Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.
On my current project, we have a requirement that we're using Transport Layer Security (TLS) 1.2 to encrypt connections "over the wire".Therefore, I started digging into the configuration for the web server component of our infrastructure ( IBM HTTP Server 8.5.5.5 ).This page was immensely useful in this regard: -IBM HTTP SSL Server Questions and AnswersThis is what I initially had in httpd.conf : -...ServerName bpm856.uk.ibm.com:8080LoadModule ibm_ssl_module modules/mod_ibm_ssl.soListen 8443SSLProtocolDisable SSLv2 SSLv3 TLSv10 TLSv11SSLEnableKeyFile /opt/IBM/HTTPServer/ssl/keystore.kdbSSLDisable...However, when I tested the connection using Chrome 43.0.2357.81, this is what I saw: -To quote: -Your connection to bam856.uk.ibm.com is encrypted with obsolete cryptography.The connection uses TLS 1.2.The connection is encrypted and authenticated using AES_128_GCM and uses RSA as the key exchange mechanism.I did some digging about, and found this post on StackExchange: -Google Chrome “Your connection to website is encrypted with obsolete cryptography”which said, in part: -...Your exact case is that RSA is used as the key exchange mechanism. Instead, you should use DHE_RSA or ECDHE_RSA.To remove the 'obsolete' requirement, you'll need to get 'modern' cryptography which is defined as: TLS 1.2 or QUIC (protocol) AES_128_GCM or CHACHA20_POLY1305 (cipher) DHE_RSA or ECDHE_RSA or ECDHE_ECDSA (key exchange)....Reading through the aforementioned IHS Q&A, I found this: -Does IHS support perfect forward secrecy (PFS)?... IHS 8.0.0.6/8.5.0.2 and later support ECDHE ciphers and keys. These ciphers provide PFS, but must be manually enabled through the SSLCipherSpec directive.Note that IHS cannot switch between an RSA and ECDSA certificate based on client capabilities, and most generally available clients don't support ECDSA, so ECDHE-ECDSA ciphers should be used with care.Example configurations: #Allow ECDHE-RSA ciphers, but do not prefer them SSLCipherSpec TLSv12 +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 SSLCipherSpec TLSv12 +TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 SSLCipherSpec TLSv12 +TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 SSLCipherSpec TLSv12 +TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384...Using this, I amended my httpd.conf as follows: -...ServerName bpm856.uk.ibm.com:8080LoadModule ibm_ssl_module modules/mod_ibm_ssl.soListen 8443SSLProtocolDisable SSLv2 SSLv3 TLSv10 TLSv11SSLCipherSpec ALL NONESSLCipherSpec TLSv12 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256SSLCipherSpec TLSv12 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256SSLCipherSpec TLSv12 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384SSLCipherSpec TLSv12 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384SSLCipherSpec ALL TLS_RSA_WITH_AES_128_GCM_SHA256SSLCipherSpec ALL TLS_RSA_WITH_AES_256_GCM_SHA384SSLCipherSpec ALL TLS_RSA_WITH_AES_128_CBC_SHA256SSLCipherSpec ALL TLS_RSA_WITH_AES_256_CBC_SHA256SSLCipherSpec ALL TLS_RSA_WITH_AES_128_CBC_SHASSLCipherSpec ALL TLS_RSA_WITH_AES_256_CBC_SHASSLCipherSpec ALL SSL_RSA_WITH_3DES_EDE_CBC_SHASSLEnable...and now, after a restart, Chrome is happy with IHS: -Your connection to bam856.uk.ibm.com is encrypted with modern cryptography.The connection uses TLS 1.2.The connection is encrypted and authenticated using AES_128_GCM and uses ECDHE_RSA as the key exchange mechanism.Obviously I do need to remember the point that the Q&A made: -... Note that IHS cannot switch between an RSA and ECDSA certificate based on client capabilities, and most generally available clients don't support ECDSA, so ECDHE-ECDSA ciphers should be used with care....so I'll review this with my client's security team.
Copy