8

I have been a long time reader but this is my first real post on a topic that I couldn't find a solution to.

I am currently hosting a website on Windows 2012 that I would like to get the latest TLS 1.2 ciphersuites running on.

I am aware of how to enable TLS 1.1 and TLS 1.2 in windows and have done so(via registry edits). I have also changed the cipher order to what I would like it to be.

My question is: How do i actually go through and set up my ECDHE / ECDSA portion of the cipher suite after this step?

When i view the site in the latest chrome beta (which supports ECDHE and ECDSA in TLS 1.2 provided you use the supported curves) it seems to skip all of the ECHDE ciphersuites.

Is there something else i need to do to get ECDHE/ECDSA properly enabled?

I have read around on the net trying to solve this myself and they mention making copies of your root cert and then modifying them to somehow support ECDHE. Am i barking up the wrong tree?

Thank you in advance for any and all support with this issue.

Edit: adding clarification/progress

After more research, I have found that in order to get ECDSA to work, you need an ECDSA certificate. The only way to get one at this time is to self-sign, as the cert-cartel has not yet come up with proper cross-licensing agreements and fee structures for Ellipic Curve Certificates yet.

Since self-signing is not an option for this site, I have removed all ECDSA suites from the cipher-order.

Unfortunately, because all of the AES Galois Counter Mode suites were also ECDSA, this rules those out for the time being.

This leaves me with a strongest cipher suite of ECDHE_RSA_WITH_AES_256_CBC_SHA384_P521 which I BELIEVE is supported by the latest version of Chrome beta correct? I can't seem to get Chrome to pick up anything beyond SHA-1. Is there no SHA-2 support? even in the latest beta?

user2555174
  • 141
  • 1
  • 2
  • 5
  • After more research, i believe the problem with my selected cipher suites is that I do not have an ECDSA CA. I have added the server to a domain (its own domain) and installed AD CS. I have created an enterprise certificate using the P-521 ECDSA software key provider from MS. Now, I don't know how to proceed to get this actually working in IIS8. Also a side question: Do i need to create a cert for each curve if i want to support all 3 of the default curves in Windows 2012? – user2555174 Jul 28 '13 at 08:30
  • > " Do i need to create a cert for each curve if i want to support all 3 of the default curves in Windows 2012?" -- If you used one Cert for everything, even an unencrypted Channel, then it would be easy to guess the Cert's Code. Similarly if you use one Cert for the three Curves and one is broken then so are all the others. Separate Certs for everything are more secure as are bigger (more key length and harder to decrypt Algorithms) Keys, but all that costs more (for you and an Attacker). – Rob Feb 02 '15 at 15:02

2 Answers2

6

AES-GCM is about how you encrypt the data in your connexion, EC-DSA or RSA about how the server identifies itself to the client. There is therefore no reason why you couldn't do AES-GCM encryption with a RSA authentication.

RFC 5289 does define the needed suite for that : https://www.rfc-editor.org/rfc/rfc5289#section-3.2

CipherSuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256    = {0xC0,0x2F};
CipherSuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384    = {0xC0,0x30};
CipherSuite TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256     = {0xC0,0x31};
CipherSuite TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384     = {0xC0,0x32};

It's not however necessarily easy to find both the client and the server that will support them.

Community
  • 1
  • 1
jmd
  • 877
  • 8
  • 12
3

I had similar experiences with Win2008 R2. Depending on the certificate, GCM cipher is offered by the server or not.

With self-signed ECDSA certificate i got GCM to work but older browsers or Windows XP can't connect to such a https-site.

Windows doesnt support any TLS_ECDHE_RSA...GCM... ciphers: http://msdn.microsoft.com/en-us/library/aa374757(v=vs.85).aspx Thus normal RSA-certificates don't work with GCM under Windows.

Browser compatibility: http://www.g-sec.lu/sslharden/SSL_comp_report2011.pdf

tom
  • 31
  • 2