0

I have previously removed less secure ciphers from WHM (Web Host Manager) however it has been a while and I want to learn how to fish, not be handed a fish.

The trouble seems to stem from the fact that there is little-to-no consistency in how ciphers are referenced or even where they are defined.

WHM Cipher Definitions

Ciphers seem to be listed in two places: Exim Configuration Manager and Apache Configuration ⇨ Exim Configuration Manager.

  • The Apache Configuration has a field "SSL/TLS Protocols" which is currently defined as ALL:!ADH:!AECDH:!EDH:!RC4:+HIGH:+MEDIUM:-LOW:-EXP.
  • The Exim Configuration Manager currently has a field "SSL/TLS Cipher Suite List" which is set to ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256.

Definition of Weak Ciphers

Here is the SSL Labs test for my domain. I have everything except TLS 1.2 and TLS 1.3 disabled and many less secure ciphers disabled. The test lists the following ciphers as being weak:

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH x25519 (eq. 3072 bits RSA) FS WEAK 128
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH x25519 (eq. 3072 bits RSA) FS WEAK 256
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c) WEAK 128
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d) WEAK 256
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) WEAK 128
TLS_RSA_WITH_AES_256_CBC_SHA (0x35) WEAK 256

I attempted to "translate" though after updating the values in both sections and running cPanel's AutoSSL I still got the same results on the test.

Translating Cipher References

I attempted to reference the TLS 1.2 standard as well as some documentation from OpenSSL. I made numerous other search queries and spent hours reading through documentation, standards and forums without luck.

Here is my attempt to make the lists look more similar to each other:

From the Exim Configuration Manager:

  • ECDHE_ECDSA_CHACHA20_POLY1305
  • ECDHE_RSA_AES128_GCM_SHA256
  • ECDHE_RSA_AES256_GCM_SHA384
  • ECDHE_RSA_AES128_SHA256
  • ECDHE_RSA_AES256_SHA384
  • ECDHE_RSA_CHACHA20_POLY1305

From the SSL Labs Test to be removed:

  • ECDHE_RSA_WITH_AES_128_CBC_SHA
  • ECDHE_RSA_WITH_AES_256_CBC_SHA
  • RSA_WITH_AES_128_GCM_SHA256
  • RSA_WITH_AES_256_GCM_SHA384
  • RSA_WITH_AES_128_CBC_SHA
  • RSA_WITH_AES_256_CBC_SHA

The list says to remove two ECDHE and the rest don't have ECDHE. In that example how do I remove something not defined? Secondly it suggests removing CBC though that is not defined in the first list.

Desirable Answer Format

Learning is the detection of patterns so I'm really looking for an answer with a table where column A lists the ciphers from the SSL Labs test and column B references how they are referenced (to be defined (for stronger ciphers) and disabled for weaker ciphers). Just enough that I can detect the pattern of how the test references the same ciphers as Apache (or whichever software directly handles all of this). A good reference URL with such a table (and where on the page if it's more than just a few paragraphs) would be very helpful.

It would also be incredibly useful to know how to have the server define a preferred cipher and to know which is considered the strongest if possible please.

Community
  • 1
John
  • 119
  • 5
  • I'm a little confused about what you want. And it seems like the links you provided give you what you appear to ask. Can you boil it down a little bit? You have the weak ciphers in Cipher Suite format, and you want it translated into what? The Apache list is in Cipher Suite format, too. What are you needing? – schroeder Mar 24 '20 at 18:32
  • To put it another way, I would answer you with the links you have provided. What is it that you feel you don't have? – schroeder Mar 24 '20 at 18:43
  • @schroeder The list says to remove two `ECDHE` and the rest don't have `ECDHE`. In *that* example how do I remove something not defined? Secondly it suggests removing `CBC` though that is not defined in the first list. I will update the question with how I have worked with the names to make them more similar. I also can't stand people who down-vote without a reason, I presume that was *not* you though. – John Mar 24 '20 at 18:58
  • In your edit, you are completely ignoring the Apache list. Why's that? – schroeder Mar 24 '20 at 19:07
  • @schroeder There isn't much in the Apache list already defined. I do not know what is inherited from some quiet silent list that isn't accessible (or spread over two places to be defined). From what I see the test shows that there are more ciphers declared then that are defined between the two. If I knew what page to CTRL+F on for a line of text and then know what it covers (presuming that a single definition defines more than one cipher) *that* might be a way for me to detect the pattern. – John Mar 24 '20 at 19:19
  • From the links you provided, what does `+MEDIUM` mean? There is a ***lot*** defined in the Apache list. And you appear to have missed that. I think you need to read your OpenSSL link again... – schroeder Mar 24 '20 at 19:20
  • @schroeder I set it to `-MEDIUM`, saved the configuration, reran AutoSSL, restarted the entire server and reran the test to have the exact same results. – John Mar 24 '20 at 19:49
  • Ok, so it looks like we're now on the same page. At this point, consider your question again. Does it still reflect what you need to know? Because I think you have an X/Y problem. You want to know how to change the list and you want to know what the lists mean. That now is a different situation (and a bit of troubleshooting). – schroeder Mar 24 '20 at 20:03
  • @schroeder It appears there is an issue with my server not honoring the configuration(s). I called and they already have an advanced tech working on it. In the worst case scenario where I'm simply handed a fish I will use WinMerge to compare the two configurations (presuming they fix the server issue) and make it clear for others and myself in the future how the ciphers map to each other. This is just part of a perfect storm of incredibly resilient issues I'm having to single-handedly deal with this week. – John Mar 24 '20 at 20:47

