Httpd perfect forward secrecy
Hi, I've just switched my webserver from 5.6/nginx to 5.7/httpd and was testing my TLS setup using SSL Labs[1]. The SSL Labs test indicates that my setup doesn't support forward secrecy. Is this not implemented in the 5.7 version of httpd or is my configuration wrong (included below)? OS: OpenBSD 5.7-stable AMD64 Kind regards, Martijn Rijkeboer --- /etc/httpd.conf --- ext_addr=* server www.bunix.org { listen on $ext_addr tls port 443 tls certificate /etc/ssl/www.bunix.org.crt.pem tls key /etc/ssl/private/www.bunix.org.key.pem connection { max requests 500 timeout 3600 } root /htdocs/www.bunix.org } types { include /usr/share/misc/mime.types } - [1] https://www.ssllabs.com/ssltest/
Re: Httpd perfect forward secrecy
I've just switched my webserver from 5.6/nginx to 5.7/httpd and was testing my TLS setup using SSL Labs[1]. The SSL Labs test indicates that my setup doesn't support forward secrecy. Is this not implemented in the 5.7 version of httpd or is my configuration wrong (included below)? In my previous message I have forgotten to mention that I also tried setting tls dhe to auto, but that didn't help either. Kind regards, Martijn Rijkeboer
Re: Httpd perfect forward secrecy
On Mon, May 18, 2015 at 07:43:26PM +0200, Martijn Rijkeboer wrote: Hi, I've just switched my webserver from 5.6/nginx to 5.7/httpd and was testing my TLS setup using SSL Labs[1]. The SSL Labs test indicates that my setup doesn't support forward secrecy. Is this not implemented in the 5.7 version of httpd or is my configuration wrong (included below)? OS: OpenBSD 5.7-stable AMD64 Kind regards, Martijn Rijkeboer We disabled older cipher suites and protocols by default. Any new-ish browser should prefer ECDHE over DHE. From httpd.conf: ---snip--- dhe params Specify the DHE parameters to use for DHE cipher suites. Valid parameter values are none, legacy and auto. For legacy a fixed key length of 1024 bits is used, whereas for auto the key length is determined automatically. The default is none, which disables DHE cipher suites. ecdhe curve Specify the ECDHE curve to use for ECDHE cipher suites. Valid parameter values are none, auto and the short name of any known curve. The default is auto. ---snap--- So if your really want to enable legacy DHE modes, set the following in the server section: tls dhe legacy Reyk --- /etc/httpd.conf --- ext_addr=* server www.bunix.org { listen on $ext_addr tls port 443 tls certificate /etc/ssl/www.bunix.org.crt.pem tls key /etc/ssl/private/www.bunix.org.key.pem connection { max requests 500 timeout 3600 } root /htdocs/www.bunix.org } types { include /usr/share/misc/mime.types } - [1] https://www.ssllabs.com/ssltest/ --
Re: Httpd perfect forward secrecy
On Mon, May 18, 2015 at 07:43:26PM +0200, Martijn Rijkeboer wrote: Hi, I've just switched my webserver from 5.6/nginx to 5.7/httpd and was testing my TLS setup using SSL Labs[1]. The SSL Labs test indicates that my setup doesn't support forward secrecy. Is this not implemented in the 5.7 version of httpd or is my configuration wrong (included below)? We disabled older cipher suites and protocols by default. Any new-ish browser should prefer ECDHE over DHE. Thank you very much for your explanation. SSL labs flags this webserver as not supporting Forward Secrecy with the reference browsers, because one of the reference browsers doesn't work (IE 8-10 / Win 7). Since none of my users uses that browser I will stick to the sane defaults. So if your really want to enable legacy DHE modes, set the following in the server section: tls dhe legacy This doesn't help either, but as explained above that's no problem for me. Kind regards, Martijn Rijkeboer