Httpd perfect forward secrecy
Hi,
I've just switched my webserver from 5.6/nginx to 5.7/httpd and was
testing my TLS setup using SSL Labs[1]. The SSL Labs test indicates that
my setup doesn't support forward secrecy. Is this not implemented in
the 5.7 version of httpd or is my configuration wrong (included below)?
OS: OpenBSD 5.7-stable AMD64
Kind regards,
Martijn Rijkeboer
--- /etc/httpd.conf ---
ext_addr=*
server www.bunix.org {
listen on $ext_addr tls port 443
tls certificate /etc/ssl/www.bunix.org.crt.pem
tls key /etc/ssl/private/www.bunix.org.key.pem
connection {
max requests 500
timeout 3600
}
root /htdocs/www.bunix.org
}
types {
include /usr/share/misc/mime.types
}
-
[1] https://www.ssllabs.com/ssltest/
Re: Httpd perfect forward secrecy
I've just switched my webserver from 5.6/nginx to 5.7/httpd and was testing my TLS setup using SSL Labs[1]. The SSL Labs test indicates that my setup doesn't support forward secrecy. Is this not implemented in the 5.7 version of httpd or is my configuration wrong (included below)? In my previous message I have forgotten to mention that I also tried setting tls dhe to auto, but that didn't help either. Kind regards, Martijn Rijkeboer
Re: Httpd perfect forward secrecy
On Mon, May 18, 2015 at 07:43:26PM +0200, Martijn Rijkeboer wrote:
Hi,
I've just switched my webserver from 5.6/nginx to 5.7/httpd and was
testing my TLS setup using SSL Labs[1]. The SSL Labs test indicates that
my setup doesn't support forward secrecy. Is this not implemented in
the 5.7 version of httpd or is my configuration wrong (included below)?
OS: OpenBSD 5.7-stable AMD64
Kind regards,
Martijn Rijkeboer
We disabled older cipher suites and protocols by default. Any new-ish
browser should prefer ECDHE over DHE.
From httpd.conf:
---snip---
dhe params
Specify the DHE parameters to use for DHE cipher suites.
Valid parameter values are none, legacy and auto. For
legacy a fixed key length of 1024 bits is used, whereas
for auto the key length is determined automatically. The
default is none, which disables DHE cipher suites.
ecdhe curve
Specify the ECDHE curve to use for ECDHE cipher suites.
Valid parameter values are none, auto and the short name
of any known curve. The default is auto.
---snap---
So if your really want to enable legacy DHE modes, set the following
in the server section:
tls dhe legacy
Reyk
--- /etc/httpd.conf ---
ext_addr=*
server www.bunix.org {
listen on $ext_addr tls port 443
tls certificate /etc/ssl/www.bunix.org.crt.pem
tls key /etc/ssl/private/www.bunix.org.key.pem
connection {
max requests 500
timeout 3600
}
root /htdocs/www.bunix.org
}
types {
include /usr/share/misc/mime.types
}
-
[1] https://www.ssllabs.com/ssltest/
--
Re: Httpd perfect forward secrecy
On Mon, May 18, 2015 at 07:43:26PM +0200, Martijn Rijkeboer wrote: Hi, I've just switched my webserver from 5.6/nginx to 5.7/httpd and was testing my TLS setup using SSL Labs[1]. The SSL Labs test indicates that my setup doesn't support forward secrecy. Is this not implemented in the 5.7 version of httpd or is my configuration wrong (included below)? We disabled older cipher suites and protocols by default. Any new-ish browser should prefer ECDHE over DHE. Thank you very much for your explanation. SSL labs flags this webserver as not supporting Forward Secrecy with the reference browsers, because one of the reference browsers doesn't work (IE 8-10 / Win 7). Since none of my users uses that browser I will stick to the sane defaults. So if your really want to enable legacy DHE modes, set the following in the server section: tls dhe legacy This doesn't help either, but as explained above that's no problem for me. Kind regards, Martijn Rijkeboer
