Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Supporting ML-KEM with TLS 1.3 - a new default in Chrome |
|
| Author |
|
labradort
Joined: 15 Nov 2024
Posts: 2
Location: Canada, Kentville NS
|
 Posted: Fri 15 Nov '24 14:47 Post subject: Supporting ML-KEM with TLS 1.3 - a new default in Chrome |
 |
|
Hello,
Our Apache site stopped working with Chrome users when they received browser updates this week.
The error was SSLProtocol Error on the web page, and nothing was logged in Apache.
Firefox and Edge loaded the site fine - the problem was specific to Chrome.
Everything was A+ in the Qualsys SSL Labs report - no hints of a bad configuration.
When chrome was run in debug mode, the screen behind showed:
[2464:1112:1113/152621.301:ERROR:registration_request.cc(291)] Registration response error message: DEPRECATED_ENDPOINT
[7780:11388:1113/152638.287:ERROR:ssl_client_socket_impl.cc(878)] handshake failed; returned -1, SSL error code 1, net_error -107
A colleague discovered that when ML-KEM with TLS 1.3 option was disabled in Chrome, then the site loaded properly.
I went through all the suggestions from ChatGPT for getting Apache configured to support this new feature in TLS 1.3.
In particular, it suggested:
SSLCipherSuite TLSv1.3:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384
I tried this in the Apache we're running - the 2.4.62 release from September 2024. It wouldn't start like that. Apparently this isn't supported on the Apache for Windows.
Our workaround is to run the site with only TLS 1.2 for the time being so that Chrome users can access it. |
|
| Back to top |
|
labradort
Joined: 15 Nov 2024
Posts: 2
Location: Canada, Kentville NS
|
| Posted: Fri 15 Nov '24 22:15 Post subject: Resolved |
|
|
I've noticed another thread here about TLS 1.3 and it pointed to a page here documenting the best setup.
Based on that, I used:
SSLUseStapling On
SSLSessionCache shmcb:C:/Windows/Temp/ssl_gcache_data(512000)
SSLStaplingCache shmcb:C:/Windows/Temp/ssl_stapling_data(512000)
SSLOptions +StrictRequire +StdEnvVars -ExportCertData
SSLProtocol -all +TLSv1.2 +TLSv1.3
SSLCompression Off
SSLHonorCipherOrder On
SSLCipherSuite SSL ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384
SSLCipherSuite TLSv1.3 TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384
SSLOpenSSLConfCmd ECDHParameters secp521r1
SSLOpenSSLConfCmd Curves secp521r1:secp384r1
This seems to have satisfied Chrome since the Nov 12th patch.
Really, the idea that one can put in a minimum SSL configuration and run the site that way is becoming outdated as the web browsers insist on the latest tech.
I recommend that the packaging for Apache24 take this into account and provide the better recommendation within the
file httpd-ssl.conf as it is shipped. |
|
| Back to top |
|
|
|
|
|
|
