Project

General

Profile

Actions

Feature #4230

closed

Prefer SSL Perfect Forward Secrecy ciphers in UI

Added by Phil Koller almost 10 years ago. Updated over 9 years ago.

Status:
Resolved
Priority:
Normal
Category:
Web Interface
Target version:
Start date:
01/17/2015
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:

Description

Perfect Forward Secrecy (PFS) ciphers should be preferred in the admin interface to further harden the admin web server.

Suggested changed/added settings to the webConfigurator configuration:

ssl.use-compression = "disable" 
ssl.honor-cipher-order = "enable"
ssl.cipher-list = "AES128+EECDH:AES128+EDH:AES128-SHA:!aNULL:!eNULL:!DSS"

This configuration explicitly disables TLS compression and defines the correct cipher order. AES128-SHA is added as a fallback, DSS ciphers should not be used.

The result of

openssl ciphers -v 'AES128+EECDH:AES128+EDH:AES128-SHA:!aNULL:!eNULL:!DSS'

will be:

ECDHE-RSA-AES128-GCM-SHA256   TLSv1.2 Kx=ECDH Au=RSA   Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES128-SHA256       TLSv1.2 Kx=ECDH Au=RSA   Enc=AES(128)  Mac=SHA256
ECDHE-ECDSA-AES128-SHA256     TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128)  Mac=SHA256
ECDHE-RSA-AES128-SHA          SSLv3 Kx=ECDH   Au=RSA   Enc=AES(128)  Mac=SHA1
ECDHE-ECDSA-AES128-SHA        SSLv3 Kx=ECDH   Au=ECDSA Enc=AES(128)  Mac=SHA1
DHE-RSA-AES128-GCM-SHA256     TLSv1.2 Kx=DH   Au=RSA   Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-SHA256         TLSv1.2 Kx=DH   Au=RSA   Enc=AES(128)  Mac=SHA256
DHE-RSA-AES128-SHA            SSLv3 Kx=DH     Au=RSA   Enc=AES(128)  Mac=SHA1
AES128-SHA                    SSLv3 Kx=RSA    Au=RSA   Enc=AES(128)  Mac=SHA1

Background:
https://raymii.org/s/tutorials/Strong_SSL_Security_On_lighttpd.html

Actions

Also available in: Atom PDF