Cannot disable SSLv3 on Amazon Linux Instance - linux

I am using SSL Certificate issued by Go Daddy.
On my Linux Instance following are the software details :-
Apache Version - Apache/2.4.16 (Amazon)
Openssl Version - OpenSSL 1.0.1k-fips 8 Jan 2015
mod_ssl version - mod_ssl-2.4.2
Note :- I install Apache from RPM Package and later I install mod_ssl and openssl from rpm package.
1) The problem is when I disable SSLv3 and test SSL Server from https://www.ssllabs.com/ssltest/ it gives me warning that "this server does not support TLSv1.2 which is current best" and when I enable TLSv1.2 protocol the same test warns me about "This server supports SSLv3 protocol and vulnerable to Poodle attack"
How to disable SSLv3 and enable TLSv1.2 at same time on server?
Current configuration of my Vhost file about SSL is:
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
SSLHonorCipherOrder on
2) I cannot create a Strong Diffie-Hellman Group. Current is 1024-bit Diffie-Hellman group and want to create 2048-bit group for the site.
I issue this command to generate 2048-bit key:-
openssl dhparam -out dhparams.pem 2048
and my configuration in VHost is:
SSLOpenSSLConfCmd DHParameters /etc/httpd/dhparams.pem
when I restart server error message pop up:
Invalid command 'SSLOpenSSLConfCmd', perhaps misspelled or defined by a module not included in the server configuration
How to resolve this issue?
Output of command openssl s_client -connect 127.0.0.1:443 -tls1_2 -msg when SSLv3 is enabled :-
CONNECTED(00000003)
>>> ??? [length 0005]
>>> TLS 1.2 Handshake [length 0138], ClientHello
<<< ??? [length 0005]
<<< TLS 1.2 Handshake [length 003a], ServerHello
<<< ??? [length 0005]
<<< TLS 1.2 Handshake [length 12a7], Certificate
depth=3 C = US, O = "The Go Daddy Group, Inc.", OU = Go Daddy Class 2
Certification Authority
verify error:num=19:self signed certificate in certificate chain
<<< ??? [length 0005]
<<< TLS 1.2 Handshake [length 020f], ServerKeyExchange
<<< ??? [length 0005]
<<< TLS 1.2 Handshake [length 0004], ServerHelloDone
>>> ??? [length 0005]
>>> TLS 1.2 Handshake [length 0086], ClientKeyExchange
>>> ??? [length 0005]
>>> TLS 1.2 ChangeCipherSpec [length 0001]
>>> ??? [length 0005]
>>> TLS 1.2 Handshake [length 0010], Finished
<<< ??? [length 0005]
<<< TLS 1.2 Handshake [length 00ca]???
<<< ??? [length 0005]
<<< TLS 1.2 ChangeCipherSpec [length 0001]
<<< ??? [length 0005]
<<< TLS 1.2 Handshake [length 0010], Finished
output of command openssl s_client -connect 127.0.0.1:443 -ssl3 -msg with SSLv3 disabled :-
>>> ??? [length 0005]
>>> SSL 3.0 Handshake [length 0099], ClientHello
<<< ??? [length 0005]
<<< SSL 3.0 Alert [length 0002], fatal handshake_failure
Output of command openssl s_client -connect 127.0.0.1:443 -tls1_2 -msg when SSLv3 is disabled :-
CONNECTED(00000003)
>>> ??? [length 0005]
>>> TLS 1.2 Handshake [length 0138], ClientHello
<<< ??? [length 0005]
>>> ??? [length 0005]
>>> TLS 1.0 Alert [length 0002], fatal protocol_version
SSL Debug Error Logs in Apache for command openssl s_client -connect 127.0.0.1:443 -tls1_2 -msg when SSLv3 is disabled :-
[Tue Nov 24 07:50:13.019993 2015] [ssl:info] [pid 6419] [client 127.0.0.1:32836] AH01964: Connection to child 2 established (server site1.example.com:443)
[Tue Nov 24 07:50:13.023693 2015] [ssl:info] [pid 6419] [client 127.0.0.1:32836] AH02008: SSL library error 1 in handshake (server site1.example.com:443)
[Tue Nov 24 07:50:13.023752 2015] [ssl:info] [pid 6419] SSL Library Error: error:1409442E:SSL routines:SSL3_READ_BYTES:tlsv1 alert protocol version (SSL alert number 70)
[Tue Nov 24 07:50:13.023789 2015] [ssl:info] [pid 6419] [client 127.0.0.1:32836] AH01998: Connection closed to child 2 with abortive shutdown (server site1.example.com:443)
sslscan --no-failed "site1.domain.com" command result when SSLProtocol all -SSLv2 -SSLv3 is used in configuration:-
sslscan --no-failed "site1.domain.com" command result when SSLProtocol all -SSLv2 -SSLv3 is not used in configuration:-
Both the results shows no sign of TLSv1.2 protocol.
I think sslscan only scan for SSLv3 and TLSv1.1 protocol. Not TLSv1.2
Now when I tested this result on SSLLab with SSLProtocol all -SSLv2 -SSLv3 is not used in configuration then :-
It says TLSv1.2 is enable.

