RE: Enable SSL Forward Secrecy

[Rachel Davis]

Hi,

I recently started receiving the emails for jgronow...@ditronics.com, can you 
please remove this name from whatever list this is?

Regards,

Rachel Davis
IT Help Desk

7699 W. Post Road
Las Vegas, NV  89113
Mobile: 702.600.0472
Customer Service: 800.845.3065
Website:  www.ditronics.com

-Original Message-
From: Willy Tarreau [mailto:w...@1wt.eu]
Sent: Friday, September 1, 2017 10:55 AM
To: Daniel Schneller 
Cc: Lukas Tribus ; Julian Zielke 
; Cyril Bonté ; 
haproxy+h...@formilux.org 
Subject: Re: Enable SSL Forward Secrecy

On Fri, Sep 01, 2017 at 07:37:50PM +0200, Daniel Schneller wrote:
> Hi,
>
> inspired by this, I added a paragraph with links to the documentation.
> Small patch attached.

Cool, thanks Daniel, now applied.

Willy



Ditronics, LLC email disclaimer:
This communication, including attachments, is intended only for the exclusive 
use of addressee and may contain proprietary, confidential, or privileged 
information. Any use, review, duplication, disclosure, dissemination, or 
distribution is strictly prohibited. If you were not the intended recipient, 
you have received this communication in error. Please notify sender immediately 
by return e-mail, delete this communication, and destroy any copies.

Re: Enable SSL Forward Secrecy

[Willy Tarreau]

On Fri, Sep 01, 2017 at 07:37:50PM +0200, Daniel Schneller wrote:
> Hi,
> 
> inspired by this, I added a paragraph with links to the documentation.
> Small patch attached.

Cool, thanks Daniel, now applied.

Willy

Re: Enable SSL Forward Secrecy

[Daniel Schneller]

Hi,inspired by this, I added a paragraph with links to the documentation.Small patch attached.Cheers,Daniel

0001-DOC-Refer-to-Mozilla-TLS-info-config-generator.patch
Description: Binary data

-- Daniel SchnellerPrincipal Cloud Engineer CenterDevice GmbH                  | Hochstraße 11                                   | 42697 Solingentel: +49 1754155711                | Deutschlanddaniel.schnel...@centerdevice.de   | www.centerdevice.deGeschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,Michael Rosbach, Handelsregister-Nr.: HRB 18655,HR-Gericht: Bonn, USt-IdNr.: DE-815299431

On 1. Sep. 2017, at 19:05, Willy Tarreau  wrote:On Fri, Sep 01, 2017 at 07:04:36PM +0200, Willy Tarreau wrote:Hi Cyril,s/Cyril/Lukas, sorry guys, that's what happens when I read one e-mailand reply to another one at the same time :-)Willy

Re: Enable SSL Forward Secrecy

[Willy Tarreau]

On Fri, Sep 01, 2017 at 07:04:36PM +0200, Willy Tarreau wrote:
> Hi Cyril,

s/Cyril/Lukas, sorry guys, that's what happens when I read one e-mail
and reply to another one at the same time :-)

Willy

Re: Enable SSL Forward Secrecy

[Willy Tarreau]

Hi Cyril,

On Wed, Aug 30, 2017 at 06:55:07PM +0200, Lukas Tribus wrote:
> Hello,
> 
> 
> > Hehe yikes! This was it. It's normal that someone get's lost in all
> > this cipher crap and it should be written in the HaProxy manual as
> > an important step on how to harden security.
> 
> Its not a good idea to suggest specific cipher settings in the manual, as
> the situation may change faster than we are able to update it; especially
> considering lack of backports to packages in distro repositories.
> 
> Instead I would suggest to take the advice of trusted sources (as opposed
> to random blog posts) like Mozilla:
> 
> https://wiki.mozilla.org/Security/Server_Side_TLS
> https://mozilla.github.io/server-side-tls/ssl-config-generator/

I totally agree with you on this, and I think the best solution would be
to put a few such trustable links in the doc so that users directly find
the information from reliable sources.

Willy

Re: Enable SSL Forward Secrecy

[Lukas Tribus]

Hello,


> Hehe yikes! This was it. It’s normal that someone get’s lost in all
> this cipher crap and it should be written in the HaProxy manual as
> an important step on how to harden security.

Its not a good idea to suggest specific cipher settings in the manual, as
the situation may change faster than we are able to update it; especially
considering lack of backports to packages in distro repositories.

Instead I would suggest to take the advice of trusted sources (as opposed
to random blog posts) like Mozilla:

https://wiki.mozilla.org/Security/Server_Side_TLS
https://mozilla.github.io/server-side-tls/ssl-config-generator/



cheers,
lukas

AW: Enable SSL Forward Secrecy

[Julian Zielke]

Hehe yikes! This was it. It’s normal that someone get’s lost in all this cipher 
crap and it should be written in the HaProxy manual as an important step on how 
to harden security.

Thank you guys for your help! Really appreciate it!


  *   Julian

Von: Daniel Schneller [mailto:daniel.schnel...@centerdevice.com]
Gesendet: Mittwoch, 30. August 2017 15:54
An: Cyril Bonté 
Cc: Julian Zielke ; 
haproxy+h...@formilux.org 
Betreff: Re: Enable SSL Forward Secrecy

Darn! Looking at the “openssl ciphers” Julian provided earlier, my mind 
“autocompleted" the missing trailing “E” in ECDH (/me facepalms).

Thanks, Cyril, for pointing that out!

I was starting to doubt myself here :)

Cheers,
Daniel

--
Daniel Schneller
Principal Cloud Engineer

CenterDevice GmbH  | Hochstraße 11
   | 42697 Solingen
tel: +49 1754155711| Deutschland
daniel.schnel...@centerdevice.de<mailto:daniel.schnel...@centerdevice.de>   | 
www.centerdevice.de<http://www.centerdevice.de>

Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
Michael Rosbach, Handelsregister-Nr.: HRB 18655,
HR-Gericht: Bonn, USt-IdNr.: DE-815299431

On 30. Aug. 2017, at 15:41, Cyril Bonté 
mailto:cyril.bo...@free.fr>> wrote:

De: "Julian Zielke" 
mailto:jzie...@next-level-integration.com>>
À: "Cyril Bonté" mailto:cyril.bo...@free.fr>>
Cc: haproxy@formilux.org<mailto:haproxy@formilux.org>
Envoyé: Mercredi 30 Août 2017 15:11:47
Objet: AW: Enable SSL Forward Secrecy

Hi Cyril,

tired it without success. Maybe HaProxy isn't just capable of doing
this.

Oh well, indeed the "!kECDHE" excludes the ciphers from the list.
You should retry without it (with or without RFC names in the ciphers list)


ssl-default-bind-ciphers
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH
:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE

Cyril Bonté


Wichtiger Hinweis: Der Inhalt dieser E-Mail ist vertraulich und ausschließlich 
für den bezeichneten Adressaten bestimmt. Wenn Sie nicht der vorgesehene 
Adressat dieser E-Mail oder dessen Vertreter sein sollten, so beachten Sie 
bitte, dass jede Form der Kenntnisnahme, Veröffentlichung, Vervielfältigung 
oder Weitergabe des Inhalts dieser E-Mail unzulässig ist. Wir bitten Sie, sich 
in diesem Fall mit dem Absender der E-Mail in Verbindung zu setzen. Wir möchten 
Sie außerdem darauf hinweisen, dass die Kommunikation per E-Mail über das 
Internet unsicher ist, da für unberechtigte Dritte grundsätzlich die 
Möglichkeit der Kenntnisnahme und Manipulation besteht

Important Note: The information contained in this e-mail is confidential. It is 
intended solely for the addressee. Access to this e-mail by anyone else is 
unauthorized. If you are not the intended recipient, any form of disclosure, 
reproduction, distribution or any action taken or refrained from in reliance on 
it, is prohibited and may be unlawful. Please notify the sender immediately. We 
also would like to inform you that communication via e-mail over the internet 
is insecure because third parties may have the possibility to access and 
manipulate e-mails.

Re: Enable SSL Forward Secrecy

[Daniel Schneller]

Darn! Looking at the “openssl ciphers” Julian provided earlier, my mind 
“autocompleted" the missing trailing “E” in ECDH (/me facepalms).

Thanks, Cyril, for pointing that out!

I was starting to doubt myself here :)

Cheers,
Daniel

-- 
Daniel Schneller
Principal Cloud Engineer
 
CenterDevice GmbH  | Hochstraße 11
   | 42697 Solingen
tel: +49 1754155711| Deutschland
daniel.schnel...@centerdevice.de   | www.centerdevice.de

Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
Michael Rosbach, Handelsregister-Nr.: HRB 18655,
HR-Gericht: Bonn, USt-IdNr.: DE-815299431


> On 30. Aug. 2017, at 15:41, Cyril Bonté  wrote:
> 
>> De: "Julian Zielke" 
>> À: "Cyril Bonté" 
>> Cc: haproxy@formilux.org
>> Envoyé: Mercredi 30 Août 2017 15:11:47
>> Objet: AW: Enable SSL Forward Secrecy
>> 
>> Hi Cyril,
>> 
>> tired it without success. Maybe HaProxy isn't just capable of doing
>> this.
> 
> Oh well, indeed the "!kECDHE" excludes the ciphers from the list.
> You should retry without it (with or without RFC names in the ciphers list)
> 
>>> ssl-default-bind-ciphers
>>> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
>>> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH
>>> :!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE
> 
> Cyril Bonté
> 

Re: AW: Enable SSL Forward Secrecy

[Cyril Bonté]

> De: "Julian Zielke" 
> À: "Cyril Bonté" 
> Cc: haproxy@formilux.org
> Envoyé: Mercredi 30 Août 2017 15:11:47
> Objet: AW: Enable SSL Forward Secrecy
> 
> Hi Cyril,
> 
> tired it without success. Maybe HaProxy isn't just capable of doing
> this.

