This is a personal technical note for SSL certificate setup, ensuring better scores at SSL Labs so that we have a better Internet security for our own.
I use the built-in script provided from RHEL/CentOS to generate a private key. The location is under /etc/ssl/cert, by typing
make site.key
It will generate a private key. Its actual command is:
openssl genrsa -aes128 2048
You can adjust the key size for your own needs, but at least 2048 is needed for a relatively secure certificate.
Then we make its CSR by typing:
make site.csr
The actual command is:
openssl req -new -key site.key -out site.csr -aes256
The name site must be the same as the key name for the script to work. You can now copy and paste the CSR to whoever your trusted SSL Certificate Provider to sign. It doesn’t matter who choose to sign it as long as your user and you trust it, therefore I used CACert.org
Before we do anything else, we need to generate a different DH param. Let’s cd into /etc/nginx/ssl (or whatever you prefer), and do the following command:
openssl dhparam -out dhparams.pem 2048
Now we generate a custom DH param for securer DH. In the configuration next, we will use it.
Next, we need to setup a website that runs on SSL. Choosing the cipher is the most important part that prevents most of the crackers cracking decipher your server’s communication. The httpd side of software I choose is nginx, I like its versatility and efficiency.
Inside the server block, we must have the following lines:
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256: DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA"; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:50m; ssl_session_timeout 5m; ssl_dhparam /etc/nginx/ssl/dhparams.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;"; # includeSubdomains only needed for the whole site encryption. You may or may not need it. # The following settings only works with CA certified certs, not self-signed certs. ssl_stapling on; resolver 8.8.8.8; ssl_trusted_certificate /etc/nginx/ssl/root.crt; # Your CA Root cert.
The main purpose of Line 1 is to stop accepting requests from insecure protocols such as SSLv2, Line 2 restricts the cipher we will be using, and stop some insecure ciphers such as MD5 and RC4. If we add RC4 back on the list, we eliminate the chance to get BEAST attack, but will suffer RC4 attack. By removing RC4, some of the older browsers will not support visiting the website and possible to suffer BEAST attack. The future trend is, RC4 attack will get more sophisticated, and chance of BEAST attack will get smaller, I’d recommend to remove RC4 from the list.
Line 4 and 5 are for the SSL reuse, this can improve the performance. Line 6, 7, 8 are related to OCSP stapling, it enables the server to check the OCSP status, which can check the revocation of the certificates. The root.crt is the Class 1 PKI key of your CA.
Go to SSLLabs for a test, you might get an A+ if your signing authority is trusted!
Read more:
http://crypto.stackexchange.com/questions/8933/how-can-i-use-ssl-tls-with-perfect-forward-secrecy
https://community.qualys.com/blogs/securitylabs/2013/08/05/configuring-apache-nginx-and-openssl-for-forward-secrecy
http://googleonlinesecurity.blogspot.co.uk/2014/08/https-as-ranking-signal_6.html
https://istlsfastyet.com/?utm_source=wmx_blog&utm_medium=referral&utm_campaign=tls_en_post
http://chimera.labs.oreilly.com/books/1230000000545/ch04.html#TLS_RECORD_SIZE
https://gist.github.com/plentz/6737338
http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_trusted_certificate
http://nginx.com/blog/nginx-poodle-ssl/
https://weakdh.org/sysadmin.html
Changelog:
2014.08.13 – Added 3DES back to cipher suites for Windows XP compability.
2014.10.17 – SSLv3 support is removed (POODLE). Strict Transport Security is added.
2015.03.03 – RC4 removed and banned.
2015.06.02 – Update DH strength