Add this below line & check
SSLProtocol all -SSLv2 -SSLv3 +TLSv1.2

Along with SSLProtocol -all +TLSv1.2
Edit the following "SSLCipherSuite" in /etc/apache2/mods-available/ssl.conf.
from: SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 to:
SSLCipherSuite EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 \ EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 \ EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS

Related

How to enable only TLS v1.2 in Apache web server

Good Day,
I have a apache web server in Linux, and I want to enable the only TLSv1.2
I tried to applied to many methods, But i can't.
How to enable only TLS v1.2 in Apache web server??
spec:
OpenSSL 1.0.2k-fips
Server version: Apache/2.4.39
ssl.conf:
SSLProtocol -all +TLSv1.2
SSLProxyProtocol -all +TLSv1.2
SSLHonorCipherOrder on
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM- SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GC$
SSLProxyCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GC$
And i have tried to aplied these.
SSLProtocol -ALL +TLSv1.2
SSLProxyProtocol -ALL +TLSv1.2
or
SSLProtocol TLSv1.2
SSLProxyProtocol TLSv1.2
But..
openssl s_client -connect domain -tls1 => Secure Renegotiation IS supported
openssl s_client -connect domain:443 -tls1_1 => Secure Renegotiation IS supported
openssl s_client -connect domain:443 -tls1_2 => Secure Renegotiation IS supported
TLSv1.0, TLSv1.1 are still enbled.

SSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177

I have created Azure VM and installed my application on it.
Created JKS file and configured SSL in my application.
I have restricted my Azure VM to access from particular source IP.
When I try to access from that source IP, I am not able to access my application from browser. It says "Site not found" error.
openssl s_client -connect 10.6.0.10:443
CONNECTED(00000003)
139868717622936:error:140790E5:SSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 305 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1510229915
Timeout : 300 (sec)
Verify return code: 0 (ok)

CouchDB SSL fatal decode error

I'm running CouchDB 1.6.1 on Windows 64bit server 2012 R2, usually we use nginx to manage the SSL however this time I've attempted using CouchDB directly.
Our SSL is a GlobalSign organizational SSL and I have the cert, private key and intermediate cert from the provider. I have setup my local.ini as follow:
[daemons]
; enable SSL support by uncommenting the following line and supply the PEM's below.
; the default ssl port CouchDB listens on is 6984
httpsd = {couch_httpd, start_link, [https]}
[ssl]
cert_file = ../ssl/organizational.crt
key_file = ../ssl/privatekeyfile.key
; set to true to validate peer certificates
;verify_ssl_certificates = false
; Path to file containing PEM encoded CA certificates (trusted
; certificates used for verifying a peer certificate). May be omitted if
; you do not want to verify the peer.
cacert_file = ../ssl/intermediate.crt
When I check via curl I get the following output:
curl -k -v https://companyURL.com:6984
* Rebuilt URL to: https://companyURL.com:6984/
* Hostname was NOT found in DNS cache
* Trying IP.IP.IP.IP...
* Connected to companyURL.com (IP.IP.IP.IP) port 6984 (#0)
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-SHA384
* Server certificate:
* subject: C=GB; ST=LONDON; L=LONDON; OU=IT; O=COMPANY;CN=*.edge10hosted.org
* start date: 2015-03-27 14:18:04 GMT
* expire date: 2018-05-03 11:17:17 GMT
* issuer: C=BE; O=GlobalSign nv-sa; CN=GlobalSign Organization Validation CA - SHA256 - G2
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
> GET / HTTP/1.1
> User-Agent: curl/7.39.0
> Host: companyURL.com:6984
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: CouchDB/1.6.1 (Erlang OTP/R16B02)
< Date: Tue, 31 Mar 2015 13:00:39 GMT
< Content-Type: text/plain; charset=utf-8
< Content-Length: 151
< Cache-Control: must-revalidate
<
{"couchdb":"Welcome","uuid":"34155abcacbffc53e67a224f5f1ea7c7","version":"1.6.1","vendor":{"version":"1.6.1","name":"The Apache Software Foundation"}}
* Connection #0 to host companyURL.com left intact
And running https://www.sslshopper.com/ssl-checker.html checks out fine.
CouchDB logs show
SSL: certify: tls_connection.erl:2286:Fatal error: decode error
Any thoughts as to what the issue could be as the certificates work fine elsewhere and via nginx.

