Certbot uses weak ciphers on nginx

I’m using certbot with nginx on Ubuntu. I tested my website on ssllabs.com and it says that my server uses some weak cipher suites.

In particular, the ciphers labeled as “weak” are:

  • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012)
  • TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16)
  • TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa)

I tried disabling these in my nginx.conf, but I realized that certbot is overriding the nginx.conf by including its own in /etc/letsencrypt/options-ssl-nginx.conf. I can manually change this by either removing certbot’s include in each server or changing this other file directly, but I am wondering if this is intended default behavior for certbot and if these ciphers really are an issue.

Certbot uses Mozilla’s “intermediate compatibility” TLS configuration.

https://wiki.mozilla.org/Security/Server_Side_TLS

It does enable weak settings, but it puts them at the bottom of the list. Modern clients will use more secure settings.

TLS settings can be debated, and there are a number of tradeoffs, but it’s not an egregiously terrible configuration.

Still, you might prefer other settings, like Mozilla’s “modern” configuration or something else.

If you want to change things, I’m unfortunately not sure what the best option is. If you edit /etc/letsencrypt/options-ssl-nginx.conf I don’t know if Certbot will overwrite it later. :sweat:

I believe it would work to remove “include /etc/letsencrypt/options-ssl-nginx.conf;” from the Nginx configuration and paste in equivalent settings, but I don’t know if it’s the best strategy.

2 Likes

Thank you for the info! Removing the include from the server configuration has been working for me. Perhaps customizing the cipher configuration could be an option in certbot in the future.

Nginx's default configuration is not very good. :grimacing: Removing all of Certbot's settings will leave you in worse shape than leaving them unmodified. It's best to reenable Certbot's configuration, or set something else -- like Mozilla's "modern" settings -- instead.

You can copy and paste straight from Mozilla's website.

https://mozilla.github.io/server-side-tls/ssl-config-generator/

Thanks for the advice! I had already configured nginx before (which is why I wondered why it started using weak ciphers once I used certbot today), so when I removed certbot’s include it wasn’t using the default nginx configuration. I will also include the entries from Mozilla’s configuration.

Oh. Great. :smile: Nothing wrong with using your own settings. I just advise against the Nginx defaults.

I thought certbot had a setting so you could choose which Mozilla list it used, but I can’t find it in the command line option list… :confused:

I believe we proposed that but have not implemented it yet.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.