Overview

This page describes the SSL configuration used by PKI. The SSL configuration is stored in /var/lib/pki/pki-tomcat/conf/server.xml as part of TomcatJSS configuration.

Default SSL Configuration

By default PKI will use the following SSL configuration.

General configuration

Strict ciphers: true
Client certificate authentication: want
server cert nickname file: /var/lib/pki/pki-tomcat/conf/serverCertNick.conf
password file: /var/lib/pki/pki-tomcat/conf/password.conf
password class: org.apache.tomcat.util.net.jss.PlainPasswordFile
NSS database: /var/lib/pki/pki-tomcat/alias

OCSP

OCSP: enabled
OCSP responder URL: http://$HOSTNAME:9080/ca/ocsp
OCSP responder certificate: ocspSigningCert cert-pki-ca
Cache size: 1000
Minimum cache entry duration: 60 seconds
Maximum cache entry duration: 120 seconds
Timeout: 10 seconds

SSL options

SSL2: disabled
SSL3: disabled
TLS: enabled

Note: If the SSL range ciphers parameters are defined, the SSL options parameters will be ignored.

SSL2 ciphers

Disabled:

SSL2_RC4_128_WITH_MD5
SSL2_RC4_128_EXPORT40_WITH_MD5
SSL2_RC2_128_CBC_WITH_MD5
SSL2_RC2_128_CBC_EXPORT40_WITH_MD5
SSL2_DES_64_CBC_WITH_MD5
SSL2_DES_192_EDE3_CBC_WITH_MD5

Enabled: none

SSL3 ciphers

Disabled:

SSL3_FORTEZZA_DMS_WITH_NULL_SHA
SSL3_FORTEZZA_DMS_WITH_RC4_128_SHA
SSL3_RSA_EXPORT_WITH_RC4_40_MD5
SSL3_RSA_WITH_DES_CBC_SHA
SSL3_RSA_EXPORT_WITH_RC2_CBC_40_MD5
SSL3_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA
SSL_RSA_FIPS_WITH_DES_CBC_SHA
SSL3_RSA_WITH_NULL_MD5
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA

Enabled:

SSL3_RSA_WITH_RC4_128_SHA
SSL3_RSA_WITH_3DES_EDE_CBC_SHA
SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

TLS ciphers

Disabled:

TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

Enabled:

TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA

SSL version range for stream protocols

Minimum: tls1_1 (tls1_0 -> tls1_1 per https://pagure.io/dogtagpki/issue/2855)

Maximum: tls1_2

Valid values: ssl3, tls1_0, tls1_1, tls1_2

SSL version range for datagram protocols

Minimum: tls1_1

Maximum: tls1_2

Valid values: tls1_1, tls1_2

SSL range ciphers

RSA Servers

This list defines the SSL ciphers for the above SSL version ranges. This parameter overrides the SSL options parameters above for non-ECC ciphers.

Disabled:

TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_3DES_EDE_CBC_SHA (enabled -> disabled per https://pagure.io/dogtagpki/issue/2821)

Enabled:

TLS_DHE_RSA_WITH_AES_128_CBC_SHA (disabled -> enabled per https://pagure.io/dogtagpki/issue/2855)
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (disabled -> enabled per https://pagure.io/dogtagpki/issue/2855)
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (disabled -> enabled per https://pagure.io/dogtagpki/issue/2855)
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (disabled -> enabled per https://pagure.io/dogtagpki/issue/2855)
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (disabled -> enabled per https://pagure.io/dogtagpki/issue/2855)
TLS_RSA_WITH_AES_128_CBC_SHA256 (disabled -> enabled per https://pagure.io/dogtagpki/issue/2855)
TLS_RSA_WITH_AES_256_CBC_SHA256 (disabled -> enabled per https://pagure.io/dogtagpki/issue/2855)
TLS_RSA_WITH_AES_128_CBC_SHA (may need to remain enabled in order to talk to the LDAP server during pkispawn installation/configuration)
TLS_RSA_WITH_AES_256_CBC_SHA (may need to remain enabled in order to talk to the LDAP server during pkispawn installation/configuration)

ECC Servers

Similarly, the following list defines the SSL ciphers for the above SSL version ranges for ECC ciphers.

