HOWTO: A+ with all 100%'s on SSL Labs test using apache2.4 (READ WARNINGS)


#41

@ScottHelme has a nice article for nginx users to check the TLS protocol and cipher usage https://scotthelme.co.uk/monitoring-http-2-usage-in-the-wild/ and in comments section links to how to do the same for Apache http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#envvars

so could be useful to profile your visitor’s and their clients

I followed Scott’s example and profiled my forums HTTP/TLS protocol and SSL cipher usage too https://community.centminmod.com/threads/http-tls-protocol-and-ssl-cipher-usage-statistics-logging.4985/ :slight_smile:

This + web browser profiling HOWTO: A+ with all 100%'s on SSL Labs test using apache2.4 (READ WARNINGS) would help folks decide on the cipher preferences they want to support based on their visitor and visitors’ clients profiles.


#42

In order to get 100% in the Key Exchange bar on my server running Apache 2.4.7 and OpenSSL 1.0.1f, I had to also specify a curve with a 384-bit field strength, as the default curve secp256r1 has less equivalent strength than 4096bit RSA.

To see what 384 bit curves you support, run openssl ecparam -list_curves | grep 384; you’ll probably see secp384r1. In which case you can get the output of openssl ecparam -name secp384r1 and put it in your leaf cert’s pubic file between the cert and the dhparams (I’m not 100% sure you have to put it between, or if it could also work after the dhparams). Alternatively, you can put the output of that command in its own file and specify it in your Apache config with SSLOpenSSLConfCmd ECDHParameters; similar to SSLOpenSSLConfCmd DHParameters, I believe it only works with Apache 2.4.8 or later with Openssl 1.0.2 or later.


#43
  1. You should not use any curve greater or equal 384
  2. Since the cert file will updated on regular basis i would not recommend to put the parameter there.
    p.s. It is also possible to Fake the result (https://www.ssllabs.com/ssltest/analyze.html?d=suche.org)

#44

and using that faking it might be easy enough to clear that mega challenge of conquering both testers.


#45
  1. Nope the challenge was extra with the hint without tricks. Because it should show the users that it is not possible
    to always reach different goals at the same time.
  2. SSL-Labs does an handshake simulation that i can match via fingerprinting to one individual browser.
    On the the side the pci test scan for ciphersuites like the rating part of ssla labs does and look at the found
    cipher suites. So ist may not even possible (except ip based) to reach both 100% marks.
    -> My trick is neither IP based nor test specific like saying the n’th connection from this server get other config.

#46

well I just thought that a server must connect (i.e. send a clienthello) to see what you can do) and with that I thought you could serve specific to the tests


#47

The server does an whole series of connection more than 50 to see all supported suited.
And ssllabs also do connections that are identical to existing browsers.


#48

An easier way to get A+ on Apache without 4096 bit encryption keys is by enabling HTTP Strict Transport Security

  1. Open your vhosts file located at /etc/apache2/sites-enabled

Disable ssl v3

Add this line to your Vhosts

SSLProtocol all -SSLv2 -SSLv3

  1. Add this line also to your vhosts at the very top just below the VirtualHost 443

Header always set Strict-Transport-Security “max-age=31536000; includeSubDomains”

  1. Run on ssh

a2enmod headers

  1. Redirect http to https by adding just below the VirtualHost *:80

VirtualHost *:80
Redirect / https://www.yourdomain.com/

  1. Add this cipher suites to your VirtualHost *:443

SSLHonorCipherOrder on
SSLCipherSuite “EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4”

  1. Restart Apache2

Service apache2 restart

or

/etc/init.d/apache2 restart

You should now have an A+


#49

Make sure you understand the full implications before using this though :wink:


#50

You now need secp384r1 and disable secp256r1 (prime256v1) to get full A+ and 4x 100%

https://www.tls.builders/servers#ap-248
NOTE: Requires Apache 2.4.8+ and OpenSSL 1.0.2+


#51

I still don’t understand why the first post is still that incorrect. E.g. I pinning the private key is completely brainless although I hope it is note a security risk, but I can’t say it is no one.

So again, if someone did not understand it until now: Do not follow this guide!


#52

He doesn’t pin the private key, he extract the public key from the private key, Am I wrong?

Please avoid jugement like brainless, it’s insulting.


#53

Okay, indeed it outputs the public key. So I’ll take this argument back.


#54

It’s just not very well formulated in the section :slight_smile:


#55

well even if, the pin is a hash and even the hash of the privkey wont help much.


#56

The code of the first post pin the public key (extracted from the private key). But the consequence of pinning the public key is that the private key is pinned too because they are linked : only the person having the private key can generate valid certificate for that pin. But yes, the wording of the post is confusing


#57

Pinning the hash of a private key is useless anyway, because the client can only verify public keys by definition… Unless your webserver is doing very, very stupid things :stuck_out_tongue:


#58

8 posts were merged into an existing topic: Perfect SSL-Security vs. Rest of Server Config


#59

This is great. But SSLCipherSuite "HIGH:!aNULL:!MD5:!3DES:!CAMELLIA:!AES128" will break with HTTP/2 as some ciphers are Blacklisted.

Blacklisted Ciphers
Good read on HTTP/2 implementation

EDIT
In addition, using 4096 RSA keys and DHParams are great. But the longer the key, the more resources are needed to handle it causing performance issues. Might not be noticeable in smaller implementations. That’s why the industry standard is 2048 since its already “enough” according to SSL Labs Best Practice . And that’s why we all can’t wait for letsencrypt to get ECC out! :slight_smile:


#60

Will? Or may? Because the first link you give says “MAY”…