Open pki-bot opened 4 years ago
Comment from cheimes (@tiran) at 2016-08-15 15:37:34
Please note that my config has different values than the QA test in https://bugzilla.redhat.com/show_bug.cgi?id=871171#c41 e.g. -TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
in my config but +TLS_ECDH_RSA_WITH_AES_128_GCM_SHA25
in comment 41.
Comment from cheimes (@tiran) at 2016-08-15 17:00:09
The cipher spec was last changed in tickets 1566 and 1438 by cfu. If I understand the tickets correctly, the PFS ciphers were disable because they were causing trouble with HSMs.
Comment from edewata (@edewata) at 2016-08-15 17:26:49
FYI, there's a proposal to improve the Tomcat JSS configuration in ticket 1352 to make it easier to maintain and to remove misleading warnings.
Comment from cfu (@cfu) at 2016-08-15 20:48:34
A few comments:
I have the info in ciphers.info indicating that they could be turned back on if not a concern with HSM:
So, yes, since we are now on for 7.3, we can safely turn them on
Also about limiting to TLS1.2, as stated in ciphers.info, The sslVersionRangeStream and sslVersionRangeDatagram and be modified to either restrict or relax the TLS versions.
as for +'s and -'s, I think it's best to list all avaiable (within reasons) ciphers so that people know how to spell the cipher names if they need to tune the list. Although we could also refer them to ciphers.info. I'm okay either way.
Comment from mharmsen (@mharmsen) at 2016-08-18 23:40:17
Per the PKI Bug Council of 08/18/2016:
Comment from mharmsen (@mharmsen) at 2016-08-31 21:15:39
Per PKI Bug Council of 08/31/2016: 10.4 - major
Comment from cheimes (@tiran) at 2017-02-27 14:04:54
Metadata Update from @tiran:
This issue was migrated from Pagure Issue #2438. Originally filed by cheimes (@tiran) on 2016-08-15 15:26:23:
Current pki-server-10.3.3-1.fc24 supports only AES128-SHA and AES256-SHA as TLS ciphers on port 8443. Neither AES in CBC mode nor SHA1 are state of the art. The cipher suite also lacks PFS (ephemeral DH/ECDH for key agreement).
I also like to point out that the current configuration of tomcatjss is rather confusing and hard to read. The connector config contains obsolete and unnecessary options. The options
sslOptions
,ssl2Ciphers
andtlsCiphers
are deprecated and ignored in present ofsslVersionRangeStream
.https://svn.fedorahosted.org/svn/tomcatjss/trunk/tomcatjss/src/org/apache/tomcat/util/net/jss/JSSSocketFactory.java
The new option
sslRangeCiphers
lists several ciphers with - prefix. WithstrictCiphers="true"
it is not required to exclude any ciphers. With strict ciphers all ciphers are disabled by default. So only explicitly enabled ciphers are available.sslscan output
(Note: sslscan from https://koji.fedoraproject.org/koji/taskinfo?taskID=15234102 / https://github.com/tiran/sslscan/releases/tag/1.11.8-tiran )
/etc/pki/pki-tomcat/server.xml
suggestion
Remove
sslOptions
,ssl2Ciphers
andtlsCiphers
from config.Remove all negative cipher defs from
sslRangeCiphers
.Add sensible ciphers to
sslRangeCiphers
. Mozilla's server side TLS has good recommendations and even JSON file with suggested ciphers. https://wiki.mozilla.org/Security/Server_Side_TLS.A good list of cipher should include: