4

I can connect to my server in practically every browser except for Internet Explorer and I cannot figure out why.

I am resolving SSL on AWS Elastic Load Balancer (ELB), which is configured to use the following ciphers:

DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES256-SHA256
DHE-RSA-AES128-SHA256
DHE-DSS-AES256-GCM-SHA384
DHE-DSS-AES128-GCM-SHA256
DHE-DSS-AES256-SHA256
DHE-DSS-AES128-SHA256
DHE-RSA-AES256-SHA
DHE-RSA-AES128-SHA
DHE-DSS-AES256-SHA
DHE-DSS-AES128-SHA

I ran an SSL Labs server test 1 and the simulated handshake section passed every browser except all versions of IE, which all failed:

IE 11 / Win 8.1 Protocol or cipher suite mismatch   Fail3
Fail3: Only first connection attempt simulated. Browsers tend to retry with a lower protocol version.

I tried connecting to the server using IE11 and IE10 and neither worked. I was able to connect to the server using Chrome, Firefox, Safari (v6 and v7).

IE11 supports TLS v1.2, v1.1, and v1.0, so it should be able to use one of the configured ciphers, right?

conorgil
  • 41
  • 1
  • 3
  • Connect to [SSL Labs client test page](https://www.ssllabs.com/ssltest/viewMyClient.html) with your IE to see what cipher suites your IE actually claims to support. If none of the suites configured on the server appears in that list, then that's your problem. There may also be issues with the DH modulus used by your server: some clients are limited to a 1024-bit DH modulus, even if the server's RSA/DSS key is bigger. – Thomas Pornin Jan 14 '14 at 16:14

2 Answers2

2

IE11 supports TLS v1.2, v1.1, and v1.0, so it should be able to use one of the configured ciphers, right?

No. The only cipher suite mandated by RFC 5246 is (in OpenSSL parlance) AES128-SHA. (I don't think any later RFCs added more.)

Read the SSL Labs client reports for IE 7/Vista and IE 11/Win8.1. IE supports DHE -- but only with DSA certicates. However, it does support ECDHE with RSA (and ECDSA) certificates.

You need to enable a cipher suite supported by IE, as listed above by SSL Labs. IE 7-10 support TLS 1.0 and the cipher suites ECDHE-RSA-AES128-SHA and ECDHE-RSA-AES256-SHA. IE 11 also adds support for TLS 1.2 and ECDHE-RSA-AES128-SHA256. If the ELB platform doesn't support ECDHE, your only option is to enable some old non-PFS cipher suite like AES128-SHA.

Community
  • 1
Matt Nordhoff
  • 206
  • 2
  • 3
  • Yea, ELB does not support ECDHE unfortunately. For that reason, we are looking into just switching to a stud/haproxy combo instead of resolving SSL on ELB. – conorgil Jan 15 '14 at 18:31
0

Yes MSIE11 supports TLS V1.2, 1.1 and 1.0.

Use WinHTTP or WireShark to inspect the communication via browser and webserver.

You should be able to tell if your proxy / firewall is hindering communication, or if the browser is using (handshake negotiation) to request a (different encryption channel).

Without more information I can't troubleshoot your specific problems... A lot improved in (Win 8.1).

Edit: I think the problem you are having is with GCM being prioritized first in your cipher suite. GCM is not enabled by default (6) on Windows 8.1, IE11 will handshake negotiate down to the first cipher it supports, in your case DHE-RSA-AES256-SHA256.

(6) ttp://msdn.microsoft.com/en-us/library/windows/desktop/aa374757(v=vs.85).aspx

RQ'
  • 76
  • 6
  • If IE11 would handshake negotiate down, then it should still work fine so long as I have a cipher configured that it supports. IE11 should support DHE-RSA-AES256-SHA256 so I think that should work fine. – conorgil Jan 15 '14 at 18:35