Oh well, indeed the "!kECDHE" excludes the ciphers from the list.
You should retry without it (with or without RFC names in the ciphers list)

> > ssl-default-bind-ciphers
> > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
> > TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH
> > :!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE

Cyril Bonté

AW: Enable SSL Forward Secrecy

[Julian Zielke]

Hi Cyril,

tired it without success. Maybe HaProxy isn't just capable of doing this.

 Julian

-Ursprüngliche Nachricht-
Von: Cyril Bonté [mailto:cyril.bo...@free.fr]
Gesendet: Mittwoch, 30. August 2017 14:49
An: Julian Zielke 
Cc: haproxy@formilux.org
Betreff: Re: Enable SSL Forward Secrecy

Hi Julian,

> De: "Julian Zielke" 
> Hi,
>
> I’m struggeling with enabling SSL forward secrecy in my haproxy 1.7
> setup.
>
> So far the global settings look like:
>
> tune.ssl.default-dh-param 2048 # tune shared secred to 2048bits

> ssl-default-bind-options force-tlsv12 no-sslv3
> ssl-default-bind-ciphers
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH
> :!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE

Please retry by replacing the RFC names with the openssl ones.
Look at this page for details : 
https://wiki.openssl.org/index.php/Manual:Ciphers(1)

For example with :
ssl-default-bind-ciphers 
ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE

I think that with this ciphers list, ECHDE ones should now be available.

Cyril Bonté
Wichtiger Hinweis: Der Inhalt dieser E-Mail ist vertraulich und ausschließlich 
für den bezeichneten Adressaten bestimmt. Wenn Sie nicht der vorgesehene 
Adressat dieser E-Mail oder dessen Vertreter sein sollten, so beachten Sie 
bitte, dass jede Form der Kenntnisnahme, Veröffentlichung, Vervielfältigung 
oder Weitergabe des Inhalts dieser E-Mail unzulässig ist. Wir bitten Sie, sich 
in diesem Fall mit dem Absender der E-Mail in Verbindung zu setzen. Wir möchten 
Sie außerdem darauf hinweisen, dass die Kommunikation per E-Mail über das 
Internet unsicher ist, da für unberechtigte Dritte grundsätzlich die 
Möglichkeit der Kenntnisnahme und Manipulation besteht

Important Note: The information contained in this e-mail is confidential. It is 
intended solely for the addressee. Access to this e-mail by anyone else is 
unauthorized. If you are not the intended recipient, any form of disclosure, 
reproduction, distribution or any action taken or refrained from in reliance on 
it, is prohibited and may be unlawful. Please notify the sender immediately. We 
also would like to inform you that communication via e-mail over the internet 
is insecure because third parties may have the possibility to access and 
manipulate e-mails.

Re: Enable SSL Forward Secrecy

[Cyril Bonté]

Hi Julian,

> De: "Julian Zielke" 
> Hi,
> 
> I’m struggeling with enabling SSL forward secrecy in my haproxy 1.7
> setup.
> 
> So far the global settings look like:
> 
> tune.ssl.default-dh-param 2048 # tune shared secred to 2048bits

> ssl-default-bind-options force-tlsv12 no-sslv3
> ssl-default-bind-ciphers
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE

Please retry by replacing the RFC names with the openssl ones.
Look at this page for details : 
https://wiki.openssl.org/index.php/Manual:Ciphers(1)

For example with :
ssl-default-bind-ciphers 
ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE

I think that with this ciphers list, ECHDE ones should now be available.

Cyril Bonté

Re: Enable SSL Forward Secrecy

[Daniel Schneller]

Ok, running out of ideas here.
You might want to try re-enabling TLS 1.0 and 1.1, just to to see if the 
response clients see changes at all.
Please post the haproxy log output  — if necessary, reproduce on a separate 
instance, should it contain sensitive information.

If that doesn’t shed any light, you need to capture the traffic on the haproxy 
host — ideally you can filter by source IP to ensure you don’t get any “real” 
traffic in there. No idea if ssllabs comes from a predictable IP, but if not, 
you might use  https://github.com/rbsec/sslscan 
<https://github.com/rbsec/sslscan>  for a similar scan, but from a local 
network. That way you'd know the client IP.

Then either look at the pcap file with Wireshark — which should be able to show 
the handshaking attempts in detail — or upload it somewhere for others to see.
In that case, make especially sure that you don’t have any real traffic in 
there.

Daniel

-- 
Daniel Schneller
Principal Cloud Engineer
 
CenterDevice GmbH  | Hochstraße 11
   | 42697 Solingen
tel: +49 1754155711| Deutschland
daniel.schnel...@centerdevice.de   | www.centerdevice.de

Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
Michael Rosbach, Handelsregister-Nr.: HRB 18655,
HR-Gericht: Bonn, USt-IdNr.: DE-815299431


> On 30. Aug. 2017, at 12:56, Julian Zielke 
>  wrote:
> 
> Hi,
>  
> I see the handshake failures in debug mode, yes. The machine inly has 
> IPTABLES running with a few rules but not SNAT, DNAT or any
> other kind of software instance in front of it.
>  
> Here’s a small part of the config:
>  
> frontend f_ui_https_vonovia_00_01
>   bind :443 ssl crt /dvol01/haproxy/certs/
>   bind-process 1
>   mode http
>   reqadd x-forwarded-proto:\ https # force https
>   option forwardfor except 127.0.0.1
>   monitor-uri /haproxy_test
>   option httplog # log http header information (in debug-mode)
>   option http-ignore-probes # ignore preload-functions of some browsers
>   ⋮
>  
> The rest is just an acl-group filtering IPs on certain URLs and a 
> response-rewrite from the server’s hostname because it response with his 
> internal servername rather than
> the URL being called with.
>  
> Julian
>  
> Von: Daniel Schneller [mailto:daniel.schnel...@centerdevice.com 
> <mailto:daniel.schnel...@centerdevice.com>] 
> Gesendet: Mittwoch, 30. August 2017 12:40
> An: Julian Zielke  <mailto:jzie...@next-level-integration.com>>
> Cc: Georg Faerber mailto:ge...@riseup.net>>; 
> haproxy+h...@formilux.org <mailto:haproxy+h...@formilux.org> 
> mailto:haproxy@formilux.org>>
> Betreff: Re: Enable SSL Forward Secrecy
>  
> Well, that’s quite extensive.
>  
> But still, the server at portal-vonovia.next-level-apps.com 
> <http://portal-vonovia.next-level-apps.com/> only agrees to one of 
>  
> TLS_RSA_WITH_AES_256_CBC_SHA (0x35)
> TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)
>  
> which according to https://testssl.sh/openssl-rfc.mapping.html 
> <https://testssl.sh/openssl-rfc.mapping.html> correspond to 
>  
> AES256-SHA
> AES128-SHA
>  
> in the OpenSSL cipher names — both obviously without FS.
>  
> Are you sure your DNS resolves to the haproxy in question, and that there is 
> nothing in between it and external clients? Any other TLS aware 
> proxies/firewalls?
> Can you post a minimal haproxy config that reproduces the issue?
>  
> Please verify you can see the requests coming in by checking haproxy’s log. 
> You should be able to at least see the requests being rejected due to bad 
> handshakes.
>  
> Daniel
>  
> -- 
> Daniel Schneller
> Principal Cloud Engineer
>  
> CenterDevice GmbH  | Hochstraße 11
>| 42697 Solingen
> tel: +49 1754155711| Deutschland
> daniel.schnel...@centerdevice.de <mailto:daniel.schnel...@centerdevice.de>   
> | www.centerdevice.de <http://www.centerdevice.de/>
> 
> Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
> Michael Rosbach, Handelsregister-Nr.: HRB 18655,
> HR-Gericht: Bonn, USt-IdNr.: DE-815299431
> 
>  
> On 30. Aug. 2017, at 12:26, Julian Zielke  <mailto:jzie...@next-level-integration.com>> wrote:
>  
> Whoips I copied thw wrong line. Here’s the output:
>  
> ECDHE-RSA-AES256-GCM-SHA384
> ECDHE-ECDSA-AES256-GCM-SHA384
> ECDHE-RSA-AES256-SHA384
> ECDHE-ECDSA-AES256-SHA384
> ECDHE-RSA-AES256-SHA
> ECDHE-ECDSA-AES256-SHA
> SRP-DSS-AES-256-CBC-SHA
> SRP-RSA-AES-256-CBC-SHA
> SRP-AES-256-CBC-SHA
> DH-DSS-AES256-GCM-SHA384
> DHE-DSS-AES256-GCM-SHA384
> DH-RSA-AES256-GCM-SHA384
> DHE-RSA-AES256-GCM-SHA384
> DHE-RSA-AES256-SHA256
> DHE-DSS-AES

AW: Enable SSL Forward Secrecy

[Julian Zielke]

Hi,

I see the handshake failures in debug mode, yes. The machine inly has IPTABLES 
running with a few rules but not SNAT, DNAT or any
other kind of software instance in front of it.

Here’s a small part of the config:

frontend f_ui_https_vonovia_00_01
  bind :443 ssl crt /dvol01/haproxy/certs/
  bind-process 1
  mode http
  reqadd x-forwarded-proto:\ https # force https
  option forwardfor except 127.0.0.1
  monitor-uri /haproxy_test
  option httplog # log http header information (in debug-mode)
  option http-ignore-probes # ignore preload-functions of some browsers
  ⋮

The rest is just an acl-group filtering IPs on certain URLs and a 
response-rewrite from the server’s hostname because it response with his 
internal servername rather than
the URL being called with.

Julian

Von: Daniel Schneller [mailto:daniel.schnel...@centerdevice.com]
Gesendet: Mittwoch, 30. August 2017 12:40
An: Julian Zielke 
Cc: Georg Faerber ; haproxy+h...@formilux.org 

Betreff: Re: Enable SSL Forward Secrecy

Well, that’s quite extensive.

But still, the server at 
portal-vonovia.next-level-apps.com<http://portal-vonovia.next-level-apps.com> 
only agrees to one of

TLS_RSA_WITH_AES_256_CBC_SHA (0x35)
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)

which according to https://testssl.sh/openssl-rfc.mapping.html correspond to

AES256-SHA
AES128-SHA

in the OpenSSL cipher names — both obviously without FS.

