Difference between revisions of "SSL"
From Dogtag
(→SSL range ciphers) |
(→FIPS SSL Configuration) |
||
| Line 202: | Line 202: | ||
In FIPS mode, certain HSMs may require enabling certain SSL ciphers in order to work with PKI CLI and Firefox 34 or older (newer Firefox will not work). | In FIPS mode, certain HSMs may require enabling certain SSL ciphers in order to work with PKI CLI and Firefox 34 or older (newer Firefox will not work). | ||
| − | For Thales HSM, enable the following SSL range ciphers for | + | For Thales HSM, enable the following SSL range ciphers for '''RSA ciphers''': |
* TLS_DHE_RSA_WITH_AES_128_CBC_SHA | * TLS_DHE_RSA_WITH_AES_128_CBC_SHA | ||
* TLS_DHE_RSA_WITH_AES_256_CBC_SHA | * TLS_DHE_RSA_WITH_AES_256_CBC_SHA | ||
| Line 210: | Line 210: | ||
* TLS_RSA_WITH_AES_128_CBC_SHA256 | * TLS_RSA_WITH_AES_128_CBC_SHA256 | ||
* TLS_RSA_WITH_AES_256_CBC_SHA256 | * TLS_RSA_WITH_AES_256_CBC_SHA256 | ||
| + | * TLS_RSA_WITH_AES_128_CBC_SHA (may need to remain enabled in order to talk to the LDAP server during pkispawn installation/configuration) | ||
| + | * TLS_RSA_WITH_AES_256_CBC_SHA (may need to remain enabled in order to talk to the LDAP server during pkispawn installation/configuration) | ||
Disable everything else in SSL range ciphers. | Disable everything else in SSL range ciphers. | ||
| Line 219: | Line 221: | ||
... | ... | ||
sslRangeCiphers=" | sslRangeCiphers=" | ||
| − | TLS_DHE_RSA_WITH_AES_128_CBC_SHA, | + | -TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, |
| − | TLS_DHE_RSA_WITH_AES_256_CBC_SHA, | + | -TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, |
| − | TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, | + | -TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, |
| − | TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, | + | -TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, |
| − | TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, | + | -TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, |
| − | TLS_RSA_WITH_AES_128_CBC_SHA256, | + | -TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, |
| − | TLS_RSA_WITH_AES_256_CBC_SHA256" | + | -TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, |
| + | -TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, | ||
| + | -TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, | ||
| + | -TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, | ||
| + | -TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, | ||
| + | -TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, | ||
| + | -TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, | ||
| + | -TLS_DHE_DSS_WITH_AES_128_CBC_SHA, | ||
| + | -TLS_DHE_DSS_WITH_AES_256_CBC_SHA, | ||
| + | -TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, | ||
| + | +TLS_DHE_RSA_WITH_AES_128_CBC_SHA, | ||
| + | +TLS_DHE_RSA_WITH_AES_256_CBC_SHA, | ||
| + | +TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, | ||
| + | +TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, | ||
| + | +TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, | ||
| + | -TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, | ||
| + | -TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, | ||
| + | -TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, | ||
| + | -TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, | ||
| + | -TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, | ||
| + | +TLS_RSA_WITH_AES_128_CBC_SHA256, | ||
| + | +TLS_RSA_WITH_AES_256_CBC_SHA256, | ||
| + | -TLS_RSA_WITH_AES_128_GCM_SHA256, | ||
| + | -TLS_RSA_WITH_3DES_EDE_CBC_SHA, | ||
| + | +TLS_RSA_WITH_AES_128_CBC_SHA, | ||
| + | +TLS_RSA_WITH_AES_256_CBC_SHA" | ||
.../> | .../> | ||
</pre> | </pre> | ||
Revision as of 03:02, 1 February 2018
Contents
Overview
This page describes the SSL configuration used by PKI. The SSL configuration is stored in /var/lib/pki/pki-tomcat/conf/server.xml as part of TomcatJSS configuration.
Default SSL Configuration
By default PKI will use the following SSL configuration.
General configuration
- Strict ciphers: true
- Client certificate authentication: want
- server cert nickname file: /var/lib/pki/pki-tomcat/conf/serverCertNick.conf
- password file: /var/lib/pki/pki-tomcat/conf/password.conf
- password class: org.apache.tomcat.util.net.jss.PlainPasswordFile
- NSS database: /var/lib/pki/pki-tomcat/alias
OCSP
- OCSP: enabled
- OCSP responder URL: http://$HOSTNAME:9080/ca/ocsp
- OCSP responder certificate: ocspSigningCert cert-pki-ca
- Cache size: 1000
- Minimum cache entry duration: 60 seconds
- Maximum cache entry duration: 120 seconds
- Timeout: 10 seconds
SSL options
- SSL2: disabled
- SSL3: disabled
- TLS: enabled
Note: If the SSL range ciphers parameters are defined, the SSL options parameters will be ignored.
