I'm trying to improve our grade on SSL Labs SSL server test[1] for our
Tomcat configuraton. Currently, their report caps our grade at B because,
"This server does not support Authenticated encryption (AEAD) cipher
suites". They report that we support the following cipher suites:
# TLS 1.2
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
# TLS 1.1
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
I'm not sure why SSL Labs is seeing such a limited set of ciphers. We are
using Java 1.8.0_162, and I believe we have the Java Cryptography
Extension (JCE) properly installed. I have the following connector
defined (this version explicitly lists ciphers I think should satisfy the
AEAD cipher requirement[2]):
<Connector protocol="org.apache.coyote.http11.Http11NioProtocol"
address="0.0.0.0"
port="8443"
maxThreads="500"
maxPostSize="100000"
scheme="https" secure="true"
defaultSSLHostConfigName="foo.example.edu"
SSLEnabled="true" >
<SSLHostConfig hostName="foo.example.edu"
protocols="TLSv1.1+TLSv1.2+TLS1.3"
certificateVerification="none"
honorCipherOrder="true"
ciphers="HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK
:!TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
:!TLS_DHE_RSA_WITH_AES_128_CBC_SHA
:!TLS_DHE_RSA_WITH_AES_256_CBC_SHA
:!TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
:!TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
:!TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
:!TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
:!TLS_RSA_WITH_AES_128_CBC_SHA
:!TLS_RSA_WITH_AES_256_CBC_SHA
:!TLS_RSA_WITH_AES_128_CBC_SHA256
:!TLS_RSA_WITH_AES_256_CBC_SHA256
:!TLS_RSA_WITH_AES_128_GCM_SHA256
:!TLS_RSA_WITH_AES_256_GCM_SHA384
:!TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
:!TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
:TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
:TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
:TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
:TLS_DHE_RSA_WITH_AES_128_CBC_SHA
:TLS_DHE_RSA_WITH_AES_256_CBC_SHA
:TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
:TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" >
<Certificate certificateKeystoreType="pkcs12"
certificateKeystoreFile="/home/cas/keystore/foo.pkcs12.keystore" >
</Certificate>
</SSLHostConfig>
</Connector>
I've mapped the cipher suite names using the OpenSSL cipher suite name
list[3]. I originally started with
ciphers="HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK", but had the same
result, so subsequently tried adding the specific ciphers shown above. The
tomcat SSLHostConfig docs state that either the OpenSSL or JSSE cipher
names may be used[4].
Any suggestions on what I may be doing wrong or for further troubleshooting?
References:
[1] <https://www.ssllabs.com/ssltest/analyze.html>
[2]
<https://github.com/ssllabs/research/wiki/SSL-and-TLS-Deployment-Best-Practices#23-use-secure-cipher-suites>
[3]
<https://www.openssl.org/docs/manmaster/man1/ciphers.html#CIPHER-SUITE-NAMES>
[4]
<https://tomcat.apache.org/tomcat-8.5-doc/config/http.html#SSL_Support_-_SSLHostConfig>
--
Baron Fujimoto <ba...@hawaii.edu> :: UH Information Technology Services
minutas cantorum, minutas balorum, minutas carboratum desendus pantorum
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
