Learn about Centmin Mod LEMP Stack today
Become a Member

OpenSSL OpenSSL 1.1.1 Released with TLS 1.3 Support

Discussion in 'CentOS, Redhat & Oracle Linux News' started by eva2000, Sep 11, 2018.

  1. ahmed

    ahmed Member

    243
    19
    18
    Feb 21, 2017
    Ratings:
    +26
    Local Time:
    4:40 AM
    yes

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
     
    • Like Like x 2
  2. Sunka

    Sunka Well-Known Member

    1,045
    286
    83
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +464
    Local Time:
    3:40 AM
    Nginx 1.15.0
    MariaDB 10.2.15
    So, to use TLSv1.3 we have to do 3 things:
    1. recompile nginx if we use older version (1.15.3) or just upgrade nginx to newest version

    2. manually update ssl_ciphers to:
      Code:
      ssl_ciphers TLS13-AES-128-GCM-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
    3. update the file /usr/local/nginx/conf/ssl_include.conf to manualy add the TLS 1.3
      Code:
      ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    4. restart nginx after that

    Do we need anything else to do?
     
  3. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    12:40 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    For TLS 1.3, yup steps 1 to 3 only :)
     
    • Informative Informative x 1
  4. ahmed

    ahmed Member

    243
    19
    18
    Feb 21, 2017
    Ratings:
    +26
    Local Time:
    4:40 AM
    it worked for me without step 2, however, i just modified it now, does it matter?
     
  5. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    12:40 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    step 2 ? ssl_ciphers update ? I'd do the update :)
     
    • Like Like x 1
  6. BamaStangGuy

    BamaStangGuy Active Member

    537
    164
    43
    May 25, 2014
    Ratings:
    +217
    Local Time:
    8:40 PM
    If we are using Cloudflare SSL do we need to add ssl_ciphers line?

    This is currently the only lines I use for SSL with Cloudflare.

    Code:
            ssl_certificate      /usr/local/nginx/conf/ssl/cf.crt;
            ssl_certificate_key  /usr/local/nginx/conf/ssl/cf.key;
    
            ssl_client_certificate /usr/local/nginx/conf/ssl/cloudflare.crt;
            ssl_verify_client on;
    
            ssl_early_data on;
            proxy_set_header Early-Data $ssl_early_data;
     
  7. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    12:40 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    I'd update the ssl_ciphers line but remove
    Code (Text):
           ssl_early_data on;
           proxy_set_header Early-Data $ssl_early_data;
    

    Cloudflare doesn't support using Early Data session resumption (0-RTT) or TLS 1.3 for communication between Cloudflare and Centmin Mod Nginx origin server as CF is using TLS 1.3 draft 22 right now and even if they update to TLS 1.3 rfc final, they have said they won't support 0-RTT for CF to origin communications.
     
  8. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    12:40 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Chrome 70 released so Nginx + OpenSSL 1.1.1 TLS 1.3 enabled :)

    chrome70-ssllabs-tls1.3-01.png

    chrome70-tls1.3-rfc-final-centminmod-nginx-1.15.5-openssl-1.1.1-02.png
     
    • Like Like x 2
  9. BamaStangGuy

    BamaStangGuy Active Member

    537
    164
    43
    May 25, 2014
    Ratings:
    +217
    Local Time:
    8:40 PM
    Working fine on Christian Forums and Autism Forums with Chrome 70 and TLS 1.3 on Cloudflare.
     
    • Like Like x 1
  10. BamaStangGuy

    BamaStangGuy Active Member

    537
    164
    43
    May 25, 2014
    Ratings:
    +217
    Local Time:
    8:40 PM
    Is OPENSSL_VERSION='1.1.1' still required with latest cmupdate?
     
  11. rdan

    rdan Premium Member Premium Member

    4,417
    1,059
    113
    May 25, 2014
    Ratings:
    +1,542
    Local Time:
    10:40 AM
    Mainline
    10.2
    No need.
     
    • Agree Agree x 1
  12. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    12:40 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    yup no longer needed
     
  13. upgrade81

    upgrade81 Premium Member Premium Member

    178
    9
    18
    Sep 5, 2016
    Italy
    Ratings:
    +13
    Local Time:
    3:40 AM
    1.13.8
    10

    How strange, even to me chrome works with tls1.3 despite not having inserted the new chip suite.

    I have only updated nginx and openssl 1.1.1
    grabilla.g28136.png
     
  14. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    12:40 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
  15. rdan

    rdan Premium Member Premium Member

    4,417
    1,059
    113
    May 25, 2014
    Ratings:
    +1,542
    Local Time:
    10:40 AM
    Mainline
    10.2
    But ssl_protocols has TLS 1.3 listed? Then that is expected behavior.
     
    • Agree Agree x 1
  16. upgrade81

    upgrade81 Premium Member Premium Member

    178
    9
    18
    Sep 5, 2016
    Italy
    Ratings:
    +13
    Local Time:
    3:40 AM
    1.13.8
    10
    Sorry, at what point should the code be inserted to enable "earlydata" in the vhost configuration file?

    Because although I inserted it immediately after the chipersuite, it does not seem to work.

