how to deny the SSL v2.0 handshake when SSL v2.0 is disabled
Igor Sysoev
igor at sysoev.ru
Thu Jul 1 09:26:10 MSD 2010
On Wed, Jun 30, 2010 at 04:21:25PM -0400, Calomel Org wrote:
> Is there any way to completely disable the SSL v2.0 handshake when SSL
> v2.0 support is disabled in nginx.conf ?
>
> This is the SSL configuration used and only TLSv1 is enabled in
> "ssl_protocols".
>
> ## Nginx SSL (FIPS 140-2 experimental)
> ssl on;
> ssl_certificate /ssl_keys/host.org_ssl.crt;
> ssl_certificate_key /ssl_keys/host_ssl.key;
> ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA;
> ssl_dhparam /ssl_keys/host_dh.pem;
> ssl_prefer_server_ciphers on;
> ssl_protocols TLSv1;
> ssl_session_cache shared:SSL:10m;
> ssl_session_timeout 5m;
>
> The reason this question has come up is SSL Labs has recently been in
> the news promoting a tool to check the compliance of a SSL server. We
> thought we would check our host and we ranked at the very top (93%) of
> the "Recent Best-Rated". The testing site can be found here:
>
> https://www.ssllabs.com/ssldb/index.html
>
> When we checked our server (https://calomel.org) with their tool it
> reported "SSL 2.0+ Upgrade Support" was enabled. We used the OpenSSL
> binary on the command line and found SSLv2 and SSLv3 are definitely
> turned off as Nginx denied the use of these protocols. Only TLSv1 was
> allowed.
>
> The problem is the SSLv2 upgrade support handshake is somehow accepted
> according to SSL Labs. I am not sure how to verify this handshake
> myself.
>
> According to SSL Labs "SSL 2.0+ Upgrade Support" means, "...the server
> supports SSLv2 handshake, even though it may not support SSLv2 itself.
> Essentially it's an optimization. Instead of a client first requesting
> SSLv2 (with a SSLv2 handshake) and failing (if the server does not
> support it), then having to request SSLv3 or better (with a SSLv3
> handshake), the client can use the SSLv2 handshake to indicate support
> for newer protocols." The full news group thread containing this quote
> can be found at:
>
> http://sourceforge.net/mailarchive/forum.php?thread_name=20100629171623.43012oj4b2hgrzi8%40webmail.mxes.net&forum_name=ssllabs-discuss
>
> Lastly, in order for a server to be considered "FIPS 140-2 Compliant"
> it must not respond to any SSLv2 or SSLv3 protocol requests. Only
> TLSv1 (version 1.0 to 1.2) are accepted.
>
> We appreciate any help, suggestions or clarification.
As I understand OpenSSL sources it disables SSL 2.0+ upgrade support,
only if FIPS is enabled. If you built OpenSSL with FIPS support,
then add in openssl.cnf:
openssl_conf = openssl_options
[ openssl_options ]
alg_section = algs
[ algs ]
fips_mode = yes
--
Igor Sysoev
http://sysoev.ru/en/
More information about the nginx
mailing list