Disabled:

TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

Enabled:

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

FIPS SSL Configuration

In systems prior to Fedora 27 (pki-core-10.5.5-1), in order to configure an RSA server, it was necessary to run pkispawn in two separate steps (installation and configuration).

   Note: In order to configure an ECC server, pkispawn installation/configuration has always been able to be run in a single pass.

With the completion of https://pagure.io/dogtagpki/issue/2855 which altered FIPS ciphers to be the default cipher suite, pkispawn installation/configuration can be run in a single pass regardless of the PKI server being RSA or ECC, and regardless whether or not FIPS has been enabled or disabled.

RSA Server in FIPS mode

In FIPS mode, certain HSMs may require enabling certain SSL ciphers in order to work with PKI CLI and Firefox 34 or older (newer Firefox will not work).

For Thales HSM, enable the following SSL range ciphers for RSA ciphers:

TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA (may need to remain enabled in order to talk to the LDAP server during pkispawn installation/configuration)
TLS_RSA_WITH_AES_256_CBC_SHA (may need to remain enabled in order to talk to the LDAP server during pkispawn installation/configuration)

Disable everything else in SSL range ciphers.

The <Connector> element in server.xml will look like the following:

<Connector
    ...
    sslRangeCiphers="
-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
-TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
-TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
-TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
-TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
-TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
-TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
-TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
+TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
+TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
+TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
-TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+TLS_RSA_WITH_AES_128_CBC_SHA256,
+TLS_RSA_WITH_AES_256_CBC_SHA256,
-TLS_RSA_WITH_AES_128_GCM_SHA256,
-TLS_RSA_WITH_3DES_EDE_CBC_SHA,
+TLS_RSA_WITH_AES_128_CBC_SHA,
+TLS_RSA_WITH_AES_256_CBC_SHA"
    .../>

ECC Server in FIPS mode

In FIPS mode, certain HSMs may require enabling certain SSL ciphers in order to work with PKI CLI and Firefox 34 or older (newer Firefox will not work).

For Thales HSM, enable the following SSL range ciphers for ECC ciphers:

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

Disable everything else in SSL range ciphers.

The <Connector> element in server.xml will look like the following:

<Connector
    ...
    sslRangeCiphers="
-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
-TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
-TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
-TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
-TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-TLS_RSA_WITH_3DES_EDE_CBC_SHA,
-TLS_RSA_WITH_AES_128_CBC_SHA,
+TLS_RSA_WITH_AES_256_CBC_SHA,
-TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
+TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
-TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
-TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
-TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
-TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
-TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
-TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
-TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
-TLS_RSA_WITH_AES_128_CBC_SHA256,
+TLS_RSA_WITH_AES_256_CBC_SHA256,
-TLS_RSA_WITH_AES_128_GCM_SHA256,
+TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
+TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
-TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
    .../>

Customizing SSL Configuration

During Installation

During installation the installer will use the default SSL configuration. Under certain circumstances (e.g. in FIPS mode) the default SSL configuration may not work. To customize the SSL configuration during installation use the Two-Step Installation:

Prepare a normal deployment configuration.
Add pki_skip_configuration=True to the configuration and run pkispawn.
Customize the SSL parameters as needed in /var/lib/pki/pki-tomcat/conf/server.xml
Replace pki_skip_configuration=True with pki_skip_installation=True and run pkispawn again.

After Installation

After installation the SSL settings can be customized directly in /var/lib/pki/pki-tomcat/conf/server.xml.

SSL

Contents

Overview

Default SSL Configuration

General configuration

OCSP

SSL options

SSL2 ciphers

SSL3 ciphers

TLS ciphers

SSL version range for stream protocols

SSL version range for datagram protocols

SSL range ciphers

RSA Servers

ECC Servers

FIPS SSL Configuration

RSA Server in FIPS mode

ECC Server in FIPS mode

Customizing SSL Configuration

During Installation

After Installation

Troubleshooting

References

Views

Navigation menu

Navigation

Tools

Account