PCI Compliance - TLS 1.1, smtpd_tls_mandatory_protocols

10 posts / 0 new
Last post
#1 Wed, 09/12/2012 - 07:40
bill56

PCI Compliance - TLS 1.1, smtpd_tls_mandatory_protocols

Hello:

The SecurityMetrics PCI cops are after me again.

They say:

Resolution: Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported. Configure SSL/TLS servers to only support cipher suites that do not use block ciphers. Apply patches if available. Note that additional configuration may be required after the installation of the MS12-006 security update in order to enable the split-record countermeasure. See http://support.microsoft.com/kb/2643584 for details. Risk Factor: Medium/ CVSS2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE: CVE-2011-3389

Checked my server at ssllabs.com (great tool to check your SSL by the way) and it reports:

Protocols TLS 1.2 No TLS 1.1 No TLS 1.0 Yes SSL 3.0 Yes SSL 2.0 No

SSL Labs seems to indicate that my current configuration is ok, and is "best practice":

• TLS v1.1 and v1.2 are without known security issues. Unfortunately, many server and client platforms do not support these newer protocol versions. The best practice is to use TLS v1.0 as your main protocol (making sure the BEAST attack is mitigated in configuration, as explained in subsequent sections) and TLS v1.1 and v1.2 if they are supported by your server platform. That way, the clients that support newer protocols will select them, and those that don’t will fall back to TLS v1.0. You should always use the most recent versions of the protocol for security and the oldest (yet still secure) versions for interoperability with your customer base.

However, SecurityMetrics thinks otherwise. How can I fix this to become PCI compliant without breaking my server?

Thanks,

Bill

Wed, 09/12/2012 - 08:33
andreychek

Howdy,

The SecurityMetrics PCI cops are after me again.

They're a very persistent bunch :-)

Which distro/version is it that you're using?

And which service(s) is it that they're giving you a hard time about?

-Eric

Wed, 09/12/2012 - 09:22 (Reply to #2)
bill56

Hi Eric:

Yes, they are :-(

CentOS Linux 5.8 Kernel and CPU Linux 2.6.18-308.13.1.el5 on x86_64 Virtualmin version 3.94.gpl GPL Webmin version 1.590

The services are: TCP 110 pop3 TCP 443 https TCP 993 imaps TCP 143 imap TCP 995 pop3s TCP 587 submission TCP 25 smtp

The above have this message: Resolution: Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported. Configure SSL/TLS servers to only support cipher suites that do not use block ciphers. Apply patches if available. Note that additional configuration may be required after the installation of the MS12-006 security update in order to enable the split-record countermeasure. See http://support.microsoft.com/kb/2643584 for details. Risk Factor: Medium/ CVSS2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE: CVE-2011-3389

Also these services: TCP 587 submission TCP 25 smtp

Which have this message: Resolution: Configure the service to support less secure authentication mechanisms only over an encrypted channel. Risk Factor: Medium/ CVSS2 Base Score: 4.0 AV:N/AC:H/Au:N/C:P/I:N/A:N

-Bill

Wed, 09/12/2012 - 11:09
andreychek

Howdy,

Well, there's some details here in this PCI compliance doc on configuring the ciphers used by your various services:

https://www.virtualmin.com/documentation/security/pci

Now, they aren't disabling TLS v1.0, but you may be able to get a good idea of how all that might work from the examples there.

Here's the trouble though -- I'm not sure if it'll work on your distro.

For example, here are the docs on how to configure all that in Postfix:

http://www.postfix.org/postconf.5.html#smtpd_tls_mandatory_protocols

They mention that TLS 1.1 and 1.2 is only available beginning with OpenSSL version 1.0.1, and the version provided with CentOS 5.x is openssl-0.9.8e.

However, you could always give it a try and see what happens :-)

-Eric

Tue, 09/18/2012 - 23:36 (Reply to #4)
bill56

Eric:

After a lot of digging, I found a way to install OpenSSL version 1.0.1c on CentOS 5.x here:

www.axivo.com/community/threads/upgrade-to-openssl-1-0-1-in-centos.180/

Did the install per the instructions and system now shows:

openssl version

OpenSSL 1.0.1c 10 May 2012

I have in httpd.conf:

SSLProtocol ALL -SSLv2 -SSLv3
SSLCipherSuite HIGH:!aNULL:!MD5

Scan shows TLS 1.0 is only protocol running - no TLS 1.1 or TLS 1.2

http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslprotocol says:

SSLProtocol ALL - This is a shortcut for - when using OpenSSL 1.0.1 and later - ``+SSLv2 +SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2'', respectively.

So it seems TLS 1.1 and TLS 1.2 should work, but they are not working.

What do I have wrong?

Thanks, Bill

Wed, 09/19/2012 - 00:11
andreychek

Howdy,

Chances are that you'd need to do more than just install a newer version of OpenSSL... you'd probably also need to compile Apache against that particular OpenSSL version.

I haven't tried what you're trying to do before, and there may be other gotchas as well... but if just installing a newer OpenSSL version doesn't allow you to use the ciphers you need, you may need to recompile Apache.

And that's a pretty big project :-)

Is using a newer CentOS distro (ie, CentOS 6) an option?

But, it should indeed be possible to recompile Apache.

-Eric

Fri, 12/23/2016 - 02:03
rpedrica

I have virtualmin running under Centos 6.x with apache 2.2 ( std ) and openssl 1.0.1e-fips ( std ). According to all googling, opnessl 1.0.1e should support tls v1.2 but from an ssllabs/symantec scan, my setup is still only showing tls1.0 as being available and 1.1/1.2 as being off. My settings are:

SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:+HIGH:-MEDIUM:-LOW

Any suggestions are welcome.

RobDob

Fri, 12/23/2016 - 07:58
Diabolico
Diabolico's picture

Try this

SSLProtocol ALL -SSLv2 -SSLv3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS

It should give you at least score -A. I did this as trade off to support some other things otherwise if you play a little with SSLCipherSuite you can push to +A.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Fri, 12/23/2016 - 10:24
rpedrica

Doesn't seem to have made much change and the big issue ( tls1.1 and 1.2 ) are still disabled.

RobDob

Fri, 12/23/2016 - 10:37
Diabolico
Diabolico's picture

Ok, then lets try something else. There are 3 places where you should look for solution:

  1. httpd.conf - Check for SSLProtocol and SSLCipherSuite

  2. ssl.conf - Same as for httpd.conf

  3. main.cf - Look for "smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, TLSv1, TLSv1.1, TLSv1.2" and "smtpd_tls_mandatory_ciphers = high"

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Topic locked