Perfect Foreward Secrecy does not work / SSL

When enabling "Only Strong Ciphers with Perfect Foreward Secrecy" or using the custom ciphers "EECDH:EDH:ECDH:DH:HIGH:MEDIUM:!LOW:!SSLv2:+TLSv1:+TLSv1.2:+TLSv1.1:!MD5:!DSS:!3DES:!EXP:!SRP:!PSK:!SEED:!aNULL:!eNULL:!NULL:@STRENGTH" webmin does not use PFS, only AES256-SHA.

openssl ciphers lists: openssl ciphers -v ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384 ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384 ECDHE-RSA-AES256-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA1 ECDHE-ECDSA-AES256-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA1 DHE-DSS-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=DSS Enc=AESGCM(256) Mac=AEAD DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256 DHE-DSS-AES256-SHA256 TLSv1.2 Kx=DH Au=DSS Enc=AES(256) Mac=SHA256 DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1 DHE-DSS-AES256-SHA SSLv3 Kx=DH Au=DSS Enc=AES(256) Mac=SHA1 DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA1 DHE-DSS-CAMELLIA256-SHA SSLv3 Kx=DH Au=DSS Enc=Camellia(256) Mac=SHA1

openssl s_client -connect localhost:10000 -tls1_2 SSL-Session: Protocol : TLSv1.2 Cipher : AES256-SHA

Tested on CentOS 6.5 and CentOS 7.0, Webmin Version 1.710

Status: 
Active

Comments

A few people have reported this, but the cause isn't clear yet. Webmin just passes the list of ciphers un-changed down to the openssl library, which is then responsible for interpreting it ... so if openssl is still not supporting PFS, there isn't much we can do.

openssl is supporting PFS perfectly well, Perfect Foreward Secrecy and the ECDHE ciphers are working in Postfix and Apache exactly the way as openssl ciphers -v shows the PFS ciphers.

see connection examples below:

openssl s_client -connect localhost:443

New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 4096 bit Secure Renegotiation IS supported

openssl s_client -connect localhost:25 -starttls smtp

New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 4096 bit Secure Renegotiation IS supported

openssl s_client -connect localhost:10000

New, TLSv1/SSLv3, Cipher is AES256-GCM-SHA384 Server public key is 4096 bit Secure Renegotiation IS supported

openssl version OpenSSL 1.0.1e-fips 11 Feb 2013

No, I meant the openssl server libraries that Webmin uses - not the client command.