Are you sure your DNS resolves to the haproxy in question, and that there is 
nothing in between it and external clients? Any other TLS aware 
proxies/firewalls?
Can you post a minimal haproxy config that reproduces the issue?

Please verify you can see the requests coming in by checking haproxy’s log. You 
should be able to at least see the requests being rejected due to bad 
handshakes.

Daniel

--
Daniel Schneller
Principal Cloud Engineer

CenterDevice GmbH  | Hochstraße 11
   | 42697 Solingen
tel: +49 1754155711| Deutschland
daniel.schnel...@centerdevice.de<mailto:daniel.schnel...@centerdevice.de>   | 
www.centerdevice.de<http://www.centerdevice.de>

Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
Michael Rosbach, Handelsregister-Nr.: HRB 18655,
HR-Gericht: Bonn, USt-IdNr.: DE-815299431

On 30. Aug. 2017, at 12:26, Julian Zielke 
mailto:jzie...@next-level-integration.com>> 
wrote:

Whoips I copied thw wrong line. Here’s the output:

ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA
ECDHE-ECDSA-AES256-SHA
SRP-DSS-AES-256-CBC-SHA
SRP-RSA-AES-256-CBC-SHA
SRP-AES-256-CBC-SHA
DH-DSS-AES256-GCM-SHA384
DHE-DSS-AES256-GCM-SHA384
DH-RSA-AES256-GCM-SHA384
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES256-SHA256
DHE-DSS-AES256-SHA256
DH-RSA-AES256-SHA256
DH-DSS-AES256-SHA256
DHE-RSA-AES256-SHA
DHE-DSS-AES256-SHA
DH-RSA-AES256-SHA
DH-DSS-AES256-SHA
DHE-RSA-CAMELLIA256-SHA
DHE-DSS-CAMELLIA256-SHA
DH-RSA-CAMELLIA256-SHA
DH-DSS-CAMELLIA256-SHA
ECDH-RSA-AES256-GCM-SHA384
ECDH-ECDSA-AES256-GCM-SHA384
ECDH-RSA-AES256-SHA384
ECDH-ECDSA-AES256-SHA384
ECDH-RSA-AES256-SHA
ECDH-ECDSA-AES256-SHA
AES256-GCM-SHA384
AES256-SHA256
AES256-SHA
CAMELLIA256-SHA
PSK-AES256-CBC-SHA
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-ECDSA-AES128-SHA256
ECDHE-RSA-AES128-SHA
ECDHE-ECDSA-AES128-SHA
SRP-DSS-AES-128-CBC-SHA
SRP-RSA-AES-128-CBC-SHA
SRP-AES-128-CBC-SHA
DH-DSS-AES128-GCM-SHA256
DHE-DSS-AES128-GCM-SHA256
DH-RSA-AES128-GCM-SHA256
DHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES128-SHA256
DHE-DSS-AES128-SHA256
DH-RSA-AES128-SHA256
DH-DSS-AES128-SHA256
DHE-RSA-AES128-SHA
DHE-DSS-AES128-SHA
DH-RSA-AES128-SHA
DH-DSS-AES128-SHA
DHE-RSA-SEED-SHA
DHE-DSS-SEED-SHA
DH-RSA-SEED-SHA
DH-DSS-SEED-SHA
DHE-RSA-CAMELLIA128-SHA
DHE-DSS-CAMELLIA128-SHA
DH-RSA-CAMELLIA128-SHA
DH-DSS-CAMELLIA128-SHA
ECDH-RSA-AES128-GCM-SHA256
ECDH-ECDSA-AES128-GCM-SHA256
ECDH-RSA-AES128-SHA256
ECDH-ECDSA-AES128-SHA256
ECDH-RSA-AES128-SHA
ECDH-ECDSA-AES128-SHA
AES128-GCM-SHA256
AES128-SHA256
AES128-SHA
SEED-SHA
CAMELLIA128-SHA
PSK-AES128-CBC-SHA
ECDHE-RSA-RC4-SHA
ECDHE-ECDSA-RC4-SHA
ECDH-RSA-RC4-SHA
ECDH-ECDSA-RC4-SHA
RC4-SHA
RC4-MD5
PSK-RC4-SHA
ECDHE-RSA-DES-CBC3-SHA
ECDHE-ECDSA-DES-CBC3-SHA
SRP-DSS-3DES-EDE-CBC-SHA
SRP-RSA-3DES-EDE-CBC-SHA
SRP-3DES-EDE-CBC-SHA
EDH-RSA-DES-CBC3-SHA
EDH-DSS-DES-CBC3-SHA
DH-RSA-DES-CBC3-SHA
DH-DSS-DES-CBC3-SHA
ECDH-RSA-DES-CBC3-SHA
ECDH-ECDSA-DES-CBC3-SHA
DES-CBC3-SHA
PSK-3DES-EDE-CBC-SHA

Von: Julian Zielke [mailto:jzie...@next-level-integration.com]
Gesendet: Mittwoch, 30. August 2017 12:23
An: Daniel Schneller 
mailto:daniel.schnel...@centerdevice.com>>
Cc: Georg Faerber mailto:ge...@riseup.net>>; 
haproxy+h...@formilux.org<mailto:haproxy+h...@formilux.org> 
mailto:haproxy@formilux.org>>
Betreff: AW: Enable SSL Forward Secrecy

Output is:

SRP-DSS-AES-256-CBC-SHA
SRP-RSA-AES-256-CBC-SHA
SRP-AES-256-CBC-SHA
ECDH-RSA-AES256-SHA
ECDH-ECDSA-AES256-S

Re: Enable SSL Forward Secrecy

[Daniel Schneller]

Well, that’s quite extensive.

But still, the server at portal-vonovia.next-level-apps.com 
<http://portal-vonovia.next-level-apps.com/> only agrees to one of 

TLS_RSA_WITH_AES_256_CBC_SHA (0x35)
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)

which according to https://testssl.sh/openssl-rfc.mapping.html 
<https://testssl.sh/openssl-rfc.mapping.html> correspond to 

AES256-SHA
AES128-SHA

in the OpenSSL cipher names — both obviously without FS.

Are you sure your DNS resolves to the haproxy in question, and that there is 
nothing in between it and external clients? Any other TLS aware 
proxies/firewalls?
Can you post a minimal haproxy config that reproduces the issue?

Please verify you can see the requests coming in by checking haproxy’s log. You 
should be able to at least see the requests being rejected due to bad 
handshakes.

Daniel

-- 
Daniel Schneller
Principal Cloud Engineer
 
CenterDevice GmbH  | Hochstraße 11
   | 42697 Solingen
tel: +49 1754155711| Deutschland
daniel.schnel...@centerdevice.de   | www.centerdevice.de

Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
Michael Rosbach, Handelsregister-Nr.: HRB 18655,
HR-Gericht: Bonn, USt-IdNr.: DE-815299431


