These are the SSL/TLS configuration items to use only Perfect Forward Secrecy (PFC) encrypted connections. Connections will fail if the other party cannot support the PFC key-exchange, cipher, and hashing combinations.
Overall rating A
Handshake Simulation
Chrome 29 / Win 7 TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) FS 128
Firefox 10.0.12 ESR / Win 7 TLS 1.0 TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) FS 128
Firefox 17.0.7 ESR / Win 7 TLS 1.0 TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) FS 128
Firefox 21 / Fedora 19 TLS 1.0 TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) FS 256
Firefox 22 / Win 7 TLS 1.0 TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) FS 128
IE 6 / XP No FS * Fail**
IE 7 / Vista TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) FS 256
IE 8 / XP No FS * Fail**
IE 8-10 / Win 7 TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) FS 256
IE 11 / Win 8.1 TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) FS 128
Java 6u45 TLS 1.0 TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) FS 128
Java 7u25 TLS 1.0 TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) FS 128
OpenSSL 0.9.8y TLS 1.0 TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) FS 256
OpenSSL 1.0.1e TLS 1.2 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) FS 256
Opera 12.15 / Win 7 TLS 1.0 TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) FS 256
Opera 15 / Win 7 TLS 1.1 TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) FS 128
Safari 5.1.9 / OS X 10.6.8 TLS 1.0 TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) FS 128
Safari 6 / iOS 6.0.1 TLS 1.2 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) FS 256
Safari 6.0.4 / OS X 10.8.4 TLS 1.0 TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) FS 128
Safari 7 / OS X 10.9 TLS 1.2 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) FS 256
* Browsers that do not support Forward Secrecy are excluded when determining support for it.
** Only first connection attempt simulated. Browsers are likely to retry with a lower protocol version or other tweaks.
Create the private key on a physical local machine that is secure and copy the results to the destination host. It is best not to have the private key on the server at all, but just ensure it is made available when the server starts.
There will be information on how the server can be configured to request the private key at boot-time from a remote secure system added later.
Generating the initial 4096-bit RSA private key:
openssl genrsa -out /etc/ssl/private/groksecrecy.eu.key 4096
Creating a Certificate Signing Request:
openssl req -new -key /etc/ssl/private/groksecrecy.eu.key -out groksecrecy.eu.csr
Checking the Signed Certificate issued by a Certificate Authority:
openssl x509 -noout -text -in /etc/ssl/certs/groksecrecy.eu.pem
Update list of CA certificates:
update-ca-certificates
mods-enabled/ssl.conf:
SSLHonorCipherOrder On
SSLCipherSuite "\
EECDH+ECDSA+AESGCM \
EECDH+aRSA+AESGCM \
EECDH+ECDSA+SHA384 \
EECDH+ECDSA+SHA256 \
EECDH+aRSA+SHA384 \
EECDH+aRSA+SHA256 \
EECDH+aRSA+RC4 \
EECDH \
EDH+aRSA \
!aNULL \
!eNULL \
!LOW \
!3DES \
!MD5 \
!EXP \
!PSK \
!SRP \
!DSS"
sites-enabled/groksecrecy.eu.HTTPS.conf:
SSLEngine on
SSLCertificateFile /etc/ssl/certs/groksecrecy.eu.chain.2015-08-25.pem
SSLCertificateKeyFile /etc/ssl/private/groksecrecy.eu.key
SSLCertificateChainFile /etc/ssl/certs/startssl-sub.class2.server.ca-chain.pem
SSLCACertificatePath /etc/ssl/certs/
smtpd_tls_auth_only = yes
smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem
smtpd_tls_cert_file = /etc/ssl/certs/groksecrecy.eu.chain.2015-08-25.pem
smtpd_tls_key_file = /etc/ssl/private/groksecrecy.eu.2015-08-25.key
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_protocols = !SSLv2
smtpd_tls_received_header = yes
smtpd_tls_security_level = encrypt
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
smtp_tls_mandatory_ciphers = high
smtp_tls_note_starttls_offer = yes
smtp_tls_security_level = encrypt
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
tls_high_cipherlist = EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:
EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS
tls_random_source = dev:/dev/urandom
ssl = required
ssl_cert = </etc/ssl/certs/groksecrecy.eu.chain.2015-08-25.pem
ssl_key = </etc/ssl/private/groksecrecy.eu.key
ssl_ca = </etc/ssl/certs/ca-certificates.crt
ssl_require_crl = yes
ssl_protocols = !SSLv2
ssl_cipher_list = EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS
verbose_ssl = yes
DNSSEC
apt-get install dnssec-tools
cd /etc/bind/
for zf in groksecrecy.*.hosts; do zonesigner -szopts "-O full" -genkeys -usensec3 -zone ${zf%.*} $zf; done
More to come once the configuration is finalised.
Pending.
For the openssl s_client
tests the client will use the oldest protocol (lowest ranked) unless forced otherwise. The SSL/TLS version can be selected using any of: -ssl2 -ssl3 -tls1 -tls1_1 -tls1_2
Put the list of ciphers in an environment variable:
EXPORT CIPHERS='EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:\
EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS'
openssl s_client -tls1_2 -connect groksecrecy.eu:443 -CApath /etc/ssl/certs -cipher $CIPHERS
openssl s_client -starttls smtp -connect groksecrecy.eu:25 -CApath /etc/ssl/certs -cipher $CIPHERS
openssl s_client -starttls pop3 -connect groksecrecy.eu:110 -CApath /etc/ssl/certs -cipher $CIPHERS
openssl s_client -starttls imap -connect groksecrecy.eu:143 -CApath /etc/ssl/certs -cipher $CIPHERS
SSL Labs: Deploying Forward Secrecy
duraconf - A collection of hardened configuration files for SSL/TLS services
StartSSL - Identify-based SSL/TLS certificates
Configuring DNSSEC On BIND9 (9.7.3) On Debian Squeeze/Ubuntu 11.10
Apache 2.4 (First version to support PFC)
Dovecot secure IMAP4/POP3 server