logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: TLS 1.3 security requirement
Author
Shrinidhi0409



Joined: 24 Sep 2021
Posts: 18
Location: India

PostPosted: Thu 23 Dec '21 15:07    Post subject: TLS 1.3 security requirement Reply with quote

[i]Hi Team,

We are using Apache version 2.4.35 and TLS 1.2 in our application. We have security requirement as below,

1. We have to use TLS 1.3 along with TLS 1.2 and apache 2.4.35 in our application.
2. The TLS 1.2 protocol should support only ChaCha20-Poly1305, AES-GCM, AES-CCM , rest all the other ciphers should be prohibited.
3. TLS 1.3 should support all RFC-8446 ciphers

Can you please let me know regarding the configuration needs to be done with respect to above requirements?
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Wed 29 Dec '21 19:40    Post subject: Reply with quote

Hi Shrinidhi,

your config could be

Code:

<If "%{SERVER_PORT} == '443'">
        <IfModule mod_headers.c>
                Header always set Strict-Transport-Security "max-age=31536000; preload"
        </IfModule>
</If>
SSLUseStapling On
SSLOptions +StrictRequire +StdEnvVars -ExportCertData
SSLProtocol -all +TLSv1.2 +TLSv1.3
SSLCompression Off
SSLHonorCipherOrder On
SSLCipherSuite SSL ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384
SSLCipherSuite TLSv1.3 TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384
SSLOpenSSLConfCmd ECDHParameters secp521r1
SSLOpenSSLConfCmd Curves sect571r1:sect571k1:secp521r1:sect409k1:sect409r1:secp384r1

SSLOpenSSLConfCmd SignatureAlgorithms rsa_pss_rsae_sha512:rsa_pss_rsae_sha256:ECDSA+SHA512:ECDSA+SHA256:RSA+SHA512:RSA+SHA256
SSLOpenSSLConfCmd ClientSignatureAlgorithms rsa_pss_rsae_sha512:rsa_pss_rsae_sha256:ECDSA+SHA512:ECDSA+SHA256:RSA+SHA512:RSA+SHA256
Back to top
Shrinidhi0409



Joined: 24 Sep 2021
Posts: 18
Location: India

PostPosted: Tue 04 Jan '22 11:41    Post subject: Reply with quote

Hi

We added the suggested configuration to ssl.conf file. But we ended up with below mentioned error. Can you please let us know what is wrong with configuration added?

SSLProtocol: Illegal protocol 'TLSv1.3'
Failed to establish connection with web server. Gracefully shutting down VMS

Regards,
Shrinidhi S
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Tue 04 Jan '22 13:11    Post subject: Reply with quote

Shrinidhi0409 wrote:

SSLProtocol: Illegal protocol 'TLSv1.3'


Your OpenSSL version is too old. TLS v 1.3 came with OpenSSL 1.1.1.

Shrinidhi0409 wrote:

Gracefully shutting down VMS


it seems you are not using Windows, don't you?
Back to top
Shrinidhi0409



Joined: 24 Sep 2021
Posts: 18
Location: India

PostPosted: Mon 10 Jan '22 7:47    Post subject: Reply with quote

We are using both windows and linux. Open ssl version is 1.1.1 g.

Can you please let us know where it is going wrong?
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Mon 10 Jan '22 21:16    Post subject: Reply with quote

Your mod_ssl is not compiled against OpenSSL 1.1.1
On windows you may download the last version from Apache Lounge and updated your apache.

On your Linux distro I don't know since I don't know that Distro you are using in what version.
Back to top
nono303



Joined: 20 Dec 2016
Posts: 205
Location: Lille, FR, EU

PostPosted: Tue 18 Jan '22 9:00    Post subject: Reply with quote

Hi,
Currently using @JBlond SSL config above - with OpenSSL 3.0.1 but that doesn't really matter - and mod_md renewal process fail with:
Code:
2022-01-18 07:19:08.466871 - - - md:error md_acme_authz.c(164) pid:6676 tid:1552 [ACME server authz: challenge 'invalid' for mydomain.com at https://acme-v02.api.letsencrypt.org/acme/authz-v3/XXX.
Exact response was: {"identifier":{"type":"dns","value":"mydomain.com "},"status":"invalid","expires":"2022-01-25T06:19:03Z","challenges":[{"type":"tls-alpn-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Incorrect validation certificate for tls-alpn-01 challenge. Missing acmeValidationV1 extension.","status":403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/XXX/XXX","token":"XXX","validationRecord":[{"hostname":"mydomain.com","port":"443","addressesResolved":["x.x.x.x"],"addressUsed":"x.x.x.x"}],"validated":"2022-01-18T06:19:07Z"}]}]

It's works when commenting
Code:
# SSLOpenSSLConfCmd SignatureAlgorithms rsa_pss_rsae_sha512:rsa_pss_rsae_sha256:ECDSA+SHA512:ECDSA+SHA256:RSA+SHA512:RSA+SHA256

As now, I don't have a good understand of the SignatureAlgorithms relation with acmeValidationV1 but if someone can help me understand or deep dive on it, that would be great Wink

