Saturday, 13 September 2014

How to configure your server for SSL/TLS HTTPS (Linux/RedHat/Fedora)



Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are modern technologies to secure communication between different systems.

Hyper Text Transfer Protocol (HTTP) in versions 1.1 and older was making encryption optional but HTTP 2.0 will require use of TLS.

A commonly referred to as SSL server can be set using Apache HTTP server in combination with mod_ssl and the OpenSSL toolkit.
Installation . On Red/Hat systems : yum install mod_ssl openssl

This will create the mod_ssl configuration file at /etc/httpd/conf.d/ssl.conf
In the Internet Protocol Suite, TLS and SSL encrypt the communication in the application layer. In OSI TLS/SSL is initialized at layer 5 (session) and works at layer 6 (presentation). The session layer establish cipher settings with an asymetric cipher and a shared key for that session then the presentation layer encrypts with a symetric cipher that session key. TLS is an Internet Engineering Task Force (IETF) standard protocol, designed to prevent eavesdropping and tampering.

SSL/TLS Keys and Certificates :



SSL/TLS uses certificates to identify the connections. You can generate your own certificate or get it from a Certification Authority. Authority Certificates are often issued for a particular IP adress and domain name, sometimes, in the case of VeriSign also with a running software parameter to define the certificate properties so if you change IP or name or modify your software configuration you will have to ask for another certificate.


The Public Key Infrastructure access-list is stored in the PKI folder /etc/pki/ - especially for TLS in : /etc/pki/tls/

/etc/pki/tls/private/
/etc/pki/tls/certs/

The directory /etc/pki/ca-trust/extracted/openssl/ contains CA certificate bundle files which are automatically created based on the information found in the /usr/share/pki/ca-trust-source/ and /etc/pki/ca-trust/source/
directories.

If you wish to use an existing key and certificate, move the relevant files to the /etc/pki/tls/private/ and/etc/pki/tls/certs/ directories respectively.
:
~]# mv key_file.key /etc/pki/tls/private/hostname.key
~]# mv certificate.crt /etc/pki/tls/certs/hostname.crt

Then add the following lines to the /etc/httpd/conf.d/ssl.conf configuration file:

SSLCertificateFile /etc/pki/tls/certs/hostname.crt
SSLCertificateKeyFile /etc/pki/tls/private/hostname.key

Restart the httpd service

To Generate your own certificates, run the command : # openssl genrsa -out ca.key 2048
root@localhost Documents# openssl genrsa -out ca.key 2048

Generating RSA private key, 2048 bit long modulus
..........................................+++
............................+++
e is 65437 (0x01001)

Now Copy all certifates and keys to /etc/pki/tls/ folders
[root@system ~]# cp ca.crt /etc/pki/tls/certs
[root@system ~]# cp ca.key /etc/pki/tls/private/ca.key
[root@system ~]# cp ca.csr /etc/pki/tls/private/ca.csr
Correct SELinux Contexts : [root@system ~]# restorecon -RvF /etc/pki Now Open SSL.conf file to configure the APACHE SSL and replace the certificate / key paths : [root@opensourceeducation ~]# vi +/SSLCertificateFile /etc/httpd/conf.d/ssl.conf

ssl.conf example configuration file Linux RedHat / Fedora

Listen 443 https
SSLRandomSeed startup file:/dev/urandom 512
<VirtualHost _default_:443>
DocumentRoot "/var/www/html"
ServerName newgoogle.org:443
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel Debug
SSLEngine on
SSLProtocol +SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2
SSLCipherSuite HIGH:!aNULL:!MD5
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
#SSLVerifyClient require
#SSLVerifyDepth 10


SSL/TLS Algorithms



SSL 2.0 is out-passed, SSL 3.0 served as base for development of TLS 1.0, 1.1, 1.2. This definition : SSLProtocol +SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2 gives accesses to a wide range of current protocols but recent attacks modes like BEAST attacks can break SSL3.0/TLS1.0. Forward Secrety seems to be te most secured protocol in use today.

The line :
SSLCipherSuite HIGH:!aNULL:!MD5
defines strong encryption only for the ciphering
While with the following command you can specify specific speed-optimized ciphers depending on your clients

 SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5
SSLHonorCipherOrder on

SSL/TLS Attacks Types

SSL/TLS Attacks Types Table :

Renegotiation attack
Vulnerability of the renegotiation procedure
plain text injection of SSH sessions allowing an attacker to splice their own requests into the beginning of the conversation the client has with the web server. No decryption from the communication. Different from a typical man-in-the-middle attack.
Fix : RFC 5746

Version rollback attacks

 Modifications to the client cipher suite to get a weaker certificate. Protocols, like snap start or False Start (used in Google Chrome) allowed modification to the cipher suite list sent by the client to the server.

BEAST attack

 BEAST (Browser Exploit Against SSL/TLS) using a Java program CBC (cipher block Chaining) vulnerability in TLS1.0 fixed in TLS1.1

CRIME and BREACH attacks

 CRIME attack allow an attacker to recover the content of cookies when HTTP compression is used along with TLS to perform web session hijacking.
BREACH based on the CRIME attack can extract login tokens, email addresses or other sensitive information from TLS encrypted web traffic. CRIME can be fixed by turning off HTTP compression or SPDY header. BREACH exploits HTTP compression which cannot be turned really off, as many WWW servers use it to improve their own performance. This is a known limitation of TLS as it is susceptible to chosen-plaintext attack against the application-layer data.

Padding attacks

 Earlier TLS versions were vulnerable against the padding oracle attack discovered in 2002. A novel variant, called the Lucky Thirteen attack, was published in 2013. As of February 2013, TLS implementors were still working on developing fixes to protect against this form of attack.

RC4 attack

 new attacks disclosed in March 2013 allowed RC4 in TLS to be feasibly completely broken. In 2011 the RC4 suite was actually recommended as a work around for the BEAST attack.

Truncation attack

 A TLS truncation attack blocks a victim's account logout requests so that the user unknowingly remains logged into a web service. When the request to sign out is sent, the attacker injects an unencrypted TCP FIN message (no more data from sender) to close the connection. The server therefore doesn't receive the logout request and is unaware of the abnormal termination.[126]

Heartbleed Bug

 The Heartbleed bug was a serious vulnerability in OpenSSL affecting versions 1.0.1 to 1.0.1f. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the data payloads.



SSL/TLS Useful Websites


 http://httpd.apache.org/
http://www.modssl.org/
http://www.openssl.org/





Posted by at
Labels: , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)