2 Answers2

0

For now, you probably would be best and most quickly served by relying on others who have studied cryptography and network security, and who offer their recommendations freely as a service. Sites like Mozilla's SSL Configuration Generator are a great way to obtain a clear list of ciphers that best meet your security needs.

Once you have solved your immediate problem and have your services configured securely based on the recommendations of experts in the field, you can consider spending more time digging deeper into this topic. But it's a deep field; you'll end up needing to understand the different families and types of cryptographic algorithms, key sizes, protocols, weaknesses, attacks, public key infrastructure, TLS, and network security.

The problem with cryptography is that it's hard for someone outside of the field to know how to compare the strengths of the various algorithms and key sizes, or which protocols or algorithms are known to have weaknesses.

John Deters
  • 33,650
  • 3
  • 57
  • 110
  • 1
    I think he's just trying to read and understand the cipher suite format. – schroeder Mar 24 '20 at 19:12
  • The Mozilla SSL config tool provides output in both Apache and Exim formats (as well as over a dozen other formats), so he doesn't even have to dig that deeply. He can just pick "Intermediate security" or whatever and copy/paste a reasonable answer without having to parse or understand the formats at all. – John Deters Mar 24 '20 at 19:19
  • 1
    I know, but he's asking to understand, not just copy/paste. – schroeder Mar 24 '20 at 19:21
  • To completely understand why someone would make those choices, he's ultimately going to need to learn the differences between DH and ECDH; SHA, SHA-256, and SHA-512; DES, 3DES, AES-128, AES-256, and CHACHA20; RSA and ECC; asymmetric and symmetric algorithms; TLS, hashing, block sizes, DSA, comparing key lengths, etc., etc,. etc. And even then, people who've done that can still make mistakes in cipher choices. It's easier and safer to hook him up with a trustworthy fish market than to teach him how to identify piscine diseases. – John Deters Mar 24 '20 at 19:37
  • 1
    I don't think that's the scope of the problem. Look at his comments. He doesn't know how to interpret the syntax. He doesn't need to know the suites, but the format. – schroeder Mar 24 '20 at 19:41
  • Then my recommendation stands - use a tool that handles the formatting and syntax for you. – John Deters Mar 24 '20 at 19:44
  • Let us [continue this discussion in chat](https://chat.stackexchange.com/rooms/105920/discussion-between-john-deters-and-schroeder). – John Deters Mar 24 '20 at 19:50
  • I tried the Apache configuration (`ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256`), updated, ran AutoSSL, restarted the entire server and *that still did not work or seem to change anything*. What am I missing? – John Mar 24 '20 at 20:06
  • Are you testing to the correct port? Are you connecting to the right machine, or is there a proxy in front, like nginx or F5 that terminates the TLS connection before it gets to this server? What tool are you using to test, and what does it report about the cipher suites? If none of those are the answer, you probably have to dig into your server's error logs to determine the real answer. You might have to check with cpanel's docs to figure it out. – John Deters Mar 24 '20 at 20:32
0

The Bad

I did not get to learn how to fish, so-to-speak.

The Good

The weaker ciphers were removed via a new configuration set by my web host. Here is the before and after. Please keep in mind this is valid as of the end of March 2020.

WHM Apache Configuration Before

ALL:!ADH:!AECDH:!EDH:!RC4:+HIGH:+MEDIUM:-LOW:-EXP

WHM Apache Configuration After

ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256

WHM Exim Configuration Manager Before

ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256

WHM Exim Configuration Manager After

ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384

Enabling TLS 1.3 in WHM

Simply set the SSL/TLS Protocols field to +TLSv1.2 +TLSv1.3. This did not work on Cent OS 6 though it does on Cent OS 7. This is working with OpenSSL 1.0.2k-fips.

John
  • 119
  • 5