> On 30. Aug. 2017, at 12:26, Julian Zielke 
>  wrote:
> 
> Whoips I copied thw wrong line. Here’s the output:
>  
> ECDHE-RSA-AES256-GCM-SHA384
> ECDHE-ECDSA-AES256-GCM-SHA384
> ECDHE-RSA-AES256-SHA384
> ECDHE-ECDSA-AES256-SHA384
> ECDHE-RSA-AES256-SHA
> ECDHE-ECDSA-AES256-SHA
> SRP-DSS-AES-256-CBC-SHA
> SRP-RSA-AES-256-CBC-SHA
> SRP-AES-256-CBC-SHA
> DH-DSS-AES256-GCM-SHA384
> DHE-DSS-AES256-GCM-SHA384
> DH-RSA-AES256-GCM-SHA384
> DHE-RSA-AES256-GCM-SHA384
> DHE-RSA-AES256-SHA256
> DHE-DSS-AES256-SHA256
> DH-RSA-AES256-SHA256
> DH-DSS-AES256-SHA256
> DHE-RSA-AES256-SHA
> DHE-DSS-AES256-SHA
> DH-RSA-AES256-SHA
> DH-DSS-AES256-SHA
> DHE-RSA-CAMELLIA256-SHA
> DHE-DSS-CAMELLIA256-SHA
> DH-RSA-CAMELLIA256-SHA
> DH-DSS-CAMELLIA256-SHA
> ECDH-RSA-AES256-GCM-SHA384
> ECDH-ECDSA-AES256-GCM-SHA384
> ECDH-RSA-AES256-SHA384
> ECDH-ECDSA-AES256-SHA384
> ECDH-RSA-AES256-SHA
> ECDH-ECDSA-AES256-SHA
> AES256-GCM-SHA384
> AES256-SHA256
> AES256-SHA
> CAMELLIA256-SHA
> PSK-AES256-CBC-SHA
> ECDHE-RSA-AES128-GCM-SHA256
> ECDHE-ECDSA-AES128-GCM-SHA256
> ECDHE-RSA-AES128-SHA256
> ECDHE-ECDSA-AES128-SHA256
> ECDHE-RSA-AES128-SHA
> ECDHE-ECDSA-AES128-SHA
> SRP-DSS-AES-128-CBC-SHA
> SRP-RSA-AES-128-CBC-SHA
> SRP-AES-128-CBC-SHA
> DH-DSS-AES128-GCM-SHA256
> DHE-DSS-AES128-GCM-SHA256
> DH-RSA-AES128-GCM-SHA256
> DHE-RSA-AES128-GCM-SHA256
> DHE-RSA-AES128-SHA256
> DHE-DSS-AES128-SHA256
> DH-RSA-AES128-SHA256
> DH-DSS-AES128-SHA256
> DHE-RSA-AES128-SHA
> DHE-DSS-AES128-SHA
> DH-RSA-AES128-SHA
> DH-DSS-AES128-SHA
> DHE-RSA-SEED-SHA
> DHE-DSS-SEED-SHA
> DH-RSA-SEED-SHA
> DH-DSS-SEED-SHA
> DHE-RSA-CAMELLIA128-SHA
> DHE-DSS-CAMELLIA128-SHA
> DH-RSA-CAMELLIA128-SHA
> DH-DSS-CAMELLIA128-SHA
> ECDH-RSA-AES128-GCM-SHA256
> ECDH-ECDSA-AES128-GCM-SHA256
> ECDH-RSA-AES128-SHA256
> ECDH-ECDSA-AES128-SHA256
> ECDH-RSA-AES128-SHA
> ECDH-ECDSA-AES128-SHA
> AES128-GCM-SHA256
> AES128-SHA256
> AES128-SHA
> SEED-SHA
> CAMELLIA128-SHA
> PSK-AES128-CBC-SHA
> ECDHE-RSA-RC4-SHA
> ECDHE-ECDSA-RC4-SHA
> ECDH-RSA-RC4-SHA
> ECDH-ECDSA-RC4-SHA
> RC4-SHA
> RC4-MD5
> PSK-RC4-SHA
> ECDHE-RSA-DES-CBC3-SHA
> ECDHE-ECDSA-DES-CBC3-SHA
> SRP-DSS-3DES-EDE-CBC-SHA
> SRP-RSA-3DES-EDE-CBC-SHA
> SRP-3DES-EDE-CBC-SHA
> EDH-RSA-DES-CBC3-SHA
> EDH-DSS-DES-CBC3-SHA
> DH-RSA-DES-CBC3-SHA
> DH-DSS-DES-CBC3-SHA
> ECDH-RSA-DES-CBC3-SHA
> ECDH-ECDSA-DES-CBC3-SHA
> DES-CBC3-SHA
> PSK-3DES-EDE-CBC-SHA
>  
> Von: Julian Zielke [mailto:jzie...@next-level-integration.com 
> <mailto:jzie...@next-level-integration.com>] 
> Gesendet: Mittwoch, 30. August 2017 12:23
> An: Daniel Schneller  <mailto:daniel.schnel...@centerdevice.com>>
> Cc: Georg Faerber mailto:ge...@riseup.net>>; 
> haproxy+h...@formilux.org <mailto:haproxy+h...@formilux.org> 
> mailto:haproxy@formilux.org>>
> Betreff: AW: Enable SSL Forward Secrecy
>  
> Output is:
>  
> SRP-DSS-AES-256-CBC-SHA
> SRP-RSA-AES-256-CBC-SHA
> SRP-AES-256-CBC-SHA
> ECDH-RSA-AES256-SHA
> ECDH-ECDSA-AES256-SHA
> AES256-SHA
> PSK-AES256-CBC-SHA
> SRP-DSS-AES-128-CBC-SHA
> SRP-RSA-AES-128-CBC-SHA
> SRP-AES-128-CBC-SHA
> ECDH-RSA-AES128-SHA
> ECDH-ECDSA-AES128-SHA
> AES128-SHA
> PSK-AES128-CBC-SHA
>  
> Julian
>  
> Von: Daniel Schneller [mailto:daniel.schnel...@centerdevice.com 
> <mailto:daniel.schnel...@centerdevice.com>] 
> Gesendet: Mittwo

AW: Enable SSL Forward Secrecy

[Julian Zielke]

Whoips I copied thw wrong line. Here’s the output:

ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA
ECDHE-ECDSA-AES256-SHA
SRP-DSS-AES-256-CBC-SHA
SRP-RSA-AES-256-CBC-SHA
SRP-AES-256-CBC-SHA
DH-DSS-AES256-GCM-SHA384
DHE-DSS-AES256-GCM-SHA384
DH-RSA-AES256-GCM-SHA384
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES256-SHA256
DHE-DSS-AES256-SHA256
DH-RSA-AES256-SHA256
DH-DSS-AES256-SHA256
DHE-RSA-AES256-SHA
DHE-DSS-AES256-SHA
DH-RSA-AES256-SHA
DH-DSS-AES256-SHA
DHE-RSA-CAMELLIA256-SHA
DHE-DSS-CAMELLIA256-SHA
DH-RSA-CAMELLIA256-SHA
DH-DSS-CAMELLIA256-SHA
ECDH-RSA-AES256-GCM-SHA384
ECDH-ECDSA-AES256-GCM-SHA384
ECDH-RSA-AES256-SHA384
ECDH-ECDSA-AES256-SHA384
ECDH-RSA-AES256-SHA
ECDH-ECDSA-AES256-SHA
AES256-GCM-SHA384
AES256-SHA256
AES256-SHA
CAMELLIA256-SHA
PSK-AES256-CBC-SHA
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-ECDSA-AES128-SHA256
ECDHE-RSA-AES128-SHA
ECDHE-ECDSA-AES128-SHA
SRP-DSS-AES-128-CBC-SHA
SRP-RSA-AES-128-CBC-SHA
SRP-AES-128-CBC-SHA
DH-DSS-AES128-GCM-SHA256
DHE-DSS-AES128-GCM-SHA256
DH-RSA-AES128-GCM-SHA256
DHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES128-SHA256
DHE-DSS-AES128-SHA256
DH-RSA-AES128-SHA256
DH-DSS-AES128-SHA256
DHE-RSA-AES128-SHA
DHE-DSS-AES128-SHA
DH-RSA-AES128-SHA
DH-DSS-AES128-SHA
DHE-RSA-SEED-SHA
DHE-DSS-SEED-SHA
DH-RSA-SEED-SHA
DH-DSS-SEED-SHA
DHE-RSA-CAMELLIA128-SHA
DHE-DSS-CAMELLIA128-SHA
DH-RSA-CAMELLIA128-SHA
DH-DSS-CAMELLIA128-SHA
ECDH-RSA-AES128-GCM-SHA256
ECDH-ECDSA-AES128-GCM-SHA256
ECDH-RSA-AES128-SHA256
ECDH-ECDSA-AES128-SHA256
ECDH-RSA-AES128-SHA
ECDH-ECDSA-AES128-SHA
AES128-GCM-SHA256
AES128-SHA256
AES128-SHA
SEED-SHA
CAMELLIA128-SHA
PSK-AES128-CBC-SHA
ECDHE-RSA-RC4-SHA
ECDHE-ECDSA-RC4-SHA
ECDH-RSA-RC4-SHA
ECDH-ECDSA-RC4-SHA
RC4-SHA
RC4-MD5
PSK-RC4-SHA
ECDHE-RSA-DES-CBC3-SHA
ECDHE-ECDSA-DES-CBC3-SHA
SRP-DSS-3DES-EDE-CBC-SHA
SRP-RSA-3DES-EDE-CBC-SHA
SRP-3DES-EDE-CBC-SHA
EDH-RSA-DES-CBC3-SHA
EDH-DSS-DES-CBC3-SHA
DH-RSA-DES-CBC3-SHA
DH-DSS-DES-CBC3-SHA
ECDH-RSA-DES-CBC3-SHA
ECDH-ECDSA-DES-CBC3-SHA
DES-CBC3-SHA
PSK-3DES-EDE-CBC-SHA

Von: Julian Zielke [mailto:jzie...@next-level-integration.com]
Gesendet: Mittwoch, 30. August 2017 12:23
An: Daniel Schneller 
Cc: Georg Faerber ; haproxy+h...@formilux.org 

Betreff: AW: Enable SSL Forward Secrecy

Output is:

SRP-DSS-AES-256-CBC-SHA
SRP-RSA-AES-256-CBC-SHA
SRP-AES-256-CBC-SHA
ECDH-RSA-AES256-SHA
ECDH-ECDSA-AES256-SHA
AES256-SHA
PSK-AES256-CBC-SHA
SRP-DSS-AES-128-CBC-SHA
SRP-RSA-AES-128-CBC-SHA
SRP-AES-128-CBC-SHA
ECDH-RSA-AES128-SHA
ECDH-ECDSA-AES128-SHA
AES128-SHA
PSK-AES128-CBC-SHA


  *   Julian

Von: Daniel Schneller [mailto:daniel.schnel...@centerdevice.com]
Gesendet: Mittwoch, 30. August 2017 12:21
An: Julian Zielke 
mailto:jzie...@next-level-integration.com>>
Cc: Georg Faerber mailto:ge...@riseup.net>>; 
haproxy+h...@formilux.org<mailto:haproxy+h...@formilux.org> 
mailto:haproxy@formilux.org>>
Betreff: Re: Enable SSL Forward Secrecy

Ok, so that’s not it. What about the ciphers output?


--
Daniel Schneller
Principal Cloud Engineer

CenterDevice GmbH  | Hochstraße 11
   | 42697 Solingen
tel: +49 1754155711| Deutschland
daniel.schnel...@centerdevice.de<mailto:daniel.schnel...@centerdevice.de>   | 
www.centerdevice.de<http://www.centerdevice.de>

Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
Michael Rosbach, Handelsregister-Nr.: HRB 18655,
HR-Gericht: Bonn, USt-IdNr.: DE-815299431

On 30. Aug. 2017, at 12:19, Julian Zielke 
mailto:jzie...@next-level-integration.com>> 
wrote:

The output is:

Built with OpenSSL version : OpenSSL 1.0.2g  1 Mar 2016
Running on OpenSSL version : OpenSSL 1.0.2g  1 Mar 2016
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports prefer-server-ciphers : yes

Haproxy Version is 1.7.9.


  *   Julian

Von: Daniel Schneller [mailto:daniel.schnel...@centerdevice.com]
Gesendet: Mittwoch, 30. August 2017 11:58
An: Julian Zielke 
mailto:jzie...@next-level-integration.com>>
Cc: Georg Faerber mailto:ge...@riseup.net>>; 
haproxy+h...@formilux.org<mailto:haproxy+h...@formilux.org> 
mailto:haproxy@formilux.org>>
Betreff: Re: Enable SSL Forward Secrecy

Also, please run haproxy -vv to get some idea about what SSL library it 
actually uses.


