Welcome! Log In Create A New Profile

Advanced

Re: "A" Grade SSL/TLS with Nginx and StartSSL

Piotr Sikora
October 15, 2013 12:40AM
Hi Julien,

> I spent some time hacking on my SSL conf recently. Nothing new, but I
> figured I'd share it with the group:
> https://jve.linuxwall.info/blog/index.php?post/2013/10/12/A-grade-SSL/TLS-with-Nginx-and-StartSSL
>
> Feel free to comment here.

> a few pointers for configuring state-of-the-art TLS on Nginx.

Far from it, from the top:

> build_static_nginx.sh

You should be using:

--with-openssl=../openssl-1.0.1e
--with-openssl-opt="enable-ec_nistp_64_gcc_128"

instead of compiling OpenSSL yourself and playing with CFLAGS & LDFLAGS.

> listen 443;
> ssl on;

That's deprecated syntax, you should be using:

listen 443 ssl;

> ssl_dhparam /path/to/dhparam.pem;

While there is nothing wrong with it per se, DH params are only used
by DHE, which is simply too slow to be used.

> ssl_session_timeout 5m;

Not only doesn't it change anything (5m is the default value), but
it's way too low value to be used.

Few examples from the real world:

Google : 28h
Facebook : 24h
CloudFlare: 18h
Twitter : 4h

> ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

SSLv3 is still out there, so you shouldn't be dropping support for it
unless you know the consequences very well... This definitely
shouldn't be a general recommendation.

> ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:RC4-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK';

Why would you put ECDSA cipher suites here when you're using RSA certificate?

You should also disable:
- DHE cipher suites, because they're too slow compared to the alternative,
- CAMELLIA cipher suites (if you're using AES-NI), because they're too
slow compared to the alternative.

Overall, that's far from the state-of-the-art SSL configuration for
nginx. The only good thing about it is that it's using OCSP and
achieves "A" grade on ssllabs.com, which can tell you a lot about the
quality of the tests they're running.

Best regards,
Piotr Sikora

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

"A" Grade SSL/TLS with Nginx and StartSSL

Julien Vehent October 12, 2013 05:56PM

Re: "A" Grade SSL/TLS with Nginx and StartSSL

Piotr Sikora October 15, 2013 12:40AM

Re: "A" Grade SSL/TLS with Nginx and StartSSL

Julien Vehent October 15, 2013 09:28AM

Re: "A" Grade SSL/TLS with Nginx and StartSSL

Piotr Sikora October 15, 2013 06:02PM

Re: "A" Grade SSL/TLS with Nginx and StartSSL

Rob Stradling October 17, 2013 10:06AM

Re: "A" Grade SSL/TLS with Nginx and StartSSL

W-Mark Kubacki October 20, 2013 05:14PM

Re: "A" Grade SSL/TLS with Nginx and StartSSL

eiji-gravion October 16, 2013 10:22PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 67
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready