECDH,P-256,256bits  prime256v1
    4     ECDHE-RSA-AES256-SHA         TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits  prime256v1
    5     DHE-RSA-AES256-SHA           TLSv1,TLSv1.1,TLSv1.2  DH,2048bits         None
    
    Certificate: trusted, 2048 bit, sha256WithRSAEncryption signature
    TLS ticket lifetime hint: 600
    OCSP stapling: supported
    Cipher ordering: server
    But look, with system OpenSSL:
    Code:
    $ /usr/bin/openssl ciphers -v | grep CHACHA
    ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=ChaCha20-Poly1305 Mac=AEAD
    ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=RSA  Enc=ChaCha20-Poly1305 Mac=AEAD
    DHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=DH       Au=RSA  Enc=ChaCha20-Poly1305 Mac=AEAD
    The ciphers are there!
     
  18. eva2000

    eva2000 Administrator Staff Member

    53,866
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    11:12 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    maybe naming problem see from mine Enc=ChaCha20(256) vs Enc=ChaCha20-Poly1305 (yours)
    Code:
    openssl ciphers -v | grep CHACHA
    ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=ChaCha20(256) Mac=AEAD
    ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=RSA  Enc=ChaCha20(256) Mac=AEAD
    DHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=DH       Au=RSA  Enc=ChaCha20(256) Mac=AEAD
     
  19. Floren

    Floren Active Member

    148
    77
    28
    Jun 6, 2014
    Ratings:
    +77
    Local Time:
    8:12 AM
    @eva2000, I only compiled Nginx with OpenSSL 1.0.2a.. don't tell me I have to redo PHP and the rest of 85 packages on openssl-devel?
    Edit: I see now. Can you send me by email the related code part?
    Edit2: Never mind I found the issue.
     
    Last edited: May 4, 2015
  20. eva2000

    eva2000 Administrator Staff Member

    53,866
    12,160
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,712
    Local Time:
    11:12 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    It's all at PeterMosmans/openssl ยท GitHub :D