Tomcat 7.0.52 APR 1.1.29 native TLS Protocol Session Renegotiation Security Vulnerability TLS SSL Man In The Middle CVE-2009-3555

I am failing a server security scan on Windows 2008 R2, with
TLS Protocol Session Renegotiation Security Vulnerability TLS SSL Man In The Middle CVE-2009-3555
The scan results recommend an upgrade to openssl 0.9.8l or higher.
I am using the latest version of tcnative-1.dll (1.1.29 13/02/14) which, as I understand it is built using the native libraries and openssl libraries.
Is the only way I can resolve this is to build tcnative myself with the latest version of openssl?
Looking at the http://tomcat.apache.org/native-doc/ build section I need MS Visual Studio (which I don't have and have never used).
Has anybody else build it? If so I cannot find it.
This result is a false positive. I've performed various tests with various versions of Tomcat using the 1.1.29 APR/native connector and in none of those test did insecure renegotiation occur.
Note that Tomcat - depending on version, connector and configuration may support secure renegotiation.
The most definitive test was with OpenSSL 0.9.8.k (i.e. a version of OpenSSL that is vulnerable to CVE2009-3555 and will attempt an insecure renegotiation). When I try this, the connection blocks and eventually times out.
You need to find a better security scanner.
For completeness, the output of the test was:
$ ./openssl s_client -connect 192.168.23.9:8443
CONNECTED(00000003)
depth=1 /C=US/CN=ca-test.tomcat.apache.org
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
0 s:/C=US/CN=localhost
i:/C=US/CN=ca-test.tomcat.apache.org
1 s:/C=US/CN=ca-test.tomcat.apache.org
i:/C=US/CN=ca-test.tomcat.apache.org
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDSTCCAjGgAwIBAgICEAMwDQYJKoZIhvcNAQEFBQAwMTELMAkGA1UEBhMCVVMx
IjAgBgNVBAMTGWNhLXRlc3QudG9tY2F0LmFwYWNoZS5vcmcwHhcNMTMwMjI4MDUy
ODQyWhcNMTUwMjI4MDUyODQyWjAhMQswCQYDVQQGEwJVUzESMBAGA1UEAxMJbG9j
YWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5295PxiHkd0n
mDQkeVhH+cJpK9hbwOC7SlfWALW7arBmhFy48BIKJycynIIqLw9pd6bpDd9kMVHA
QR7c1HRRnKO4URNYc+4hnPljghvCLEnDCXD/qfOvogwLYC9q26UBRT40kI5naetF
8zQphds5ipnCD3IVIf1UNaZ7pzDLHk09MiTGS4RPX2D/ZF5oytj63ph9QARgt65Q
7MiMrt2UgUEYWwNjDysCYwqVau1+aOa21VbpTmDqHZVYM76iElXLf5zElwvbwJQJ
KrOf4Wt4DWMaQdVr29hIWQSI0RHV50UoDnwbeHUgff9/4dbq5MVRd0FCMEv/KTM9
iViUaVtwJwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVu
U1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUMNurcJQ0yv11RqvO
4kqpnnS8abswHwYDVR0jBBgwFoAUsDu8yfooXz4EH5tsx4to2AGw+D0wDQYJKoZI
hvcNAQEFBQADggEBAKvT5ys1022fhypkWPFhy1aohCJ5rA1oH1UN3RYWcsSpdSoO
+LFzaMnuQ9hc+gddP0H7FBe+ZCHYHiVnkrLFu0MdlrbTvRzhpMfu4zcLkhRWyq2o
dluAyUKMifFCboz7odeY1W1Jmf629sbzzI8GVG4C9Y9L8YasFJNsdCUmRHpbgjxX
1uUUbrcpU+RAei8QXf8of+XlVGw4+rknlyppYLpKWihlsYHgt6F01uYHgW24WcNF
vXyoF2cf/FIabJCHTaGYUYwpaoTZDSSohmpearf5J5tSN5a1/ZQRysTZbWmB+pY0
Yzp8SS0GSK6xFFkSKY5ZPQOZQpDmgt8Iz9d37AA=
-----END CERTIFICATE-----
subject=/C=US/CN=localhost
issuer=/C=US/CN=ca-test.tomcat.apache.org
---
No client certificate CA names sent
---
SSL handshake has read 2433 bytes and written 322 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID: E98ED9D885D761C7B23AF93DC15C53D0680AF2D8345A37699549E48C9D4E18AE
Session-ID-ctx:
Master-Key: FA2C87FB24C68186D1CC63FEEF459B7DE4BA0F304D60F2293AB3C1C23DF03566F51DDB61A9576A1FE9C021CB3438B4C7
Key-Arg : None
Start Time: 1395309769
Timeout : 300 (sec)
Verify return code: 19 (self signed certificate in certificate chain)
---
GET / HTTP/1.0
R
RENEGOTIATING
7087:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:530:

AppEngine SSL fail from command-line

I loaded a RapidSSL/GeoTrust certificate into my AppEngine application. The website loads into the browser with SSL perfectly.
However, when I verify the certificate from the command-line (Ubuntu 13.04), it fails. It's a general SSL failure, so all of my Python requests fail, too ("urllib3" fails, which incites "requests" to fail):
$ openssl s_client -connect www.XYZ.com:443
CONNECTED(00000003)
3073689800:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 225 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---
I use the certificate for one of its ASs on another server running NGINX, and there are no problems verifying that, at all:
$ openssl s_client -connect XYZ.com:443
CONNECTED(00000003)
depth=1 C = US, O = "GeoTrust, Inc.", CN = RapidSSL CA
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/serialNumber=gQpQo/GwZhs9/JqYi8P8DsQNFmVC5VQB/OU=GT09052054/OU=See www.rapidssl.com/resources/cps (c)13/OU=Domain Control Validated - RapidSSL(R)/CN=www.XYZ.com
i:/C=US/O=GeoTrust, Inc./CN=RapidSSL CA
1 s:/C=US/O=GeoTrust, Inc./CN=RapidSSL CA
i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDDOW3MA0GCSqGSIb3DQEBBQUAMDwxCzAJBgNVBAYTAlVT
<truncated>
S6YumLnJrUVoCA==
-----END CERTIFICATE-----
subject=/serialNumber=gQpQo/GwZhs9/JqYi8P8DsQNFmVC5VQB/OU=GT09052054/OU=See www.rapidssl.com/resources/cps (c)13/OU=Domain Control Validated - RapidSSL(R)/CN=www.XYZ.com
issuer=/C=US/O=GeoTrust, Inc./CN=RapidSSL CA
---
No client certificate CA names sent
---
SSL handshake has read 3023 bytes and written 375 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.1
Cipher : ECDHE-RSA-AES256-SHA
Session-ID: A69E838824AF4F74228A82105A74D708A63CB5FDE042A04072A937A9A25DC1C7
Session-ID-ctx:
Master-Key: 35EACC6FCFA5F901AA355C0379289EE33FEB77334A95EC45A4A9D7CD22E4C944C76F998C2D9AAAF635FD88D02CDB7B08
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 5f 78 c7 0c da f1 7b ee-52 7a 4d 36 c0 28 b0 d7 _x....{.RzM6.(..
<truncated>
0090 - 5e fc 2c 37 d4 6f 20 0b-a6 aa 62 f4 df 90 1e 18 ^.,7.o ...b.....
Start Time: 1374291906
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
---
The site isn't complete yet, so I can't share the domain.
I'd appreciate any insights.
Dustin
Are you using SNI or VIP? If you're using SNI, you'll need to use -servername with openssl.

Resources