Welcome! Log In Create A New Profile

Advanced

Re: Inheritance issues with ssl_protocols and ssl_ciphers...

Maxim Dounin
November 12, 2022 06:38AM
Hello!

On Sat, Nov 12, 2022 at 05:24:36AM -0500, wordlesswind wrote:

> Hello guys,
>
> I enabled ssl_reject_handshake in the first 443 server segment of nginx.conf
> to prevent someone from scanning the IP to detect the certificate.
>
> ```
> server {
> listen 443 ssl reuseport;
> listen [::]:443 ssl;
>
> ssl_session_cache shared:SSL:10m;
> ssl_session_timeout 1d;
>
> ssl_dhparam /root/dhparam;
>
> ssl_protocols TLSv1.2 TLSv1.3;
> ssl_ciphers TLSv1.2:!ADH:!RSA:!PSK:!SHA256:!SHA384;
>
> ssl_early_data on;
>
> ssl_reject_handshake on;
> }
> ```
>
> I then placed the real server configuration file under the conf.d folder.
>
> ```
> server {
> listen 443 ssl http2;
> listen [::]:443 ssl http2;
> server_name example.com;
> root /usr/share/nginx/html;
>
> ssl_certificate /acme.sh/example.com_ecc/fullchain.cer;
> ssl_certificate_key /acme.sh/example.com_ecc/example.com.key;
>
> ssl_certificate /acme.sh/example.com/fullchain.cer;
> ssl_certificate_key /acme.sh/example.com/example.com.key;
>
> ssl_stapling on;
> resolver 8.8.8.8 1.1.1.1 valid=300s;
> ssl_stapling_verify on;
>
> ssl_session_cache shared:SSL:10m;
> ssl_session_timeout 1d;
>
> ssl_dhparam /root/dhparam;
>
> ssl_protocols TLSv1.2 TLSv1.3;
> ssl_ciphers TLSv1.2:!ADH:!RSA:!PSK:!SHA256:!SHA384;
>
> ssl_early_data on;

[...]

> }
> ```
>
> Then I found a problem, if I turn off TLS 1.2 on the first 443 server
> segment and only use TLS 1.3, then the other servers are also TLS 1.3 only.
>
> It seems that ssl_ciphers, ssl_dhparam, ssl_early_data, ssl_protocols,
> ssl_session_cache, and ssl_session_timeout all have inheritance.
>
> Is this normal?

You are using name-based virtual servers, so nginx can only change
settings when some name is known from the client request (or a
connection). In case of HTTPS, the first name which becomes known
is the SNI server name. It is, however, only known when OpenSSL
already decides which protocol version to use (in particular,
because the SNI TLS extension is not available in some older
protocols, such as SSLv3). As such, the ssl_protocol directive
should be specified in the default server block when using
name-based virtual servers.

Similarly, SSL session reuse happens at the default server context
(since the SNI name might not be available at all during session
reuse), so ssl_session_cache needs to be specified in the default
server block as well. The same applies to ssl_session_timeout and
ssl_early_data, as both are set by OpenSSL based on the default
server context where sessions are reused. On the other hand,
BoringSSL makes it possible to set ssl_early_data in name-based
virtual servers.

Ciphers, however, are chosen after the SNI name is known (and
appropriate server certificates are set), since it is not possible
to select a cipher without the certificate being known. As such,
ssl_ciphers can be safely used in name-based virtual servers. The
same applies to ssl_dhparam.

Some basic tips about various aspects of name-based virtual server
selection can be found in the documentation here:

http://nginx.org/en/docs/http/server_names.html#virtual_server_selection

Hope this helps.

--
Maxim Dounin
http://mdounin.ru/
_______________________________________________
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-leave@nginx.org
Subject Author Posted

Inheritance issues with ssl_protocols and ssl_ciphers...

wordlesswind November 12, 2022 05:24AM

Re: Inheritance issues with ssl_protocols and ssl_ciphers...

Maxim Dounin November 12, 2022 06:38AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 62
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready