Shulou(Shulou.com)05/31 Report--

This article is to share with you about the SSL certificate security and compatibility configuration guide is how, the editor feels very practical, so share with you to learn, I hope you can get something after reading this article, say no more, follow the editor to have a look.

I. SSL protocol selection

1, using only the security protocol versions TLSv1.1 and TLSv1.2.

Take apache as an example, check the apache configuration file, find the SSLProtocol field, and remove the comments before SSLProtocol All-SSLv2-SSLv3-TLSv1 (or you can write it yourself).

2. If you need to make the website support some old browsers or operating systems, please type SSLProtocol All-SSLv2-SSLv3.

Second, the necessity of banning the use of RC4 cipher suites

On March 26th, Itsik Mantin, a researcher of Imperva, a foreign data security company, published a paper "Attacking SSL when using RC4" in BLACK HAT ASIA 2015 to describe the attack using the 13-year-old RC4 vulnerability-invariant weak key ("Weakness in the Key Scheduling Algorithm of RC4", FMS published in 2001), and named it "Bar Mitzvah Attack". According to the description in "Attacking SSL when using RC4", the main cause of the vulnerability is that the invariant weak key is an L-shaped figure in the RC4 key. Once it exists in the RC4 key, it maintains the integrity of the state transition during the whole initialization process. This complete part includes the least significant bits in the replacement process, which, when processed by the RPGA algorithm, determines the least significant bits of the pseudorandom output stream. These deviated stream bytes are XOR with plaintext, resulting in the disclosure of important plaintext information in ciphertext.

After balancing compatibility and security, some treasure made a way to retain the RC4 cipher suite:

If your server needs to support antique browsers such as IE6, then you can support the SSLv3 version protocol. If there is no great demand for compatibility, as long as mainstream browsers can access it, then do not support 3DES series cipher suites. If you want to ensure security, you can also have the best compatibility, then you can use TLS1.x protocol + FS cipher suite configuration.

Take the compatibility of Baidu website as an example:

Here are three cipher suite configuration methods from low security to high security and high compatibility to low compatibility:

Ssl_ciphers ECDHEFuRSAHA128GCMMUE SHA256-ECDHHEV-ECDHHV-HIGHV-Null-LV-null-LLD-MD5-CDH-CDH-SSLv3 TLSv1 TLSv1.1 TLSv1.2;ssl_ciphers-ECDHACHA20-SSLv3 TLSv1 TLSv1.1 TLSv1.2;ssl_ciphers ECDH-CHCHACHA20-EECDH-AES128-RSAE128-EECDH-AES256-- RSAE256-DEEECDH3DESVERMDMD5Sslopes-TLSv1 TLSv1.1 TLSv1.2;ssl_ciphers EECDHMCHACHA20EECHACHA20ARCHACHA20RES128SAE128SAE128EECDHA128ECDHES258RES253DEEECDH3DESERMMD5slices, PCI DSS compliance requirements

The PCI Safety Standards Committee stipulates that turning on TLS1.0 after June 30, 2018 will result in PCI DSS non-compliance. PCI DSS, full name Payment Card Industry Data Security Standard, third-party payment industry data security standard, is formulated by the PCI Security Standards Committee, to enable the international adoption of consistent data security measures.

As early as June 30 last year, the PCI Security Standards Committee officially published a blog post on June 30, 2018 (the latest), that is, at the end of this month, disable early SSL/TLS and implement a more secure encryption protocol (TLS v1.1 or later, it is strongly recommended to use TLS v1.2) to meet the requirements of the PCI data security standard, thus protecting payment data.

Therefore, for payment websites, it is important to improve security and comply with PCI DSS compliance requirements.

Solution: disable TLS1.0 after evaluating compatibility.

Taking the apache configuration as an example, the SSL protocol can be set as follows:

Ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3

In the future, the security rating will also downgrade TLS1.0 appropriately. After assessing the impact of compatibility, it is still recommended that everyone close TLS1.0. Now that TLS1.3 has come out, the mainstream in the future should be TLS1.2+TLS1.3.

Reference for turning off TLS1.0 compatibility: most of them are not supported by built-in browsers on older systems, and the Chrome, Firefox and domestic browsers used by mainstream users are basically compatible.

Fourth, priority to use FS cipher suite setting method

If the server does not specify FS series cipher suite priority, it will be degraded accordingly:

Solution: take apche configuration as an example, open the apache configuration file httpd.conf, and open or add the field SSLHonorCipherOrder on. After the FS series cipher suite is set, the server sequence takes effect first:

Fifth, the solution to the downgrade caused by the lack of certificate chain

Problem: recently, some people reported that their domain name appeared in the MySSL test report:

I wonder why it will be downgraded to B just because the certificate chain is incomplete. Then let's briefly explain here.

Browser handling: modern browsers have the function of automatically downloading certificates, but many browsers use the built-in certificate store after installation. If your missing CA certificate does not exist in the system's built-in certificate store, the user will display the following situation when visiting the website for the first time: (take Chrome as an example)

Even if your certificate is indeed trusted, it will still appear to be untrusted, and visiting the site will not appear trusted until the browser automatically downloads the missing CA certificate from the Internet and installs the call.

And all the above issues, Anxin certificate will be combined with the nature of the website, make the best choice, fully balance the security and compatibility of the website, and bring you a "ultra-thin and secure" new experience.

Take the installation of certificates on the official website of Anxin Certificate as an example. After evaluating the compatibility and security, we adopted TLSv1.0+TLSv1.1+TLSv1.2 's SSL protocol, the security cipher suite uses a cipher suite without RC4, and gives priority to the use of FS series cipher suites. Through the myssl official website test, except for the XP system IE6 browser does not support, the rest are supported, and the security has also been greatly improved, the security assessment is A level.

These are the security and compatibility configuration guidelines for SSL certificates. The editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.