SSL2 ciphers
Disabled:
- SSL2_RC4_128_WITH_MD5
- SSL2_RC4_128_EXPORT40_WITH_MD5
- SSL2_RC2_128_CBC_WITH_MD5
- SSL2_RC2_128_CBC_EXPORT40_WITH_MD5
- SSL2_DES_64_CBC_WITH_MD5
- SSL2_DES_192_EDE3_CBC_WITH_MD5
Enabled: none
SSL3 ciphers
Disabled:
- SSL3_FORTEZZA_DMS_WITH_NULL_SHA
- SSL3_FORTEZZA_DMS_WITH_RC4_128_SHA
- SSL3_RSA_EXPORT_WITH_RC4_40_MD5
- SSL3_RSA_WITH_DES_CBC_SHA
- SSL3_RSA_EXPORT_WITH_RC2_CBC_40_MD5
- SSL3_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA
- SSL_RSA_FIPS_WITH_DES_CBC_SHA
- SSL3_RSA_WITH_NULL_MD5
- TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
- TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Enabled:
- SSL3_RSA_WITH_RC4_128_SHA
- SSL3_RSA_WITH_3DES_EDE_CBC_SHA
- SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS ciphers
Disabled:
- TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
- TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Enabled:
- TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- TLS_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_RSA_WITH_AES_128_CBC_SHA
- TLS_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA
- TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA
SSL version range for stream protocols
Minimum: tls1_1 (tls1_0 -> tls1_1 per https://pagure.io/dogtagpki/issue/2855)
Maximum: tls1_2
Valid values: ssl3, tls1_0, tls1_1, tls1_2
SSL version range for datagram protocols
Minimum: tls1_1
Maximum: tls1_2
Valid values: tls1_1, tls1_2
SSL range ciphers
This list defines the SSL ciphers for the above SSL version ranges. This parameter overrides the SSL options parameters above for non-ECC ciphers.
Disabled:
- TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
- TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
- TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA
- TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_RSA_WITH_AES_128_GCM_SHA256
- TLS_RSA_WITH_3DES_EDE_CBC_SHA (enabled -> disabled per https://pagure.io/dogtagpki/issue/2821)
Enabled:
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA (disabled -> enabled per https://pagure.io/dogtagpki/issue/2855)
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA (disabled -> enabled per https://pagure.io/dogtagpki/issue/2855)
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (disabled -> enabled per https://pagure.io/dogtagpki/issue/2855)
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (disabled -> enabled per https://pagure.io/dogtagpki/issue/2855)
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (disabled -> enabled per https://pagure.io/dogtagpki/issue/2855)
- TLS_RSA_WITH_AES_128_CBC_SHA256 (disabled -> enabled per https://pagure.io/dogtagpki/issue/2855)
- TLS_RSA_WITH_AES_256_CBC_SHA256 (disabled -> enabled per https://pagure.io/dogtagpki/issue/2855)
- TLS_RSA_WITH_AES_128_CBC_SHA (may need to remain enabled in order to talk to the LDAP server during pkispawn installation/configuration)
- TLS_RSA_WITH_AES_256_CBC_SHA (may need to remain enabled in order to talk to the LDAP server during pkispawn installation/configuration)
Similarly, the following list defines the SSL ciphers for the above SSL version ranges for ECC ciphers.
Disabled:
- TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
- TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
- TLS_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA
- TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
- TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_RSA_WITH_AES_128_CBC_SHA256
- TLS_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Enabled:
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- TLS_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- TLS_RSA_WITH_AES_256_CBC_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
FIPS SSL Configuration
In FIPS mode, certain HSMs may require enabling certain SSL ciphers in order to work with PKI CLI and Firefox 34 or older (newer Firefox will not work).
For Thales HSM, enable the following SSL range ciphers for RSA ciphers:
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_RSA_WITH_AES_128_CBC_SHA256
- TLS_RSA_WITH_AES_256_CBC_SHA256
- TLS_RSA_WITH_AES_128_CBC_SHA (may need to remain enabled in order to talk to the LDAP server during pkispawn installation/configuration)
- TLS_RSA_WITH_AES_256_CBC_SHA (may need to remain enabled in order to talk to the LDAP server during pkispawn installation/configuration)
Disable everything else in SSL range ciphers.
The <Connector> element in server.xml will look like the following:
<Connector
...
sslRangeCiphers="
-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
-TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
-TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
-TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
-TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
-TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
-TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
-TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
+TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
+TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
+TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
-TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+TLS_RSA_WITH_AES_128_CBC_SHA256,
+TLS_RSA_WITH_AES_256_CBC_SHA256,
-TLS_RSA_WITH_AES_128_GCM_SHA256,
-TLS_RSA_WITH_3DES_EDE_CBC_SHA,
+TLS_RSA_WITH_AES_128_CBC_SHA,
+TLS_RSA_WITH_AES_256_CBC_SHA"
.../>
Customizing SSL Configuration
During Installation
During installation the installer will use the default SSL configuration. Under certain circumstances (e.g. in FIPS mode) the default SSL configuration may not work. To customize the SSL configuration during installation use the Two-Step Installation:
- Prepare a normal deployment configuration.
- Add pki_skip_configuration=True to the configuration and run pkispawn.
- Customize the SSL parameters as needed in /var/lib/pki/pki-tomcat/conf/server.xml
- Replace pki_skip_configuration=True with pki_skip_installation=True and run pkispawn again.
After Installation
After installation the SSL settings can be customized directly in /var/lib/pki/pki-tomcat/conf/server.xml.
