tls 1.1 and tls 1.2

Discussion in 'Install/Configuration' started by aykutnet, May 31, 2013.

  1. aykutnet

    aykutnet New Member

    How do I enable TLS 1.1 and TLS 1.2
  2. mistwang

    mistwang LiteSpeed Staff

    no, you cannot at this moment, since openssl 1.0.1 is not stable, we still use openssl 0.9.8, no TLS 1.1/1.2 support yet.
  3. justme

    justme Member

    And now? Defaulting to TLS_RSA_WITH_RC4_128_SHA is not exactly HIGH as far as ciphers are concerned (although that's what I selected).
  4. mistwang

    mistwang LiteSpeed Staff

    We plan to switch to OpenSSL 1.0.1 with our 5.0 release.
    could build a special build for 4.2.5 release for people wants it.
  5. justme

    justme Member

    Depending on how far 5.0 is, a 4.2.5 would make sense. Count me in :)
  6. mistwang

    mistwang LiteSpeed Staff

    We have put a build of 4.2.5 with OpenSSL 1.0.1 ,
    You can give it a try if you want, with command

    /usr/local/lsws/admin/misc/lsup.sh -f -v 4.2.5
  7. justme

    justme Member

    Thank you. Now the only thing missing is being able to tune it with cipher lists, as the hardcoded one doesn't include ECDHE ciphers and TLS_RSA_WITH_RC4_128_SHA being second on the offered list it gets chosen by all browsers but one, IE11 (see www.ssllabs.com/ssltest).
    edit: AESNI is useless with non-AES ciphers ;)
    Last edited: Sep 25, 2013
  8. mistwang

    mistwang LiteSpeed Staff

    Please do a force reinstall of 4.2.5, ECDHE ciphers should work now.
  9. justme

    justme Member

    Great, much better! Now if ciphers could be sorted in strength (or offering an option to toggle @strength or @speed), as TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA should be above TLS_RSA* to have a chance to get picked by IE. Almost there 8)
    edit: actually TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA should be on top to burry these outdated RC4 ciphers (which only XP requires now).
    Last edited: Sep 26, 2013
  10. mistwang

    mistwang LiteSpeed Staff

    ECDHE-RSA-AES128-SHA256 has the highest priority on server side, so it must be IE8 not support it. TLSv1.0 with AES CBC is not safe to BEAST attack, it has lower priority than RC4.

    And remember that ECDHE ciphers is much slower than AES128-GCM-SHA256 or RC4.
  11. justme

    justme Member

    Indeed, security comes at a cost, which could be user-selectable... like all other web servers allowing cipher-list tuning. By the way, the comment on AESNI going to waste still stands (all browsers using RSA with current build).
  12. mistwang

    mistwang LiteSpeed Staff

    AESNI support is enabled in 4.2.5 using OpenSSL 1.0.1e, our test shows that AES128-GCM-SHA256 is faster than RC4-SHA .
  13. justme

    justme Member

    What about real life tests? No browser supports AES128-GCM-SHA256 and since it is below TLS_RSA_WITH_RC4_128_SHA on the cipher list it won't get picked anyway. Not trying to be picky but while we are at improving the cipher list...
  14. mistwang

    mistwang LiteSpeed Staff

    We use a default cipher string like "ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH", and server's cipher order should be followed. You can customize the XML configuration file directly (not through the web console) to get your preferred cipher order.
  15. justme

    justme Member

    Nice! I didn't notice that feature, you made my day :D
  16. justme

    justme Member

    Hrm, I need help:
    the following suite isn't giving the expected result with 4.2.5:
    ECDH+AES256: DH+AES256: DH+AES128: RC4-SHA: !aNULL
    DH ciphers are being ignored, along with ECDHE-ECDSA.

    Code:
    openssl ciphers -v 'ECDH+AES256:DH+AES256:DH+AES128:RC4-SHA:!aNULL'
    ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
    ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
    ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
    ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
    ECDHE-RSA-AES256-SHA    SSLv3 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA1
    ECDHE-ECDSA-AES256-SHA  SSLv3 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA1
    ECDH-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
    ECDH-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
    ECDH-RSA-AES256-SHA384  TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256)  Mac=SHA384
    ECDH-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256)  Mac=SHA384
    ECDH-RSA-AES256-SHA     SSLv3 Kx=ECDH/RSA Au=ECDH Enc=AES(256)  Mac=SHA1
    ECDH-ECDSA-AES256-SHA   SSLv3 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256)  Mac=SHA1
    DHE-DSS-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=DSS  Enc=AESGCM(256) Mac=AEAD
    DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
    DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA256
    DHE-DSS-AES256-SHA256   TLSv1.2 Kx=DH       Au=DSS  Enc=AES(256)  Mac=SHA256
    DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
    DHE-DSS-AES256-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(256)  Mac=SHA1
    DHE-DSS-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=DSS  Enc=AESGCM(128) Mac=AEAD
    DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(128) Mac=AEAD
    DHE-RSA-AES128-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA256
    DHE-DSS-AES128-SHA256   TLSv1.2 Kx=DH       Au=DSS  Enc=AES(128)  Mac=SHA256
    DHE-RSA-AES128-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA1
    DHE-DSS-AES128-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(128)  Mac=SHA1
    RC4-SHA                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=SHA1
    
  17. joe

    joe Member

    Today I d/l'd 4.2.7 standard and I'm trying to enable TLSv1.1 & TLSv1.2. So far regardless of the configuration items checked on, I cant verify its working. This is running on a Freebsd 9.2 platform. Locally oppenssl is 9.8y but based on the announcement for 4.2.7 its built in isn't it?

    Is this possible using my configuration?
  18. mistwang

    mistwang LiteSpeed Staff

    Just download again and update your installation, bundled OpenSSL lib has been updated to 1.0.1f for freebsd6 packages.
  19. joe

    joe Member

    I'll give it a shot.... dare I ask why it was just added when it also listed in the release notes? ;)
  20. mistwang

    mistwang LiteSpeed Staff

    Freebsd does not get the same level of attentions & cares as Linux.:p

Share This Page