Split SSL config

Prepare 
This commit is contained in:
Léo Colombaro 2018-11-25 19:13:33 +01:00
parent 1b2b4eb276
commit 10fc3a39a6
7 changed files with 108 additions and 67 deletions

View File

@ -1,64 +0,0 @@
# ----------------------------------------------------------------------
# | SSL Policy |
# ----------------------------------------------------------------------
# Cipher suites and directive for strong security
#
# https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations
# https://mozilla.github.io/server-side-tls/ssl-config-generator/
# https://nginx.org/en/docs/http/ngx_http_ssl_module.html
# Protect against the BEAST and POODLE attacks by not using SSLv3 at all. If you need to support older browsers (IE6) you may need to add
# SSLv3 to the list of protocols below.
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# Ciphers set to best allow protection from Beast, while providing forwarding secrecy, as defined by Mozilla (Intermediate Set) - https://wiki.mozilla.org/Security/Server_Side_TLS#Nginx
ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
ssl_prefer_server_ciphers on;
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Optimize SSL by caching session parameters for 10 minutes. This cuts down on the number of expensive SSL handshakes.
# The handshake is the most CPU-intensive operation, and by default it is re-negotiated on every new/parallel connection.
# By enabling a cache (of type "shared between all Nginx workers"), we tell the client to re-use the already negotiated state.
# Further optimization can be achieved by raising keepalive_timeout, but that shouldn't be done unless you serve primarily HTTPS.
ssl_session_cache shared:SSL:10m; # a 1mb cache can hold about 4000 sessions, so we can hold 40000 sessions
ssl_session_timeout 24h;
# SSL buffer size
# ssl_buffer_size 1400; # 1400 bytes to fit in one MTU
# Session tickets
#
# nginx does not auto-rotate session ticket keys: only a HUP / restart will do so and
# when a restart is performed the previous key is lost, which resets all previous
# sessions. The fix for this is to setup a manual rotation mechanism:
# https://trac.nginx.org/nginx/changeset/1356a3b9692441e163b4e78be4e9f5a46c7479e9/nginx
#
# Note that you'll have to define and rotate the keys securely by yourself. In absence
# of such infrastructure, consider turning off session tickets:
ssl_session_tickets off;
# Use a higher keepalive timeout to reduce the need for repeated handshakes
keepalive_timeout 300s; # up from 75 secs default
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# This default SSL certificate will be served whenever the client lacks support for SNI (Server Name Indication).
# Make it a symlink to the most important certificate you have, so that users of IE 8 and below on WinXP can see your main site without SSL errors.
# ssl_certificate /etc/nginx/default_ssl.crt;
# ssl_certificate_key /etc/nginx/default_ssl.key;
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# OCSP stapling
# ssl_stapling on;
# ssl_stapling_verify on;
# Trusted certificate must be made up of your intermediate certificate followed by root certificate
# ssl_trusted_certificate /path/to/ca.crt;
# resolver 8.8.8.8 8.8.4.4 216.146.35.35 216.146.36.36 valid=60s;
# resolver_timeout 2s;

View File

@ -0,0 +1,32 @@
# ----------------------------------------------------------------------
# | Certificate files |
# ----------------------------------------------------------------------
# This default SSL certificate will be served whenever the client lacks
# support for SNI (Server Name Indication).
# Make it a symlink to the most important certificate you have, so that
# users of IE 8 and below on WinXP can see your main site without SSL errors.
#
# (1) Certificate and key files location
# The certificate file can contain intermediate certificate.
#
# https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_certificate
#
# (2) Intermediate certificate location if loaded certificate (1) does not
# contain intermediate certificate when enabling OCSP stanpling.
#
# https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_trusted_certificate
#
# (3) CA certificate file location for client certificate authentication
#
# https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_client_certificate
# (1)
ssl_certificate /etc/nginx/default_ssl.crt;
ssl_certificate_key /etc/nginx/default_ssl.key;
# (2)
# ssl_trusted_certificate /path/to/ca.crt;
# (3)
# ssl_client_certificate /etc/nginx/default_ssl.crt;

