nginx 1.17.1 configcheck fails if config'd for TLSv1.3-only ?

Maxim Dounin mdounin at mdounin.ru
Fri Jul 19 16:29:41 UTC 2019


Hello!

On Fri, Jul 19, 2019 at 08:39:15AM -0700, PGNet Dev wrote:

> I run nginx
> 
> 	nginx -v
> 		nginx version: nginx/1.17.1
> 
> on linux/64.
> 
> I've installed
> 
> 	which openssl
> 		/usr/local/openssl/bin/openssl
> 	openssl version
> 		OpenSSL 1.1.1c  28 May 2019
> 
> nginx is built with/linked to this version
> 
> 	ldd `which nginx` | grep ssl
> 		libssl.so.1.1 => /usr/local/openssl/lib64/libssl.so.1.1 (0x00007f95bdc09000)
> 		libcrypto.so.1.1 => /usr/local/openssl/lib64/libcrypto.so.1.1 (0x00007f95bd6f9000)
> 
> I'm currently working setting up a local-only server, attempting to get it to use TLSv1.3/CHACHA20 only.
> 
> I've tightened down restrictions in nginx config.
> With my attempted restrictions in place, I've found that I'm apparently NOT using TLSv1.3/CHACHA20.
> 
> With this nginx config
> 
> 	server {
> 
> 		listen 10.0.1.20:443 ssl http2;
> 
> 		server_name test.dev.lan;
> 		root /data/webapps/nulldir;
> 		index index.html;
> 
> 		rewrite_log on;
> 		access_log  /var/log/nginx/access.log main;
> 		error_log   /var/log/nginx/error.log info;
> 
> 		ssl_protocols TLSv1.3 TLSv1.2;
> 		ssl_ciphers "TLS13-CHACHA20-POLY1305-SHA256 TLS13-AES-256-GCM-SHA384 TLS13-AES-128-GCM-SHA256 ECDHE-ECDSA-CHACHA20-POLY1305";

TLS 1.3 ciphers cannot be controlled via the traditional 
SSL_CTX_set_cipher_list() interface - rather, OpenSSL enables all 
TLS 1.3 ciphers unconditionally.  This was done somewhere at 
OpenSSL 1.1.1-pre4 to prevent people from disabling all TLS 1.3 
ciphers by using traditional cipher strings.

(Futher, TLS 1.3 ciphers are named differently, but it doesn't 
really matter as they are not controlled by the ssl_ciphers 
anyway.)

Try

$ openssl ciphers -v <your ssl_ciphers string>

to find out which ciphers will be enabled.

Futher details can be found here:

https://trac.nginx.org/nginx/ticket/1529

[...]

> but the cipher used is
> 
> 	TLS_AES_256_GCM_SHA384
> 
> NOT either of the CHACHA20 options,
> 
> 	TLS-CHACHA20-POLY1305-SHA256 ECDHE-ECDSA-CHACHA20-POLY130

That's expected, as all TLSv1.3 ciphers are enabled, see above.

> And, if I change nginx to be 'TLSv1.3-only',
> 
> -	ssl_protocols TLSv1.3 TLSv1.2;
> -	ssl_ciphers "TLS13-CHACHA20-POLY1305-SHA256 TLS13-AES-256-GCM-SHA384 TLS13-AES-128-GCM-SHA256 ECDHE-ECDSA-CHACHA20-POLY1305";
> +	ssl_protocols TLSv1.3;
> +	ssl_ciphers "TLS13-CHACHA20-POLY1305-SHA256 TLS13-AES-256-GCM-SHA384 TLS13-AES-128-GCM-SHA256";
> 
> even the webserver config check FAILs,
> 
> 	nginxconfcheck
> 		TLS13-AES-128-GCM-SHA256") failed (SSL: error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match)
> 		nginx: configuration file /usr/local/etc/nginx/nginx.conf test failed
> 
> and the server fails to start.

That's because the cipher string listed contains no valid ciphers.

-- 
Maxim Dounin
http://mdounin.ru/


More information about the nginx mailing list