How to Generate a Strong, Unique Diffie Hellman Group

Help
1

Hi,

I have a LAMP stack Digital Ocean Droplet with multiple virtual hosts.

I try to generate and use 2048-bit or stronger Diffie-Hellman groups.

I already added the key with this code:

openssl dhparam -out dhparams.pem 2048

Now I try to use the new 2048-bit groups by using this code:

cat /path/to/custom/dhparam >> /path/to/sslcertfile

I tried:

cat /etc/letsencrypt/live/www.mydomain.net/privkey.pem >> /etc/letsencrypt/live/www.mydomain/fullchain.pem

Without luck.

I also tried:

SSLOpenSSLConfCmd DHParameters "/path/to/dhparams.pem"

And got: SSLOpenSSLConfCmd: command not found

Any idea on how to fix this?

Thanks

Ben

2 Likes
2

Why not use (one of) the named finite field groups as recommended by Mozilla? See the intermediate configuration at Security/Server Side TLS - MozillaWiki and the corresponding RFC.

May I also suggest the Mozilla SSL configuration generator at https://ssl-config.mozilla.org/? This includes instructions for the inclusion of the ffdhe2048 parameters.

Or even better: just remove all classic DH ciphers from your cipher suit list.. :stuck_out_tongue: Unless you absolutely require these due to client compatibility.

13 Likes
3

Hi Osiris,

I love the last suggestion since it seems to be much easier :smiley:

This is my suit list:

SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA

How do I know which to remove?

Thanks :slight_smile:

2 Likes
4

I changed to the cipher suit from Firefox:

ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384

Which works great.

I still want to use 2048-bit Diffie Hellman Group and seek help to do so, thanks!

2 Likes
5

I don't understand. Why would you still want to use classic DH groups without classic DH cipher suits? It's either both or neither.

Edit: Although I see you haven't actually removed the classic DH cipher suits, so I guess you don't want to exclude them totally.

The Mozilla SSL generator should provide enough info.

10 Likes
6

Please take a look at Key Exchange Parameters:

1 Like
7

I tried to, its a mistake, thanks for letting me know. I don't know how to do so :smiley:

2 Likes
8

Thanks.

What are the correct paths?

SSLCertificateFile /path/to/signed_cert_and_intermediate_certs_and_dhparams
SSLCertificateKeyFile /path/to/private_key
/path/to/sslcertfile

These seems to be wrong:

/etc/letsencrypt/live/www.mydomain.net/privkey.pem
/etc/letsencrypt/live/www.mydomain/fullchain.pem

1 Like
9

privkey.pem and fullchain.pem can be used for SSLCertificateKeyFile and SSLCertificateFile respectively, but that would lack your DH params. Certbot does not offer those. However, you could e.g. save https://ssl-config.mozilla.org/ffdhe2048.txt to /etc/letsencrypt/ffdhe2048.txt and use that file to concatenate to fullchain.pem. I suggest to use a script to do that and use that script in the --deploy-hook command of Certbot.

4 Likes
10

Sounds good.

Do you know a link to an example or such where such a script is used in --deploy-hook command?

Thanks again, I really appreciate it!

1 Like
11

Try using:
SSLOpenSSLConfCmd DHParameters /path/to/dhparams.pem

[presuming you are using Apache]

6 Likes
12

See OP:

:wink:

Although reading that error I'm not sure it was actually used in an Apache configuration file or just plain on the command line?

I'm sure OP currently has enough info to combine that Apache configuration command with the ffdhe2048.txt from Mozillas site.

4 Likes
13

Silly me.

What version of OpenSSL are you using?

7 Likes
14

Thanks!

I just created the /etc/letsencrypt/ffdhe2048.txt

and pasted this in it:


-----BEGIN DH PARAMETERS-----
MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz
+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a
87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7
YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi
7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD
ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg==
-----END DH PARAMETERS-----

The I tried this:

SSLOpenSSLConfCmd DHParameters /etc/letsencrypt/live/www.a-c-d.net/privkey.pem

and got: SSLOpenSSLConfCmd: command not found

What am I missing?

And yes, I have a LAMP stack.

Thanks!

2 Likes
15

OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)

Thanks!

2 Likes
16

Two things:

  • What do you mean with "I tried"? Did you just type that in the command line? Or at the appropriate place in an Apache configuration file?
  • Why are you using privkey.pem as the option for the DHParameters? That doesn't make much (read: any) sense. The DHParameters option for SSLOpenSSLConfCmd expects, well... DH parameters.. And you've just pasted them into /etc/letsencrypt/ffdhe2048.txt.
4 Likes
17

I am in doubt if /path/to/dhparams.pem is

/etc/letsencrypt/live/www.a-c-d.net/privkey.pem

Thanks!

2 Likes
18

That should be:
SSLOpenSSLConfCmd DHParameters /etc/letsencrypt/ffdhe2048.txt

6 Likes
19

Yea, I am new to this and is in deep water. Yes I just typed it in the command line.

I could really need a good tutorial on this :smiley:

1 Like
20

Ahhhh :smiley:

1 Like