View File

@ -0,0 +1,18 @@
# ----------------------------------------------------------------------
# | Online Certificate Status Protocol stapling |
# ----------------------------------------------------------------------
# OCSP is a lightweight, only one record to help clients verify the
# validity of the server certificate.
# OCSP stapling allow the server to send its cached OCSP record during
# the TLS handshake, whithout the need of 3rd party OCSP responder.
#
# https://wiki.mozilla.org/Security/Server_Side_TLS#OCSP_Stapling
# https://tools.ietf.org/html/rfc6066#section-8
# https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_stapling
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 216.146.35.35 216.146.36.36 valid=60s;
resolver_timeout 2s;

View File

@ -0,0 +1,21 @@
# ----------------------------------------------------------------------
# | SSL policy - Intermediate |
# ----------------------------------------------------------------------
# For services that don't need compatibility with legacy clients
# (mostly WinXP), but still need to support a wide range of clients,
# this configuration is recommended.
#
# Protect against the BEAST and POODLE attacks by not using SSLv3 at all.
# If you need to support older browsers (IE6) you may need to add
# SSLv3 to the list of protocols.
#
# Based on intermediate profile recommended by Mozilla.
# https://mozilla.github.io/server-side-tls/ssl-config-generator/
#
# https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations
# https://nginx.org/en/docs/http/ngx_http_ssl_module.html
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
ssl_prefer_server_ciphers on;

31
h5bp/ssl/ssl_engine.conf Normal file
View File

@ -0,0 +1,31 @@
# ----------------------------------------------------------------------
# | SSL engine |
# ----------------------------------------------------------------------
# Optimize SSL by caching session parameters for 10 minutes. This cuts down on the number of expensive SSL handshakes.
# The handshake is the most CPU-intensive operation, and by default it is re-negotiated on every new/parallel connection.
# By enabling a cache (of type "shared between all Nginx workers"), we tell the client to re-use the already negotiated state.
# Further optimization can be achieved by raising keepalive_timeout, but that shouldn't be done unless you serve primarily HTTPS.
#
# A 1Mb cache can hold about 4000 sessions, so we can hold 40000 sessions
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 24h;
# SSL buffer size
# 1400 bytes to fit in one MTU
# ssl_buffer_size 1400;
# Session tickets
#
# nginx does not auto-rotate session ticket keys: only a HUP / restart will do so and
# when a restart is performed the previous key is lost, which resets all previous
# sessions. The fix for this is to setup a manual rotation mechanism:
# https://trac.nginx.org/nginx/changeset/1356a3b9692441e163b4e78be4e9f5a46c7479e9/nginx
#
# Note that you'll have to define and rotate the keys securely by yourself. In absence
# of such infrastructure, consider turning off session tickets:
ssl_session_tickets off;
# Use a higher keepalive timeout to reduce the need for repeated handshakes
# Default: 75s
keepalive_timeout 300s;

View File

@ -20,7 +20,8 @@ server {
# listen on the wrong host
server_name www.example.com;
include h5bp/security/ssl_policy.conf;
include h5bp/ssl/ssl_engine.conf;
include h5bp/ssl/policy_intermediate.conf;
# and redirect to the non-www host (declared below)
return 301 https://example.com$request_uri;
@ -38,7 +39,8 @@ server {
# The host name to respond to
server_name example.com;
include h5bp/security/ssl_policy.conf;
include h5bp/ssl/ssl_engine.conf;
include h5bp/ssl/policy_intermediate.conf;
# Path for static files
root /var/www/example.com/public;

View File

@ -8,6 +8,7 @@
server {
listen [::]:443 ssl default_server;
listen 443 ssl default_server;
include h5bp/security/ssl_policy.conf;
include h5bp/ssl/ssl_engine.conf;
include h5bp/ssl/policy_intermediate.conf;
return 444;
}