    Code (Text):
            ssl_early_data on;
            proxy_set_header Early-Data $ssl_early_data;
    



    Code (Text):
    issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
    
    ---
    No client certificate CA names sent
    Peer signing digest: SHA256
    Peer signature type: ECDSA
    Server Temp Key: X25519, 253 bits
    ---
    SSL handshake has read 2901 bytes and written 390 bytes
    Verification error: unable to get local issuer certificate
    ---
    New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
    Server public key is 256 bit
    Secure Renegotiation IS NOT supported
    Compression: NONE
    Expansion: NONE
    No ALPN negotiated
    Early data was not sent
    Verify return code: 20 (unable to get local issuer certificate)
    ---
    ---
    Post-Handshake New Session Ticket arrived:
    SSL-Session:
        Protocol  : TLSv1.3
        Cipher    : TLS_AES_256_GCM_SHA384
        Session-ID: AA3B77C9DAA9FE467B48A5D1D94605DD550444230203D78BEB1D520EB6F01B74
        Session-ID-ctx:
        Resumption PSK: 4BE682D92F637270A938D41CE57D24908E57DD2D4D815B234F9F5534F5174F33AE75D4DA9BC16D1A263D88A4DD7F09A2
        PSK identity: None
        PSK identity hint: None
        SRP username: None
        TLS session ticket lifetime hint: 3600 (seconds)
        TLS session ticket:
        0000 - 75 82 1c 51 93 75 6d 77-d9 44 5e 29 3a fe 96 c5   u..Q.umw.D^):...
        0010 - 48 ee 4a 0c 82 86 4f 86-5e 86 1a 72 27 49 ec 8d   H.J...O.^..r'I..
        0020 - bf 88 46 d5 bb 72 ec b3-20 5e 4d 3a 12 f8 9e 33   ..F..r.. ^M:...3
        0030 - 60 ca ea 35 f1 d2 a7 da-b6 e9 30 90 14 0e d9 34   `..5......0....4
        0040 - 2a c3 85 42 d3 b8 3a 56-c0 8d 91 9b 08 d2 3e 51   *..B..:V......>Q
        0050 - 89 24 04 2a 34 fd 6c 76-92 ad 3f e1 0a 66 d1 87   .$.*4.lv..?..f..
        0060 - 95 19 64 23 a3 5d d9 82-40 c0 97 20 cd 92 a9 1a   ..d#.][email protected] ....
        0070 - a4 c0 03 cd 17 b7 32 3c-98 91 ee a4 78 98 f9 cc   ......2<....x...
        0080 - 24 3e 12 57 fb fb 4d dc-0d cd ea 19 b1 18 fe f3   $>.W..M.........
        0090 - 4b 1f 41 5f e7 e5 4d 29-1d f7 bb 77 15 9a 75 6c   K.A_..M)...w..ul
        00a0 - 5d 43 a3 44 e0 95 d9 5f-c3 c4 42 34 d2 cb 90 10   ]C.D..._..B4....
        00b0 - fe 3a e4 b0 ca ef 72 a0-a7 eb 90 11 57 6f 1a cb   .:....r.....Wo..
        00c0 - 60 9e 7c 24 1f a3 97 f2-42 46 6a b2 33 fe 3f 68   `.|$....BFj.3.?h
        00d0 - 7b a9 db 40 9e 57 18 07-74 d0 af 58 7a 27 14 a4   {[email protected]'..
        00e0 - e7 9b 1b 7d ea 2d 43 6e-90 00 ee d0 1d c5 af 5b   ...}.-Cn.......[
    
        Start Time: 1541790636
        Timeout   : 7200 (sec)
        Verify return code: 20 (unable to get local issuer certificate)
        Extended master secret: no
        Max Early Data: 16384
    ---
    

    moreover, why does ECDSA no longer work with tls 1.3?

    Thanks!
     
    Last edited: Nov 10, 2018
  17. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    12:40 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    TLS 1.3 works with ECDSA or RSA ssl certificates. But it's reported by it's own own ssl cipher see TLS1.3 - OpenSSLWiki (bold part)
    anywhere in server{} context

    How did you test as openssl s_client needs to save a previous HTTPS session and have it replayed to test if early data is working and you don't really want to be using it due to security and replay attacks unless your web app knows how to handle it.
     
    • Like Like x 1
  18. bassie

    bassie Well-Known Member

    1,025
    246
    63
    Apr 29, 2016
    Ratings:
    +726
    Local Time:
    3:40 AM
  19. upgrade81

    upgrade81 Premium Member Premium Member

    178
    9
    18
    Sep 5, 2016
    Italy
    Ratings:
    +13
    Local Time:
    3:40 AM
    1.13.8
    10
    I have several alerts of this type.. inside the vhost error log.

    not many.

    [QUOTEB]
    2018/11/16 12:30:37

    4642#4642: *333385 ignoring stale global SSL error (SSL: error:1409E10F:SSL routines:ssl3_write_bytes:bad length) while processing HTTP/2 connection, client: 213.45.x.xxx, server: 0.0.0.0:443
    [/QUOTEB]

     
  20. rdan

    rdan Premium Member Premium Member

    4,417
    1,059
    113
    May 25, 2014
    Ratings:
    +1,542
    Local Time:
    10:40 AM
    Mainline
    10.2
    I have few of this daily and I just ignore it :/.
    Not sure what's causing this.
     
    • Funny Funny x 1
..