Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...

 
alt

Daniel Nashed

 

Domino 9.0.1 FP4 IF2 Security Update

Daniel Nashed  26 September 2015 08:38:11

After updating to the new IF which introduces ECDHE with some additional settings you can get to a "A+" SSL Labs rating.



Image:Domino 9.0.1 FP4 IF2 Security Update


When you install IF2 by default you get a good set of ciphers.

In the previous sets oif fixes DHE was disabled by defaiult. Now you have DHE and also ECDHE enabled by default.
There is not much in addition to that you have to do.

Cipher Suites (SSL 3+ suites in server-preferred order; deprecated and SSL 2 suites at the end)


TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)   ECDH 256 bits (eq. 3072 bits RSA)

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f)   DH 2048 bits (p: 256, g: 1, Ys: 256)

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)   ECDH 256 bits (eq. 3072 bits RSA)

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e)   DH 2048 bits (p: 256, g: 1, Ys: 256)

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)   ECDH 256 bits (eq. 3072 bits RSA)

TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b)   DH 2048 bits (p: 256, g: 1, Ys: 256)

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)   ECDH 256 bits (eq. 3072 bits RSA)

TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39)   DH 2048 bits (p: 256, g: 1, Ys: 256)

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)   ECDH 256 bits (eq. 3072 bits RSA)

TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67)   DH 2048 bits (p: 256, g: 1, Ys: 256)

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)   ECDH 256 bits (eq. 3072 bits RSA)


TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d)         256

TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c)         128


TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d)         256

TLS_RSA_WITH_AES_256_CBC_SHA (0x35)         256

TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)         128

TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)         128


TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa)         112

The SSL Labs rating says that PFS is supported with current browsers: "Forward Secrecy - With modern browsers"


-- Disable SSL V3 --

First of all you have to disable SSL V3. By default it is still enabled.
And I think it is time to completely disable it.


DISABLE_SSLV3=1

The current fixes also support HSTS but by default the max age is a bit too low.
So I set the following notes.ini settings:

HTTP_HSTS_MAX_AGE=17280000

HTTP_HSTS_INCLUDE_SUBDOMAINS=1

Which resulted in the following rating:

"Strict Transport Security (HSTS)   Yes   max-age=17280000; includeSubDomains"



-- OCSP --

Also OCSP is supported in the current version.

I have set the following notes.ini settings to enable it and to specify the responder URL for my certificate provider.
And I also enabled debugging for testing and ensured that time differences of different clocks do not cause any issues.

SSL_ENABLE_OCSP_STAPLING=1

OCSP_RESPONDER=http://evssl-ocsp.globalsign.com/responder
OCSP_CLOCKSKEW=10
OCSP_LOGLEVEL=31

The result is:

OCSP stapling  -> Yes



-- Cipher Configation --

The cipher configuration has changed a bit. For the new ciphers you need four digits.
Using the SSLCipherSpec you can continue to configure the existing ciphers using the two digit code.
But I would recommend that you start using 4 digits for all cipher types to keep the settings more consistent.

Also there is a way to disable certain ECDHE Curves via notes.ini settings.

And you can also gnerate your own DHE Groups.

I don't want to repeat all the settings from the current documentation.
The wiki entry has been updated. You find all the details here:


http://www.lotus.com/ldd/dominowiki.nsf/dx/TLS_Cipher_Configuration

Most of the settings are not really required. But those options can help when you have special requirements.

-- Daniel



Links

    Archives


    • [HCL Domino]
    • [Domino on Linux]
    • [Nash!Com]
    • [Daniel Nashed]