--
Daniel Schneller
Principal Cloud Engineer

CenterDevice GmbH  | Hochstraße 11
   | 42697 Solingen
tel: +49 1754155711| Deutschland
daniel.schnel...@centerdevice.de<mailto:daniel.schnel...@centerdevice.de>   | 
www.centerdevice.de<http://www.centerdevice.de/>

Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
Michael Rosbach, Handelsregister-Nr.: HRB 18655,
HR-Gericht: Bonn, USt-IdNr.: DE-815299431

On 30. Aug. 2017, at 11:52, Julian Zielke 
mailto:jzie...@next-level-inte

AW: Enable SSL Forward Secrecy

[Julian Zielke]

Output is:

SRP-DSS-AES-256-CBC-SHA
SRP-RSA-AES-256-CBC-SHA
SRP-AES-256-CBC-SHA
ECDH-RSA-AES256-SHA
ECDH-ECDSA-AES256-SHA
AES256-SHA
PSK-AES256-CBC-SHA
SRP-DSS-AES-128-CBC-SHA
SRP-RSA-AES-128-CBC-SHA
SRP-AES-128-CBC-SHA
ECDH-RSA-AES128-SHA
ECDH-ECDSA-AES128-SHA
AES128-SHA
PSK-AES128-CBC-SHA


  *   Julian

Von: Daniel Schneller [mailto:daniel.schnel...@centerdevice.com]
Gesendet: Mittwoch, 30. August 2017 12:21
An: Julian Zielke 
Cc: Georg Faerber ; haproxy+h...@formilux.org 

Betreff: Re: Enable SSL Forward Secrecy

Ok, so that’s not it. What about the ciphers output?


--
Daniel Schneller
Principal Cloud Engineer

CenterDevice GmbH  | Hochstraße 11
   | 42697 Solingen
tel: +49 1754155711| Deutschland
daniel.schnel...@centerdevice.de<mailto:daniel.schnel...@centerdevice.de>   | 
www.centerdevice.de<http://www.centerdevice.de>

Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
Michael Rosbach, Handelsregister-Nr.: HRB 18655,
HR-Gericht: Bonn, USt-IdNr.: DE-815299431

On 30. Aug. 2017, at 12:19, Julian Zielke 
mailto:jzie...@next-level-integration.com>> 
wrote:

The output is:

Built with OpenSSL version : OpenSSL 1.0.2g  1 Mar 2016
Running on OpenSSL version : OpenSSL 1.0.2g  1 Mar 2016
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports prefer-server-ciphers : yes

Haproxy Version is 1.7.9.


  *   Julian

Von: Daniel Schneller [mailto:daniel.schnel...@centerdevice.com]
Gesendet: Mittwoch, 30. August 2017 11:58
An: Julian Zielke 
mailto:jzie...@next-level-integration.com>>
Cc: Georg Faerber mailto:ge...@riseup.net>>; 
haproxy+h...@formilux.org<mailto:haproxy+h...@formilux.org> 
mailto:haproxy@formilux.org>>
Betreff: Re: Enable SSL Forward Secrecy

Also, please run haproxy -vv to get some idea about what SSL library it 
actually uses.


--
Daniel Schneller
Principal Cloud Engineer

CenterDevice GmbH  | Hochstraße 11
   | 42697 Solingen
tel: +49 1754155711| Deutschland
daniel.schnel...@centerdevice.de<mailto:daniel.schnel...@centerdevice.de>   | 
www.centerdevice.de<http://www.centerdevice.de/>

Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
Michael Rosbach, Handelsregister-Nr.: HRB 18655,
HR-Gericht: Bonn, USt-IdNr.: DE-815299431

On 30. Aug. 2017, at 11:52, Julian Zielke 
mailto:jzie...@next-level-integration.com>> 
wrote:

Hi Georg,

tried this already without effect.

- Julian

-Ursprüngliche Nachricht-
Von: Georg Faerber [mailto:ge...@riseup.net]
Gesendet: Mittwoch, 30. August 2017 11:51
An: haproxy@formilux.org<mailto:haproxy@formilux.org>
Betreff: Re: Enable SSL Forward Secrecy

On 17-08-30 09:33:23, Julian Zielke wrote:


Hi,

I'm struggeling with enabling SSL forward secrecy in my haproxy 1.7 setup.

So far the global settings look like:

 tune.ssl.default-dh-param 2048 # tune shared secred to 2048bits

 ssl-default-bind-options force-tlsv12 no-sslv3
 ssl-default-bind-ciphers 
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE
 ssl-default-server-options force-tlsv12 no-sslv3
 ssl-default-server-ciphers 
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE

 ssl-server-verify required
 tune.ssl.cachesize 10
 tune.ssl.lifetime 600
 tune.ssl.maxrecord 1460

and in my https UI I've set:

### ssl forward secrecy tweak
# Distinguish between secure and insecure requests
  acl secure dst_port eq 443

# Mark all cookies as secure if sent over SSL
  rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure

# Add the HSTS header with a 1 year max-age
  rspadd Strict-Transport-Security:\ max-age=31536000 if secure

Still Qualys gives me an A- rating telling me:
The server does not support Forward Secrecy with the reference browsers. Grade 
reduced to A-.

Any clue how to fix this?

Try to add no-tls-tickets [1].

Cheers,
Georg


[1] https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#no-tls-tickets
Wichtiger Hinweis: Der Inhalt dieser E-Mail ist vertraulich und ausschließlich 
für den bezeichneten Adressaten bestimmt. Wenn Sie nicht der vorgesehene 
Adressat dieser E-Mail oder dessen Vertreter sein sollten, so beachten Sie 
bitte, dass jede Form der Kenntnisnahme, Veröffentlichung, Vervielfältigung 
oder Weitergabe des Inhalts dieser E-Mail unzulässig ist. Wir bitten Sie, sich 
in diesem Fall mit dem Absender der E-Mail in Verbindung zu setzen. Wir möchten 
Sie außerdem darauf hinweisen, dass die Kommunikation per E-Mail über das 
Internet unsicher ist, da für unberechtigte Dritte grundsätzlich die 
Möglichkeit

Re: Enable SSL Forward Secrecy

[Daniel Schneller]

Ok, so that’s not it. What about the ciphers output?


-- 
Daniel Schneller
Principal Cloud Engineer
 
CenterDevice GmbH  | Hochstraße 11
   | 42697 Solingen
tel: +49 1754155711| Deutschland
daniel.schnel...@centerdevice.de   | www.centerdevice.de

Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
Michael Rosbach, Handelsregister-Nr.: HRB 18655,
HR-Gericht: Bonn, USt-IdNr.: DE-815299431


> On 30. Aug. 2017, at 12:19, Julian Zielke 
>  wrote:
> 
> The output is:
>  
> Built with OpenSSL version : OpenSSL 1.0.2g  1 Mar 2016
> Running on OpenSSL version : OpenSSL 1.0.2g  1 Mar 2016
> OpenSSL library supports TLS extensions : yes
> OpenSSL library supports SNI : yes
> OpenSSL library supports prefer-server-ciphers : yes
>  
> Haproxy Version is 1.7.9.
>  
> Julian
>  
> Von: Daniel Schneller [mailto:daniel.schnel...@centerdevice.com] 
> Gesendet: Mittwoch, 30. August 2017 11:58
> An: Julian Zielke 
> Cc: Georg Faerber ; haproxy+h...@formilux.org 
> 
> Betreff: Re: Enable SSL Forward Secrecy
>  
> Also, please run haproxy -vv to get some idea about what SSL library it 
> actually uses.
>  
>  
> -- 
> Daniel Schneller
> Principal Cloud Engineer
>  
> CenterDevice GmbH  | Hochstraße 11
>| 42697 Solingen
> tel: +49 1754155711| Deutschland
> daniel.schnel...@centerdevice.de <mailto:daniel.schnel...@centerdevice.de>   
> | www.centerdevice.de <http://www.centerdevice.de/>
> 
> Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
> Michael Rosbach, Handelsregister-Nr.: HRB 18655,
> HR-Gericht: Bonn, USt-IdNr.: DE-815299431
> 
>  
> On 30. Aug. 2017, at 11:52, Julian Zielke  <mailto:jzie...@next-level-integration.com>> wrote:
>  
> Hi Georg,
> 
> tried this already without effect.
> 
> - Julian
> 
> -Ursprüngliche Nachricht-
> Von: Georg Faerber [mailto:ge...@riseup.net <mailto:ge...@riseup.net>]
> Gesendet: Mittwoch, 30. August 2017 11:51
> An: haproxy@formilux.org <mailto:haproxy@formilux.org>
> Betreff: Re: Enable SSL Forward Secrecy
> 
> On 17-08-30 09:33:23, Julian Zielke wrote:
> 
> Hi,
> 
> I'm struggeling with enabling SSL forward secrecy in my haproxy 1.7 setup.
> 
> So far the global settings look like:
> 
>  tune.ssl.default-dh-param 2048 # tune shared secred to 2048bits
> 
>  ssl-default-bind-options force-tlsv12 no-sslv3
>  ssl-default-bind-ciphers 
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE
>  ssl-default-server-options force-tlsv12 no-sslv3
>  ssl-default-server-ciphers 
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE
> 
>  ssl-server-verify required
>  tune.ssl.cachesize 10
>  tune.ssl.lifetime 600
>  tune.ssl.maxrecord 1460
> 
> and in my https UI I've set:
> 
> ### ssl forward secrecy tweak
> # Distinguish between secure and insecure requests
>   acl secure dst_port eq 443
> 
> # Mark all cookies as secure if sent over SSL
>   rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure
> 
> # Add the HSTS header with a 1 year max-age
>   rspadd Strict-Transport-Security:\ max-age=31536000 if secure
> 
> Still Qualys gives me an A- rating telling me:
> The server does not support Forward Secrecy with the reference browsers. 
> Grade reduced to A-.
> 
> Any clue how to fix this?
> 
> Try to add no-tls-tickets [1].
> 
> Cheers,
> Georg
> 
> 
> [1] 
> https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#no-tls-tickets 
> <https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#no-tls-tickets>
> Wichtiger Hinweis: Der Inhalt dieser E-Mail ist vertraulich und 
> ausschließlich für den bezeichneten Adressaten bestimmt. Wenn Sie nicht der 
> vorgesehene Adressat dieser E-Mail oder dessen Vertreter sein sollten, so 
> beachten Sie bitte, dass jede Form der Kenntnisnahme, Veröffentlichung, 
> Vervielfältigung oder Weitergabe des Inhalts dieser E-Mail unzulässig ist. 
> Wir bitten Sie, sich in diesem Fall mit dem Absender der E-Mail in Verbindung 
> zu setzen. Wir möchten Sie außerdem darauf hinweisen, dass die Kommunikation 
> per E-Mail über das Internet unsicher ist, da für unberechtigte Dritte 
> grundsätzlich die Möglichkeit der Kenntnisnahme und Manipulation besteht
> 
> Important Note: The information contained in this e-mail is c

AW: Enable SSL Forward Secrecy

[Julian Zielke]

The output is:

Built with OpenSSL version : OpenSSL 1.0.2g  1 Mar 2016
Running on OpenSSL version : OpenSSL 1.0.2g  1 Mar 2016
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports prefer-server-ciphers : yes

Haproxy Version is 1.7.9.


  *   Julian

Von: Daniel Schneller [mailto:daniel.schnel...@centerdevice.com]
Gesendet: Mittwoch, 30. August 2017 11:58
An: Julian Zielke 
Cc: Georg Faerber ; haproxy+h...@formilux.org 

Betreff: Re: Enable SSL Forward Secrecy

Also, please run haproxy -vv to get some idea about what SSL library it 
actually uses.


--
Daniel Schneller
Principal Cloud Engineer

CenterDevice GmbH  | Hochstraße 11
   | 42697 Solingen
tel: +49 1754155711| Deutschland
daniel.schnel...@centerdevice.de<mailto:daniel.schnel...@centerdevice.de>   | 
www.centerdevice.de<http://www.centerdevice.de>

Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
Michael Rosbach, Handelsregister-Nr.: HRB 18655,
HR-Gericht: Bonn, USt-IdNr.: DE-815299431

On 30. Aug. 2017, at 11:52, Julian Zielke 
mailto:jzie...@next-level-integration.com>> 
wrote:

Hi Georg,

tried this already without effect.

- Julian

-Ursprüngliche Nachricht-
Von: Georg Faerber [mailto:ge...@riseup.net]
Gesendet: Mittwoch, 30. August 2017 11:51
An: haproxy@formilux.org<mailto:haproxy@formilux.org>
Betreff: Re: Enable SSL Forward Secrecy

On 17-08-30 09:33:23, Julian Zielke wrote:

Hi,

I'm struggeling with enabling SSL forward secrecy in my haproxy 1.7 setup.

So far the global settings look like:

 tune.ssl.default-dh-param 2048 # tune shared secred to 2048bits

 ssl-default-bind-options force-tlsv12 no-sslv3
 ssl-default-bind-ciphers 
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE
 ssl-default-server-options force-tlsv12 no-sslv3
 ssl-default-server-ciphers 
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE

 ssl-server-verify required
 tune.ssl.cachesize 10
 tune.ssl.lifetime 600
 tune.ssl.maxrecord 1460

and in my https UI I've set:

### ssl forward secrecy tweak
# Distinguish between secure and insecure requests
  acl secure dst_port eq 443

# Mark all cookies as secure if sent over SSL
  rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure

# Add the HSTS header with a 1 year max-age
  rspadd Strict-Transport-Security:\ max-age=31536000 if secure

Still Qualys gives me an A- rating telling me:
The server does not support Forward Secrecy with the reference browsers. Grade 
reduced to A-.

Any clue how to fix this?

Try to add no-tls-tickets [1].

Cheers,
Georg


[1] https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#no-tls-tickets
Wichtiger Hinweis: Der Inhalt dieser E-Mail ist vertraulich und ausschließlich 
für den bezeichneten Adressaten bestimmt. Wenn Sie nicht der vorgesehene 
Adressat dieser E-Mail oder dessen Vertreter sein sollten, so beachten Sie 
bitte, dass jede Form der Kenntnisnahme, Veröffentlichung, Vervielfältigung 
oder Weitergabe des Inhalts dieser E-Mail unzulässig ist. Wir bitten Sie, sich 
in diesem Fall mit dem Absender der E-Mail in Verbindung zu setzen. Wir möchten 
Sie außerdem darauf hinweisen, dass die Kommunikation per E-Mail über das 
Internet unsicher ist, da für unberechtigte Dritte grundsätzlich die 
Möglichkeit der Kenntnisnahme und Manipulation besteht

Important Note: The information contained in this e-mail is confidential. It is 
intended solely for the addressee. Access to this e-mail by anyone else is 
unauthorized. If you are not the intended recipient, any form of disclosure, 
reproduction, distribution or any action taken or refrained from in reliance on 
it, is prohibited and may be unlawful. Please notify the sender immediately. We 
also would like to inform you that communication via e-mail over the internet 
is insecure because third parties may have the possibility to access and 
manipulate e-mails.


Wichtiger Hinweis: Der Inhalt dieser E-Mail ist vertraulich und ausschließlich 
für den bezeichneten Adressaten bestimmt. Wenn Sie nicht der vorgesehene 
Adressat dieser E-Mail oder dessen Vertreter sein sollten, so beachten Sie 
bitte, dass jede Form der Kenntnisnahme, Veröffentlichung, Vervielfältigung 
oder Weitergabe des Inhalts dieser E-Mail unzulässig ist. Wir bitten Sie, sich 
in diesem Fall mit dem Absender der E-Mail in Verbindung zu setzen. Wir möchten 
Sie außerdem darauf hinweisen, dass die Kommunikation per E-Mail über das 
Internet unsicher ist, da für unberechtigte Dritte grundsätzlich die 
Möglichkeit der Kenntnisnahme und Manipulation besteht

Important Note: The information contained 

Re: Enable SSL Forward Secrecy

[Daniel Schneller]

Also, please run haproxy -vv to get some idea about what SSL library it 
actually uses.


-- 
Daniel Schneller
Principal Cloud Engineer
 
CenterDevice GmbH  | Hochstraße 11
   | 42697 Solingen
tel: +49 1754155711| Deutschland
daniel.schnel...@centerdevice.de   | www.centerdevice.de

Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
Michael Rosbach, Handelsregister-Nr.: HRB 18655,
HR-Gericht: Bonn, USt-IdNr.: DE-815299431


> On 30. Aug. 2017, at 11:52, Julian Zielke 
>  wrote:
> 
> Hi Georg,
> 
> tried this already without effect.
> 
> - Julian
> 
> -Ursprüngliche Nachricht-
> Von: Georg Faerber [mailto:ge...@riseup.net]
> Gesendet: Mittwoch, 30. August 2017 11:51
> An: haproxy@formilux.org
> Betreff: Re: Enable SSL Forward Secrecy
> 
> On 17-08-30 09:33:23, Julian Zielke wrote:
>> Hi,
>> 
>> I'm struggeling with enabling SSL forward secrecy in my haproxy 1.7 setup.
>> 
>> So far the global settings look like:
>> 
>>  tune.ssl.default-dh-param 2048 # tune shared secred to 2048bits
>> 
>>  ssl-default-bind-options force-tlsv12 no-sslv3
>>  ssl-default-bind-ciphers 
>> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE
>>  ssl-default-server-options force-tlsv12 no-sslv3
>>  ssl-default-server-ciphers 
>> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE
>> 
>>  ssl-server-verify required
>>  tune.ssl.cachesize 10
>>  tune.ssl.lifetime 600
>>  tune.ssl.maxrecord 1460
>> 
>> and in my https UI I've set:
>> 
>> ### ssl forward secrecy tweak
>> # Distinguish between secure and insecure requests
>>   acl secure dst_port eq 443
>> 
>> # Mark all cookies as secure if sent over SSL
>>   rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure
>> 
>> # Add the HSTS header with a 1 year max-age
>>   rspadd Strict-Transport-Security:\ max-age=31536000 if secure
>> 
>> Still Qualys gives me an A- rating telling me:
>> The server does not support Forward Secrecy with the reference browsers. 
>> Grade reduced to A-.
>> 
>> Any clue how to fix this?
> 
> Try to add no-tls-tickets [1].
> 
> Cheers,
> Georg
> 
> 
> [1] 
> https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#no-tls-tickets
> Wichtiger Hinweis: Der Inhalt dieser E-Mail ist vertraulich und 
> ausschließlich für den bezeichneten Adressaten bestimmt. Wenn Sie nicht der 
> vorgesehene Adressat dieser E-Mail oder dessen Vertreter sein sollten, so 
> beachten Sie bitte, dass jede Form der Kenntnisnahme, Veröffentlichung, 
> Vervielfältigung oder Weitergabe des Inhalts dieser E-Mail unzulässig ist. 
> Wir bitten Sie, sich in diesem Fall mit dem Absender der E-Mail in Verbindung 
> zu setzen. Wir möchten Sie außerdem darauf hinweisen, dass die Kommunikation 
> per E-Mail über das Internet unsicher ist, da für unberechtigte Dritte 
> grundsätzlich die Möglichkeit der Kenntnisnahme und Manipulation besteht
> 
> Important Note: The information contained in this e-mail is confidential. It 
> is intended solely for the addressee. Access to this e-mail by anyone else is 
> unauthorized. If you are not the intended recipient, any form of disclosure, 
> reproduction, distribution or any action taken or refrained from in reliance 
> on it, is prohibited and may be unlawful. Please notify the sender 
> immediately. We also would like to inform you that communication via e-mail 
> over the internet is insecure because third parties may have the possibility 
> to access and manipulate e-mails.

Re: Enable SSL Forward Secrecy

[Daniel Schneller]

The cipher suite list only shows two possible ciphers — both not suitable for 
FS.

TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA

This is also why all the modern browsers are marked as “No FS” — they can’t use 
a FS cipher.

Try this on your haproxy instance:

$ openssl ciphers 
'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE'
 | tr ':' '\n'

(I copied the ciphers list from your earlier mail).
On my box this results in 

ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA
ECDHE-ECDSA-AES256-SHA
SRP-DSS-AES-256-CBC-SHA
SRP-RSA-AES-256-CBC-SHA
SRP-AES-256-CBC-SHA
ECDH-RSA-AES256-SHA
ECDH-ECDSA-AES256-SHA
AES256-SHA
PSK-AES256-CBC-SHA
ECDHE-RSA-AES128-SHA
ECDHE-ECDSA-AES128-SHA
SRP-DSS-AES-128-CBC-SHA
SRP-RSA-AES-128-CBC-SHA
SRP-AES-128-CBC-SHA
ECDH-RSA-AES128-SHA
ECDH-ECDSA-AES128-SHA
AES128-SHA
PSK-AES128-CBC-SHA

Check the output on your load balancer — maybe the OpenSSL version just too old?

Regards,
Daniel

-- 
Daniel Schneller
Principal Cloud Engineer
 
CenterDevice GmbH  | Hochstraße 11
   | 42697 Solingen
tel: +49 1754155711| Deutschland
daniel.schnel...@centerdevice.de   | www.centerdevice.de

Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
Michael Rosbach, Handelsregister-Nr.: HRB 18655,
HR-Gericht: Bonn, USt-IdNr.: DE-815299431


> On 30. Aug. 2017, at 11:42, Julian Zielke 
>  wrote:
> 
> Hi,
>  
> sure I can share it since the site since it’s secured already in many ways:
>  
> https://www.ssllabs.com/ssltest/analyze.html?d=portal-vonovia.next-level-apps.com&hideResults=on
>  
>   • Julian
>  
> Von: Daniel Schneller [mailto:daniel.schnel...@centerdevice.com] 
> Gesendet: Mittwoch, 30. August 2017 11:39
> An: Julian Zielke 
> Cc: haproxy+h...@formilux.org 
> Betreff: Re: Enable SSL Forward Secrecy
>  
> Hi,
>  
> You might want to include a link to your Qualys results to help others see 
> what exactly they say.
> At a casual glance the ciphers looks ok, but it would be easier to see the 
> SSLlabs output.
> If you don’t want to share it, I suggest scrolling down and looking at the 
> results of the per-browser handshakes and go through them — IIRC there is 
> some “FS” vs. “No FS” marker there.
>  
> Regards,
> Daniel
>  
> -- 
> Daniel Schneller
> Principal Cloud Engineer
>  
> CenterDevice GmbH  | Hochstraße 11
>| 42697 Solingen
> tel: +49 1754155711| Deutschland
> daniel.schnel...@centerdevice.de   | www.centerdevice.de
> 
> Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
> Michael Rosbach, Handelsregister-Nr.: HRB 18655,
> HR-Gericht: Bonn, USt-IdNr.: DE-815299431
> 
>  
> On 30. Aug. 2017, at 11:33, Julian Zielke 
>  wrote:
>  
> Hi,
>  
> I’m struggeling with enabling SSL forward secrecy in my haproxy 1.7 setup.
>  
> So far the global settings look like:
>  
>   tune.ssl.default-dh-param 2048 # tune shared secred to 2048bits
>  
>   ssl-default-bind-options force-tlsv12 no-sslv3
>   ssl-default-bind-ciphers 
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE
>   ssl-default-server-options force-tlsv12 no-sslv3
>   ssl-default-server-ciphers 
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE
>  
>   ssl-server-verify required
>   tune.ssl.cachesize 10
>   tune.ssl.lifetime 600
>   tune.ssl.maxrecord 1460
>  
> and in my https UI I’ve set:
>  
> ### ssl forward secrecy tweak
> # Distinguish between secure and insecure requests
>acl secure dst_port eq 443
>  
> # Mark all cookies as secure if sent over SSL
>rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure
>  
> # Add the HSTS header with a 1 year max-age
>rspadd Strict-Transport-Security:\ max-age=31536000 if secure
>  
> Still Qualys gives me an A- rating telling me:
> The server does not support Forward Secrecy with the reference browsers. 
> Grade reduced to A-.
>  
> Any clue how to fix this?
>  
>   • Julian
>  
>  
> Wichtiger Hinweis: Der Inhalt dieser E-Mail ist vertraulich und 
> ausschließlich für den bezeichneten Adressaten bestimmt. Wenn Sie nicht der 
> vorgesehene Adressat dieser E-Mail oder

AW: Enable SSL Forward Secrecy

[Julian Zielke]

Hi Georg,

tried this already without effect.

- Julian

-Ursprüngliche Nachricht-
Von: Georg Faerber [mailto:ge...@riseup.net]
Gesendet: Mittwoch, 30. August 2017 11:51
An: haproxy@formilux.org
Betreff: Re: Enable SSL Forward Secrecy

On 17-08-30 09:33:23, Julian Zielke wrote:
> Hi,
>
> I'm struggeling with enabling SSL forward secrecy in my haproxy 1.7 setup.
>
> So far the global settings look like:
>
>   tune.ssl.default-dh-param 2048 # tune shared secred to 2048bits
>
>   ssl-default-bind-options force-tlsv12 no-sslv3
>   ssl-default-bind-ciphers 
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE
>   ssl-default-server-options force-tlsv12 no-sslv3
>   ssl-default-server-ciphers 
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE
>
>   ssl-server-verify required
>   tune.ssl.cachesize 10
>   tune.ssl.lifetime 600
>   tune.ssl.maxrecord 1460
>
> and in my https UI I've set:
>
> ### ssl forward secrecy tweak
> # Distinguish between secure and insecure requests
>acl secure dst_port eq 443
>
> # Mark all cookies as secure if sent over SSL
>rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure
>
> # Add the HSTS header with a 1 year max-age
>rspadd Strict-Transport-Security:\ max-age=31536000 if secure
>
> Still Qualys gives me an A- rating telling me:
> The server does not support Forward Secrecy with the reference browsers. 
> Grade reduced to A-.
>
> Any clue how to fix this?

Try to add no-tls-tickets [1].

Cheers,
Georg


[1] https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#no-tls-tickets
Wichtiger Hinweis: Der Inhalt dieser E-Mail ist vertraulich und ausschließlich 
für den bezeichneten Adressaten bestimmt. Wenn Sie nicht der vorgesehene 
Adressat dieser E-Mail oder dessen Vertreter sein sollten, so beachten Sie 
bitte, dass jede Form der Kenntnisnahme, Veröffentlichung, Vervielfältigung 
oder Weitergabe des Inhalts dieser E-Mail unzulässig ist. Wir bitten Sie, sich 
in diesem Fall mit dem Absender der E-Mail in Verbindung zu setzen. Wir möchten 
Sie außerdem darauf hinweisen, dass die Kommunikation per E-Mail über das 
Internet unsicher ist, da für unberechtigte Dritte grundsätzlich die 
Möglichkeit der Kenntnisnahme und Manipulation besteht

Important Note: The information contained in this e-mail is confidential. It is 
intended solely for the addressee. Access to this e-mail by anyone else is 
unauthorized. If you are not the intended recipient, any form of disclosure, 
reproduction, distribution or any action taken or refrained from in reliance on 
it, is prohibited and may be unlawful. Please notify the sender immediately. We 
also would like to inform you that communication via e-mail over the internet 
is insecure because third parties may have the possibility to access and 
manipulate e-mails.

Re: Enable SSL Forward Secrecy

[Georg Faerber]

On 17-08-30 09:33:23, Julian Zielke wrote:
> Hi,
> 
> I'm struggeling with enabling SSL forward secrecy in my haproxy 1.7 setup.
> 
> So far the global settings look like:
> 
>   tune.ssl.default-dh-param 2048 # tune shared secred to 2048bits
> 
>   ssl-default-bind-options force-tlsv12 no-sslv3
>   ssl-default-bind-ciphers 
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE
>   ssl-default-server-options force-tlsv12 no-sslv3
>   ssl-default-server-ciphers 
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE
> 
>   ssl-server-verify required
>   tune.ssl.cachesize 10
>   tune.ssl.lifetime 600
>   tune.ssl.maxrecord 1460
> 
> and in my https UI I've set:
> 
> ### ssl forward secrecy tweak
> # Distinguish between secure and insecure requests
>acl secure dst_port eq 443
> 
> # Mark all cookies as secure if sent over SSL
>rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure
> 
> # Add the HSTS header with a 1 year max-age
>rspadd Strict-Transport-Security:\ max-age=31536000 if secure
> 
> Still Qualys gives me an A- rating telling me:
> The server does not support Forward Secrecy with the reference browsers. 
> Grade reduced to A-.
> 
> Any clue how to fix this?

Try to add no-tls-tickets [1].

Cheers,
Georg


[1] https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#no-tls-tickets


signature.asc
Description: Digital signature

AW: Enable SSL Forward Secrecy

[Julian Zielke]

Hi,

sure I can share it since the site since it’s secured already in many ways:

https://www.ssllabs.com/ssltest/analyze.html?d=portal-vonovia.next-level-apps.com&hideResults=on


  *   Julian

Von: Daniel Schneller [mailto:daniel.schnel...@centerdevice.com]
Gesendet: Mittwoch, 30. August 2017 11:39
An: Julian Zielke 
Cc: haproxy+h...@formilux.org 
Betreff: Re: Enable SSL Forward Secrecy

Hi,

You might want to include a link to your Qualys results to help others see what 
exactly they say.
At a casual glance the ciphers looks ok, but it would be easier to see the 
SSLlabs output.
If you don’t want to share it, I suggest scrolling down and looking at the 
results of the per-browser handshakes and go through them — IIRC there is some 
“FS” vs. “No FS” marker there.

