6

Using ssllabs.com's scan tells me RC4 is in use. I read that RC4 should be disabled by default in Windows 2012 R2. I'm running a node.js server using https.createServer and not specifying ciphers (letting it default)

ssllabs.com says:

This server accepts the RC4 cipher, which is weak

TLS_RSA_WITH_RC4_128_SHA (0x5)   WEAK
TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011)   WEAK

I've disabled RC4 in the registery per these instructions:http://windowsitpro.com/windows/disabling-rc4-cipher

I also tried specifing the ciphers in node createHttpsServer like this:

        ciphers:            
        [   "ECDHE-RSA-AES128-GCM-SHA256",
            "ECDHE-ECDSA-AES128-GCM-SHA256",
            "ECDHE-RSA-AES256-GCM-SHA384",
            "ECDHE-ECDSA-AES256-GCM-SHA384",
            "DHE-RSA-AES128-GCM-SHA256",
            "ECDHE-RSA-AES128-SHA256",
            "DHE-RSA-AES128-SHA256",
            "ECDHE-RSA-AES256-SHA384",
            "DHE-RSA-AES256-SHA384",
            "ECDHE-RSA-AES256-SHA256",
            "DHE-RSA-AES256-SHA256",
            "HIGH",
            "!aNULL",
            "!eNULL",
            "!EXPORT",
            "!DES",
            "!RC4",
            "!MD5",
            "!PSK",
            "!SRP",
            "!CAMELLIA"
        ].join(':'),
        honorCipherOrder:   true

Still get the same message saying RC4 is in use and my grade dropped from B to C so setting the node.js cipher list does have an impact.

Using IIS Crypto to disable the RC4 ciphers after clicking the best practices option resulted in no difference in my ssllabs scan results.

I suspect it has something to do with the node configuration, but even specifying the cipher list as mentioned above still results in the scan saying RC4 is in use.

How do I diagnose this to disable RC4 or find out where it's in use so I can disable it?

ciso
  • 217
  • 3
  • 14
  • If you give us the server address, we can find out a lot of useful diagnostic information that may help in answering your question. – womble Aug 02 '15 at 05:54
  • Well, my working hypothesis is that your assertion that there isn't a proxy in front of your node.js service is false. I'd like to test that hypothesis. – womble Aug 02 '15 at 23:06
  • I'd connect to the service and take a look at the `Server` response header, and other markers that indicate a particular HTTP server is in use (heuristic pattern matching borne of long experience). The problem with writing up an answer is that I don't *have* an answer, merely a long list of hypotheses, and my memory isn't good enough to be able to recall everything out of the moment. – womble Aug 03 '15 at 09:02
  • @womble. I set the server response headers and when I browse tthe server I see the headers I set. I'm using Fiddler to see the icoming headers to my browser from my server. They match what my server is sending. My browser is on a different ip than my server and a different location so the traffic is over the web instead of local to the machine or behind a private network. – ciso Aug 03 '15 at 09:14
  • That's not what I said at all. – womble Aug 03 '15 at 09:16
  • "`Server` response header" is not the same as "server response headers". – womble Aug 03 '15 at 09:19
  • @ChrisGciso could you post your entire https.createServer() and node.js version ? Strongly suspecting the config just isn't quite right. I remember fighting node.js for over a day fixing cipher lists about 9 months ago. Also note: the SSL/TLS registry changes and IISCrypto require a reboot, but I'm pretty sure Node uses openssl so I don't think those are relevant anyway. – Joshua McKinnon Aug 06 '15 at 04:44
  • @JoshuaMcKinnon I updated the question with the entire https server create code. – ciso Aug 06 '15 at 16:56

3 Answers3

5

Disabling anything in the registry only affects what uses the Windows components for RC4 (IIS/IE). IIS Crypto is not related either - as you are not using IIS.

But you are using the node.js built in https.createServer. All settings related to RC4 will then happen within node.js (as node.js does not care about the registry).

Newer better ciphers has been added to node.js which will come automatically with the next release of node.js

If you are using node.js 0.12 then update your cipher list from the current source.

It looks like you have specified the ciphers correctly. But are you sure this is the code you are executing? If you are using node.js 0.12 or later then RC4 is disabled by default! Make sure everything is properly updated and libraries are in order.

