Recommendations: SSL/TLS Protocols and Cipher Suites


There may be broken links in this article, the GROK staff has been notified and is working to resolve the issue.

Note: SSLv3 or older protocols should no longer be used. Use TLS instead.

Recommendations for Microsoft Internet Information Services (IIS):

Changing the SSL Protocols and Cipher Suites for IIS involves making changes to the registry. It is not direct or intuitive. Therefore, instead of repeating already published information, please see the Microsoft TechNet articles below:

Disabling SSLv2, SSLv3, and TLSv1. Contains a Microsoft Fix It to make things simplier:

https://support.microsoft.com/en-us/help/187498/how-to-disable-pct-1.0,-ssl-2.0,-ssl-3.0,-or-tls-1.0-in-internet-information-services
 

Restricting cryptographic algorithms and protocols:

https://support.microsoft.com/en-us/help/245030/how-to-restrict-the-use-of-certain-cryptographic-algorithms-and-protocols-in-schannel.dll
 

Recommendations for Apache/mod_ssl:

High security. TLS1.2 only. Not compatible with some client web browsers:

The SSLProtocol and SSLCipherSuite directives below are meant for high security information exchange between server and client. However, the user will need to use a recent web browser: Firefox > 27, Chrome > 32, IE > 11. This is because the resulting cipher suites require TLSv1.2.
 

SSLProtocol all -TLSv1.1 -TLSv1 -SSLv2 -SSLv3

SSLCipherSuite ALL:+HIGH:!ADH:!EXP:!SSLv2:!SSLv3:!MEDIUM:!LOW:!NULL:!aNULL

SSLHonorCipherOrder on

 
Apache Tomcat Using Java Secure Socket Extension (JSSE):

Apache Tomcat uses JSSE connector by default, as oppose to the Apache Portable Runtime (APR). Below are recommended cipher suites:

ciphers="TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,

TLS_RSA_WITH_AES_128_CBC_SHA,

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,

TLS_RSA_WITH_AES_128_CBC_SHA256,

TLS_RSA_WITH_AES_128_GCM_SHA256,

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,

TLS_RSA_WITH_AES_256_CBC_SHA,

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,

TLS_RSA_WITH_AES_256_CBC_SHA256,

TLS_RSA_WITH_AES_256_GCM_SHA384,

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"

 

Example JSSE Connector settings in $TOMCAT_BASE/conf/server.xml file:

<!-- JSSE Connector -->
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" sslEnabledProtocols="TLSv1.2,TLSv1.1,TLSv1"
               keystoreFile="/path/to/keystore.jks"
               keystorePass="keystorepasswordhere"
               ciphers="TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
                        TLS_RSA_WITH_AES_128_CBC_SHA,
                        TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
                        TLS_RSA_WITH_AES_128_CBC_SHA256,
                        TLS_RSA_WITH_AES_128_GCM_SHA256,
                        TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
                        TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
                        TLS_RSA_WITH_AES_256_CBC_SHA,
                        TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
                        TLS_RSA_WITH_AES_256_CBC_SHA256,
                        TLS_RSA_WITH_AES_256_GCM_SHA384,
                        TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
                        TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
   />

 

Apache Tomcat with Apache Portable Runtime (APR) Connector:

SSLProtocol="all -SSLv2 -SSLv3"
SSLCipherSuite="ALL:+HIGH:+TLSv1:!DH:!ADH:!EXP:!SSLv2:!MEDIUM:!LOW:!NULL:!aNULL"
SSLHonorCipherOrder="on"
 

Example APR Connector settings in $TOMCAT_BASE/conf/server.xml file:

<!--APR connector-->
      <Connector protocol="org.apache.coyote.http11.Http11AprProtocol"
                 port="8443" maxHttpHeaderSize="8192"
                 maxThreads="150"
                 enableLookups="false" disableUploadTimeout="true"
                 acceptCount="100" scheme="https" secure="true"
                 SSLEnabled="true"
                 SSLCertificateFile="/path/to/certificate.cer"
                 SSLCertificateKeyFile="/path/to/private.key"
                 SSLCertificateChainFile="/path/to/intermediate/certificate/bundle.cer"
                 SSLProtocol="all -SSLv2 -SSLv3"
                 SSLCipherSuite="ALL:+HIGH:+TLSv1:!DH:!ADH:!EXP:!SSLv2:!MEDIUM:!LOW:!NULL:!aNULL"   
                 SSLHonorCipherOrder="on"
 />

 

Further Reading:

To test your web server's SSL configuration, please visit:

https://www.ssllabs.com/ssltest/
 

For more information, please visit the office Apache mod_ssl documentations:

Apache 2.2: http://httpd.apache.org/docs/2.2/mod/mod_ssl.html

Apache 2.4: http://httpd.apache.org/docs/current/mod/mod_ssl.html
 

For more information regarding Transport Layer Security (TLS) as well as a compiled list of supported web browsers, please see this Wikipedia article:

https://en.wikipedia.org/wiki/Transport_Layer_Security

17596
4/9/2019 7:13:01 AM