Regards,
Daniel

--
Daniel Schneller
Principal Cloud Engineer

CenterDevice GmbH  | Hochstraße 11
   | 42697 Solingen
tel: +49 1754155711| Deutschland
daniel.schnel...@centerdevice.de<mailto:daniel.schnel...@centerdevice.de>   | 
www.centerdevice.de<http://www.centerdevice.de>

Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
Michael Rosbach, Handelsregister-Nr.: HRB 18655,
HR-Gericht: Bonn, USt-IdNr.: DE-815299431

On 30. Aug. 2017, at 11:33, Julian Zielke 
mailto:jzie...@next-level-integration.com>> 
wrote:

Hi,

I’m struggeling with enabling SSL forward secrecy in my haproxy 1.7 setup.

So far the global settings look like:

  tune.ssl.default-dh-param 2048 # tune shared secred to 2048bits

  ssl-default-bind-options force-tlsv12 no-sslv3
  ssl-default-bind-ciphers 
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE
  ssl-default-server-options force-tlsv12 no-sslv3
  ssl-default-server-ciphers 
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE

  ssl-server-verify required
  tune.ssl.cachesize 10
  tune.ssl.lifetime 600
  tune.ssl.maxrecord 1460

and in my https UI I’ve set:

### ssl forward secrecy tweak
# Distinguish between secure and insecure requests
   acl secure dst_port eq 443

# Mark all cookies as secure if sent over SSL
   rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure

# Add the HSTS header with a 1 year max-age
   rspadd Strict-Transport-Security:\ max-age=31536000 if secure

Still Qualys gives me an A- rating telling me:
The server does not support Forward Secrecy with the reference browsers. Grade 
reduced to A-.

Any clue how to fix this?


  *   Julian


Wichtiger Hinweis: Der Inhalt dieser E-Mail ist vertraulich und ausschließlich 
für den bezeichneten Adressaten bestimmt. Wenn Sie nicht der vorgesehene 
Adressat dieser E-Mail oder dessen Vertreter sein sollten, so beachten Sie 
bitte, dass jede Form der Kenntnisnahme, Veröffentlichung, Vervielfältigung 
oder Weitergabe des Inhalts dieser E-Mail unzulässig ist. Wir bitten Sie, sich 
in diesem Fall mit dem Absender der E-Mail in Verbindung zu setzen. Wir möchten 
Sie außerdem darauf hinweisen, dass die Kommunikation per E-Mail über das 
Internet unsicher ist, da für unberechtigte Dritte grundsätzlich die 
Möglichkeit der Kenntnisnahme und Manipulation besteht

Important Note: The information contained in this e-mail is confidential. It is 
intended solely for the addressee. Access to this e-mail by anyone else is 
unauthorized. If you are not the intended recipient, any form of disclosure, 
reproduction, distribution or any action taken or refrained from in reliance on 
it, is prohibited and may be unlawful. Please notify the sender immediately. We 
also would like to inform you that communication via e-mail over the internet 
is insecure because third parties may have the possibility to access and 
manipulate e-mails.


Wichtiger Hinweis: Der Inhalt dieser E-Mail ist vertraulich und ausschließlich 
für den bezeichneten Adressaten bestimmt. Wenn Sie nicht der vorgesehene 
Adressat dieser E-Mail oder dessen Vertreter sein sollten, so beachten Sie 
bitte, dass jede Form der Kenntnisnahme, Veröffentlichung, Vervielfältigung 
oder Weitergabe des Inhalts dieser E-Mail unzulässig ist. Wir bitten Sie, sich 
in diesem Fall mit dem Absender der E-Mail in Verbindung zu setzen. Wir möchten 
Sie außerdem darauf hinweisen, dass die Kommunikation per E-Mail über das 
Internet unsicher ist, da für unberechtigte Dritte grundsätzlich die 
Möglichkeit der Kenntnisnahme und Manipulation besteht

Important Note: The information contained in this e-mail is confidential. It is 
intended solely for the addressee. Access to this e-mail by anyone else is 
unauthorized. If you are not the intended recipient, any form of disclosure, 
reproduction, distribution or any action taken or refr

Re: Enable SSL Forward Secrecy

[Daniel Schneller]

Hi,

You might want to include a link to your Qualys results to help others see what 
exactly they say.
At a casual glance the ciphers looks ok, but it would be easier to see the 
SSLlabs output.
If you don’t want to share it, I suggest scrolling down and looking at the 
results of the per-browser handshakes and go through them — IIRC there is some 
“FS” vs. “No FS” marker there.

Regards,
Daniel

-- 
Daniel Schneller
Principal Cloud Engineer
 
CenterDevice GmbH  | Hochstraße 11
   | 42697 Solingen
tel: +49 1754155711| Deutschland
daniel.schnel...@centerdevice.de   | www.centerdevice.de

Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
Michael Rosbach, Handelsregister-Nr.: HRB 18655,
HR-Gericht: Bonn, USt-IdNr.: DE-815299431


> On 30. Aug. 2017, at 11:33, Julian Zielke 
>  wrote:
> 
> Hi,
>  
> I’m struggeling with enabling SSL forward secrecy in my haproxy 1.7 setup.
>  
> So far the global settings look like:
>  
>   tune.ssl.default-dh-param 2048 # tune shared secred to 2048bits
>  
>   ssl-default-bind-options force-tlsv12 no-sslv3
>   ssl-default-bind-ciphers 
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE
>   ssl-default-server-options force-tlsv12 no-sslv3
>   ssl-default-server-ciphers 
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE
>  
>   ssl-server-verify required
>   tune.ssl.cachesize 10
>   tune.ssl.lifetime 600
>   tune.ssl.maxrecord 1460
>  
> and in my https UI I’ve set:
>  
> ### ssl forward secrecy tweak
> # Distinguish between secure and insecure requests
>acl secure dst_port eq 443
>  
> # Mark all cookies as secure if sent over SSL
>rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure
>  
> # Add the HSTS header with a 1 year max-age
>rspadd Strict-Transport-Security:\ max-age=31536000 if secure
>  
> Still Qualys gives me an A- rating telling me:
> The server does not support Forward Secrecy with the reference browsers. 
> Grade reduced to A-.
>  
> Any clue how to fix this?
>  
> Julian
>  
>  
> Wichtiger Hinweis: Der Inhalt dieser E-Mail ist vertraulich und 
> ausschließlich für den bezeichneten Adressaten bestimmt. Wenn Sie nicht der 
> vorgesehene Adressat dieser E-Mail oder dessen Vertreter sein sollten, so 
> beachten Sie bitte, dass jede Form der Kenntnisnahme, Veröffentlichung, 
> Vervielfältigung oder Weitergabe des Inhalts dieser E-Mail unzulässig ist. 
> Wir bitten Sie, sich in diesem Fall mit dem Absender der E-Mail in Verbindung 
> zu setzen. Wir möchten Sie außerdem darauf hinweisen, dass die Kommunikation 
> per E-Mail über das Internet unsicher ist, da für unberechtigte Dritte 
> grundsätzlich die Möglichkeit der Kenntnisnahme und Manipulation besteht
> 
> Important Note: The information contained in this e-mail is confidential. It 
> is intended solely for the addressee. Access to this e-mail by anyone else is 
> unauthorized. If you are not the intended recipient, any form of disclosure, 
> reproduction, distribution or any action taken or refrained from in reliance 
> on it, is prohibited and may be unlawful. Please notify the sender 
> immediately. We also would like to inform you that communication via e-mail 
> over the internet is insecure because third parties may have the possibility 
> to access and manipulate e-mails.
> 

Enable SSL Forward Secrecy

[Julian Zielke]

Hi,

I'm struggeling with enabling SSL forward secrecy in my haproxy 1.7 setup.

So far the global settings look like:

  tune.ssl.default-dh-param 2048 # tune shared secred to 2048bits

  ssl-default-bind-options force-tlsv12 no-sslv3
  ssl-default-bind-ciphers 
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE
  ssl-default-server-options force-tlsv12 no-sslv3
  ssl-default-server-ciphers 
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:AES256+EECDH:AES256+EDH:TLSv1+HIGH:!aNULL:!eNULL:!3DES:!RC4:!CAMELLIA:!DH:!kECDHE:@STRENGTH:!DHE

  ssl-server-verify required
  tune.ssl.cachesize 10
  tune.ssl.lifetime 600
  tune.ssl.maxrecord 1460

and in my https UI I've set:

### ssl forward secrecy tweak
# Distinguish between secure and insecure requests
   acl secure dst_port eq 443

# Mark all cookies as secure if sent over SSL
   rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure

# Add the HSTS header with a 1 year max-age
   rspadd Strict-Transport-Security:\ max-age=31536000 if secure

Still Qualys gives me an A- rating telling me:
The server does not support Forward Secrecy with the reference browsers. Grade 
reduced to A-.

Any clue how to fix this?


  *   Julian



Wichtiger Hinweis: Der Inhalt dieser E-Mail ist vertraulich und ausschlie?lich 
f?r den bezeichneten Adressaten bestimmt. Wenn Sie nicht der vorgesehene 
Adressat dieser E-Mail oder dessen Vertreter sein sollten, so beachten Sie 
bitte, dass jede Form der Kenntnisnahme, Ver?ffentlichung, Vervielf?ltigung 
oder Weitergabe des Inhalts dieser E-Mail unzul?ssig ist. Wir bitten Sie, sich 
in diesem Fall mit dem Absender der E-Mail in Verbindung zu setzen. Wir m?chten 
Sie au?erdem darauf hinweisen, dass die Kommunikation per E-Mail ?ber das 
Internet unsicher ist, da f?r unberechtigte Dritte grunds?tzlich die 
M?glichkeit der Kenntnisnahme und Manipulation besteht

Important Note: The information contained in this e-mail is confidential. It is 
intended solely for the addressee. Access to this e-mail by anyone else is 
unauthorized. If you are not the intended recipient, any form of disclosure, 
reproduction, distribution or any action taken or refrained from in reliance on 
it, is prohibited and may be unlawful. Please notify the sender immediately. We 
also would like to inform you that communication via e-mail over the internet 
is insecure because third parties may have the possibility to access and 
manipulate e-mails.