Why doesn't GCM HTTPS work with nginx?

Wed, 02 Jul 2014 10:55:24 -0700 

Since these two are using GCM:

www.ssllabs.com: ECDHE-RSA-AES256-GCM-SHA384
www.google.com: ECDHE-RSA-AES128-GCM-SHA256

We wanted to make our webserver HTTPS connection more secure (don't look at
the self-signed certificate, that doesn't count right now..)

We are using an OpenBSD 5.4 64bit, and the "openssl ciphers" command says
that it supports the "ECDHE-RSA-AES256-GCM-SHA384" cipher. On client side
there is Firefox 30 at least.

So here is how we setup the HTTPS server:

# generate self signed certificate
    openssl genrsa -aes256 -out /etc/ssl/private/server.key 4096
    openssl req -new -key /etc/ssl/private/server.key -out
/etc/ssl/private/server.csr
    openssl x509 -sha512 -req -days 365 -in /etc/ssl/private/server.csr
-signkey /etc/ssl/private/server.key -out /etc/ssl/server.crt

The config:

vi /etc/nginx/nginx.conf
...
    ssl_protocols TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384;
    ssl_prefer_server_ciphers   on;
...

But Firefox says (I translated it from my language..):

A connection to the www.foo.com is interrupted

and ssllabs ( https://www.ssllabs.com/ssltest/ ) says:

Assessment failed: Failed to communicate with the secure server

Question: How can we set GCM in nginx? Why couldn't a fresh Firefox connect
via HTTPS to foo.com (ECDHE-RSA-AES256-GCM-SHA384,TLSv1.2)? It can connect
to www.ssllabs.com via HTTPS (ECDHE-RSA-AES256-GCM-SHA384,TLSv1.2) so maybe
it's not a client side problem..

[user@localhost ~] openssl s_client -connect www.foo.com:443
CONNECTED(00000003)
depth=0 C = HU, CN = www.foo.com
verify error:num=18:self signed certificate
verify return:1
depth=0 C = HU, CN = www.foo.com
verify return:1
---
Certificate chain
 0 s:/C=HU/CN=www.foo.com
   i:/C=HU/CN=www.foo.com
---
Server certificate
-----BEGIN CERTIFICATE-----
.... here goes the cert..
-----END CERTIFICATE-----
subject=/C=HU/CN=www.foo.com
issuer=/C=HU/CN=www.foo.com
---
No client certificate CA names sent
---
SSL handshake has read 2137 bytes and written 389 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2

Reply via email to