Opened 10 years ago

Closed 10 years ago

#619 closed enhancement (invalid)

Qualys SSL Forward Secrecy validation test pass

Reported by: Owned by:
Priority: minor Milestone:
Component: nginx-module Version: 1.6.x
Keywords: Cc:
uname -a: Linux 3.2.0-4-amd64 #1 SMP Debian 3.2.46-1+deb7u1 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.6.1
built by gcc 4.7.2 (Debian 4.7.2-5)
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/ --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-mail --with-mail_ssl_module --with-file-aio --with-http_spdy_module --with-cc-opt='-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-z,relro -Wl,--as-needed' --with-ipv6


The default SSL ciphers suite used in nginx does not allow the following test to pass the Forward Secrecy step (effectively reducing the max grade to A-):

With only little modifications made to the default ciphers list used by nginx, I was able to overcome that problem:

ssl_ciphers HIGH:!aNULL:!MD5:TLS_RSA_WITH_AES_128_CBC_SHA256;
(That is, default ssl_ciphers with ':TLS_RSA_WITH_AES_128_CBC_SHA256')

By the way, why not activating server-side cipher preferences by default?
ssl_prefer_server_ciphers on;

Change History (1)

comment:1 by Maxim Dounin, 10 years ago

Resolution: invalid
Status: newclosed

The AES128-SHA256 cipher (note that TLS_RSA_WITH_AES_128_CBC_SHA256 isn't the name OpenSSL, and hence nginx, will recognize, so adding it to the ciphers list does nothing) is included into the default. Moreover, it doesn't provide forward secrecy. Most likely you've misinterpreted your SSL Labs results. Try openssl ciphers for details on ciphers used with various cipher list strings.

As for ssl_prefer_server_ciphers, the default assumes that all allowed ciphers are acceptable from server point of view, and any of them can be used by clients - and this basically matches the default used for ssl_ciphers, which is more or less unsorted. Switching on ssl_prefer_server_ciphers makes sense in case of carefully crafted ssl_ciphers list, but not with the default one.

For further question, please use mailing list. Thank you.

Note: See TracTickets for help on using tickets.