When you create the built in server instance it would look something like this:

var server = https.createServer({
    key: privateKey,
    cert: certificate,
    ca: certificateAuthority,
    // default node 0.12 ciphers with RC4 disabled!!!
    ciphers: [
        "ECDHE-RSA-AES256-SHA384",
        "DHE-RSA-AES256-SHA384",
        "ECDHE-RSA-AES256-SHA256",
        "DHE-RSA-AES256-SHA256",
        "ECDHE-RSA-AES128-SHA256",
        "DHE-RSA-AES128-SHA256",
        "HIGH",
        "!aNULL",
        "!eNULL",
        "!EXPORT",
        "!DES",
        "!RC4",
        "!MD5",
        "!PSK",
        "!SRP",
        "!CAMELLIA"
    ].join(':'),
    honorCipherOrder: true
}, app);

If you are using a recent node.js you should not specify ciphers but just use the defaults. It can however be practical to list them for debugging purposes.

For simple debugging then simply keep using SSL Labs. If SSL Labs still says RC4 is enabled - then try to disable one of the other cipher suites to verify that you are actually changing the actual code being used. If you see no change - then switch to Fiddler to ensure we are talking with the correct server.

The var agent = new https.Agent so called "config" is not relevant. That snippet is creating an https.Agent (client) and specifies what ciphers you would like to connect with. You will then connect with one of these ciphers if they are offered from the server. The interesting part is https.createServer

Understand that when you browse the server and set headers using Fiddler - then you are doing the same as var agent = new https.Agent. You request what cipher suite you would like to use. Try requesting RC4 only using Fiddler and see if that is accepted. Then you should look at what comes back from the server to verify that you are actually "talking" with the node.js instance that you think you are!

The snippet above and step by step instructions for A+ can be found at CertSimple

Troubleshooting steps:

  1. Verify node.js version

  2. Verify node/lib/tls.js version

  3. Verify that you are connecting to the correct node.js instance (start/connect/stop/connect)

  4. Set Fiddler to only accept RC4

If Fiddler connects with RC4 - then you need to modify some code. If Fiddler cannot connect with RC4 - and SSL Labs still does - then you have a proxy (or something else!) between your node.js and SSL Labs.

Update: If Fiddler is too hard to configure - then some practical tools to verify ciphers accepted by the server can be found on Superuser

Community
  • 1
Claus Andersen
  • 300
  • 2
  • 7
  • Thank you very much. Very helpful. I am certain that I'm running only one node.js and there is no proxy. I will try the steps you outlined and will report back. I'm using node.js v12.4 and letting the ciphers default. The list I included above was just a test that didn't work. This test did cause SSLabs to give me a different grade ( "C" instead of a "B") so it saw the changes which means it sees my node.js instance. Both with and without the ciphers specified it said RC4 was in use for the two ciphers I mentioned. – ciso Aug 05 '15 at 18:34
2

I think the registry configuration only affects browsers, so you would need to set your ciphers in node.js. This is what worked for me:

var agent = new https.Agent({
  "key": key,
  "cert": cert,
  "ciphers": 'EECDH+AES128:EECDH+3DES:EDH+3DES:!SSLv2:!MD5:!DSS:!aNULL',
  "honorCipherOrder": true
});
dtoubelis
  • 4,677
  • 1
  • 29
  • 32
  • I tried your config and it still tells me RC4 is in use. – ciso Jul 30 '15 at 18:40
  • Do you have a proxy in front of your `node.js` by any chance? Your original configuration is also correct, you just need to make sure it is properly applied. – dtoubelis Jul 30 '15 at 18:44
  • No proxy in front of node.js. – ciso Jul 30 '15 at 18:48
  • @dtoubelis the registry changes definitely affect IIS (anything using Schannel). I don't think node.js uses Schannel on windows but either way that statement is not correct. – Joshua McKinnon Aug 06 '15 at 04:17
2

I figured out the answer.

The default ciphers for TLS are:

ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL

I found this by checking the tls.DEFAULT_CIPHERS property.

Notice RC4 is included.

So the default ciphers for https were fine, however tls has its own cipher default.

ciso
  • 217
  • 3
  • 14