0

I have an Apache/2.4.18 server with OpenSSL/1.0.1s. I used the Mozilla SSL Configuration Generator to generate the SSL config:

SSLProtocol             all -SSLv3
SSLCipherSuite          ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder     on
SSLCompression          off
SSLSessionTickets       off

SSL Labs test gives these messages:

The server supports only older protocols, but not the current best TLS 1.2. Grade capped to C.
The server does not support Forward Secrecy with the reference browsers.

Also, in "handshake simulation" it gives the message:

Apple ATS 9 / iOS 9  R  Server sent fatal alert: handshake_failure

How do I get rid of these, especially the last one so that iOS 9 users can connect without any problems?

Thanks!

user4444173
  • 11
  • 1
  • maybe you have `SSLProtocol` statement in `mods-enabled/mod_ssl.conf` or somewhere else that restricts it? – Z.T. Apr 14 '16 at 11:25
  • 2
    Is it possible there is a TLS terminator / proxy between your Apache and the Internet? But I'd look at all the included config files first. – Z.T. Apr 14 '16 at 17:53

2 Answers2

1

You should get a SHA2 certificate, first of all, as Chrome requires it.

Your ssl configuration should look like this:

Listen 443
SSLEngine on
SSLPassPhraseDialog  builtin
SSLProtocol ALL -SSLv2 -SSLv3
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:!RC4+RSA:+HIGH:!MEDIUM:!LOW:!MD5:!DES
SSLCertificateFile /path/to/cert
SSLCertificateKeyFile /path/to/key
SSLCACertificateFile /path/to/cacert

Optionally you could add these for extra security:

Header always append X-Frame-Options SAMEORIGIN
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
Header always set X-ServerId 1

Honoring the order of the cipher suite is not mandatory.

Castaglia
  • 3,349
  • 3
  • 21
  • 42
Alex Austin
  • 17
  • 4
  • Does not explain why they get TLS 1.0 only, when their config should get them TLS 1.0, 1.1 and 1.2. – Z.T. Apr 14 '16 at 17:51
1

I recommend testing your site with these tools: https://www.ssllabs.com/ssltest/ https://ssl-tools.net/

they will give you significant insights into whether your server is set up correctly, and provide links to making things better

Paul M
  • 583
  • 5
  • 10