Related:
* https://community.letsencrypt.org/t/tls-alpn-01-invalid-acmevalidationv1-extension-value/97235
* https://github.com/icing/mod_md/issues/256
* https://github.com/icing/mod_md/issues/200
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Tue 18 Jan '22 13:05    Post subject: Reply with quote

nono303 wrote:
Hi,
Currently using @JBlond SSL config above - with OpenSSL 3.0.1

I guess you mean 1.0.1 ?

nono303 wrote:

but that doesn't really matter - and mod_md renewal process fail
It's works when commenting
Code:
# SSLOpenSSLConfCmd SignatureAlgorithms rsa_pss_rsae_sha512:rsa_pss_rsae_sha256:ECDSA+SHA512:ECDSA+SHA256:RSA+SHA512:RSA+SHA256



I wonder which Algorithm is used with the acme server!?

nono303 wrote:

As of now, I don't have a good understanding of the SignatureAlgorithms relation with acmeValidationV1 but if someone can help me understand or deep dive on it, that would be great Wink


The Digital signatures.
As the name suggests, a digital signature can be attached to a document or some other electronic artifact (e.g., a program) to vouch for its authenticity. With a public key, it can be verified. Like in PGP.

Signatures Algorithms are the different math functions to create the checksum for the validation with the private key.

Since the provided SSLOpenSSLConfCmd SignatureAlgorithms seems to break the communication between mod_md/apache and v02.api.letsencrypt.org my best guess is that their API does not support those Algorithms or is tries only the first one and fails.
Back to top
nono303



Joined: 20 Dec 2016
Posts: 205
Location: Lille, FR, EU

PostPosted: Tue 18 Jan '22 16:58    Post subject: Reply with quote

Thx @JBlond for your feedback!
Quote:
I guess you mean 1.0.1 ?

I'm using OpenSSL 3.0.1, not 1.0.1
Quote:
I wonder which Algorithm is used with the acme server!?

you mean this? https://www.ssllabs.com/ssltest/analyze.html?d=acme%2dv02.api.letsencrypt.org&s=172.65.32.248&latest
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Tue 18 Jan '22 17:20    Post subject: Reply with quote

nono303 wrote:

I'm using OpenSSL 3.0.1, not 1.0.1


I forgot, that they skipped 2.x

nono303 wrote:

Quote:
I wonder which Algorithm is used with the acme server!?

you mean this? https://www.ssllabs.com/ssltest/analyze.html?d=acme%2dv02.api.letsencrypt.org&s=172.65.32.248&latest


I'm not sure that scan shows the config of https://www.openssl.org/docs/man1.1.1/man3/SSL_CONF_cmd.html -> SignatureAlgorithms and https://httpd.apache.org/docs/trunk/mod/mod_ssl.html#sslopensslconfcmd

A server running my config https://www.ssllabs.com/ssltest/analyze.html?d=apachehaus.de&s=2a03%3a4000%3a3b%3a315%3a428%3a5eff%3afe61%3a8c08&latest and there is nothing to see of pss nor SHA512.
Back to top
nono303



Joined: 20 Dec 2016
Posts: 205
Location: Lille, FR, EU

PostPosted: Tue 18 Jan '22 18:00    Post subject: Reply with quote

Quote:
I'm not sure that scan shows the config of https://www.openssl.org/docs/man1.1.1/man3/SSL_CONF_cmd.html -> SignatureAlgorithms and https://httpd.apache.org/docs/trunk/mod/mod_ssl.html#sslopensslconfcmd


Same for me, quite confuse on how to read scan report...
I've opened a ticket to ask @icing https://github.com/icing/mod_md/issues/276
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Wed 19 Jan '22 10:14    Post subject: Reply with quote

Interesting!

I removed

Code:

SSLOpenSSLConfCmd ECDHParameters secp521r1
SSLOpenSSLConfCmd Curves sect571r1:sect571k1:secp521r1:sect409k1:sect409r1:secp384r1


and still, get a 100% on the SSL test lab test. IIRC that wasn't before. Yet it makes mod_md work. Before I was wondering why it didn't when I tried it. Maybe you are the lucky guy who found out for me. Very Happy
Back to top
nono303



Joined: 20 Dec 2016
Posts: 205
Location: Lille, FR, EU

PostPosted: Wed 19 Jan '22 17:21    Post subject: Reply with quote

Quote:
Maybe you are the lucky guy who found out for me
Embarassed

Concerning ECDHParameters, I didn't use secX5XX or sect4XX (many unsupported cnx...) and use this config:
Code:
SSLOpenSSLConfCmd Curves sect571r1:sect571k1:secp521r1:sect409k1:sect409r1:secp384r1
SSLOpenSSLConfCmd ECDHParameters secp384r1
and with cipher config:
Code:
SSLCipherSuite SSL ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384
SSLCipherSuite TLSv1.3 TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384

I obtain A+ 4*100% on the SSL test lab test, mod_md working and only few handshake_failure for old client (android 5 6, FF31, Safari 6 7 8 )
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Wed 26 Jan '22 14:44    Post subject: Reply with quote

nono303 wrote:

Concerning ECDHParameters, I didn't use secX5XX or sect4XX (many unsupported cnx...)


For my domain "apachehaus de" I get the same result as your server. I also have the same user agent support.
Back to top


Reply to topic   Topic: TLS 1.3 security requirement View previous topic :: View next topic
Post new topic   Forum Index -> Apache