Rotate ssl policies to modernize protocols recommendations

Closes #210
This commit is contained in:
Léo Colombaro 2019-02-01 16:10:06 +01:00
parent 3472f5ab0e
commit d2531ac605
4 changed files with 73 additions and 73 deletions

View File

@ -0,0 +1,30 @@
# ----------------------------------------------------------------------
# | SSL policy - Deprecated |
# ----------------------------------------------------------------------
# For services that don't need compatibility with legacy clients
# (mostly WinXP), but still need to support a wide range of clients,
# this configuration is recommended.
#
# Protect against the BEAST and POODLE attacks by not using SSLv3 at all.
# If you need to support older browsers (IE6) you may need to add
# SSLv3 to the list of protocols.
#
# Based on intermediate profile recommended by Mozilla.
# https://mozilla.github.io/server-side-tls/ssl-config-generator/
#
# (1) Diffie-Hellman parameter for DHE cipher suites
# A 4096 bits or more DH parameter is recommended.
# (!) A DH parameter generation is required to enable this directive.
# openssl dhparam -out /etc/nginx/dhparam.pem 4096
# https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_dhparam
#
# https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations
# https://nginx.org/en/docs/http/ngx_http_ssl_module.html
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES128-SHA256:AES256-SHA256:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:DES-CBC3-SHA;
ssl_ecdh_curve X25519:prime256v1:secp521r1:secp384r1;
# (1)
# ssl_dhparam /etc/nginx/dhparam.pem;

View File

@ -1,45 +0,0 @@
# ----------------------------------------------------------------------
# | SSL policy - Future |
# ----------------------------------------------------------------------
# For services that want to be on the bleeding edge, the parameters
# below sacrifice compatibility for the highest level of security & performance
#
# (!) TLSv1.3 and it's 0-RTT feature require NGINX >=1.15.4 and OpenSSL >=1.1.1
# to be installed.
#
# (!) Don't enable `ssl_early_data` blindly! Requests sent within early data are
# subject to replay attacks.
#
# (1) The NIST curves (prime256v1, secp384r1, secp521r1) are known to be weak
# and potentially vulnerable.
#
# Add them back to the parameter `ssl_ecdh_curve` below to support
# Microsoft Edge and Safari.
#
# https://safecurves.cr.yp.to/
#
# (2) Enables TLS 1.3 0-RTT, allows for faster resumption of TLS sessions.
#
# (!) Requests sent within early data are subject to replay attacks.
# To protect against such attacks at the application layer, the
# $ssl_early_data variable should be used:
# proxy_set_header Early-Data $ssl_early_data;
#
# The application should return response code 425 for anything that
# could contain user supplied data.
#
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/425
#
# https://github.com/certbot/certbot/issues/6367
# https://github.com/mozilla/server-side-tls/issues/217
# https://nginx.org/en/docs/http/ngx_http_ssl_module.html
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+AES;
# (1)
ssl_ecdh_curve X25519;
# (2)
#ssl_early_data on;

View File

@ -2,29 +2,23 @@
# | SSL policy - Intermediate | # | SSL policy - Intermediate |
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
# For services that don't need compatibility with legacy clients # For services that don't need backward compatibility, the parameters
# (mostly WinXP), but still need to support a wide range of clients, # below provide a higher level of security.
# this configuration is recommended.
# #
# Protect against the BEAST and POODLE attacks by not using SSLv3 at all. # (!) This policy enfore a strong SSL configuration, which may raise
# If you need to support older browsers (IE6) you may need to add # errors with old clients.
# SSLv3 to the list of protocols. # If a more compatible profile is required, use intermediate policy.
# #
# Based on intermediate profile recommended by Mozilla. # (1) The NIST curves (prime256v1, secp384r1, secp521r1) are known
# https://mozilla.github.io/server-side-tls/ssl-config-generator/ # to be weak and potentially vulnerable but are required to support
# # Microsoft Edge and Safari.
# (1) Diffie-Hellman parameter for DHE cipher suites # https://safecurves.cr.yp.to/
# A 4096 bits or more DH parameter is recommended.
# (!) A DH parameter generation is required to enable this directive.
# openssl dhparam -out /etc/nginx/dhparam.pem 4096
# https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_dhparam
# #
# https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations # https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations
# https://nginx.org/en/docs/http/ngx_http_ssl_module.html # https://nginx.org/en/docs/http/ngx_http_ssl_module.html
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES128-SHA256:AES256-SHA256:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:DES-CBC3-SHA; ssl_ciphers EECDH+CHACHA20:EECDH+AES;
ssl_ecdh_curve X25519:prime256v1:secp521r1:secp384r1;
# (1) # (1)
# ssl_dhparam /etc/nginx/dhparam.pem; ssl_ecdh_curve X25519:prime256v1:secp521r1:secp384r1;

View File

@ -2,23 +2,44 @@
# | SSL policy - Modern | # | SSL policy - Modern |
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
# For services that don't need backward compatibility, the parameters # For services that want to be on the bleeding edge, the parameters
# below provide a higher level of security. # below sacrifice compatibility for the highest level of security & performance
# #
# (!) This policy enfore a strong SSL configuration, which may raise # (!) TLSv1.3 and it's 0-RTT feature require NGINX >=1.15.4 and OpenSSL >=1.1.1
# errors with old clients. # to be installed.
# If a more compatible profile is required, use intermediate policy.
# #
# (1) The NIST curves (prime256v1, secp384r1, secp521r1) are known # (!) Don't enable `ssl_early_data` blindly! Requests sent within early data are
# to be weak and potentially vulnerable but are required to support # subject to replay attacks.
#
# (1) The NIST curves (prime256v1, secp384r1, secp521r1) are known to be weak
# and potentially vulnerable.
#
# Add them back to the parameter `ssl_ecdh_curve` below to support
# Microsoft Edge and Safari. # Microsoft Edge and Safari.
#
# https://safecurves.cr.yp.to/ # https://safecurves.cr.yp.to/
# #
# https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations # (2) Enables TLS 1.3 0-RTT, allows for faster resumption of TLS sessions.
#
# (!) Requests sent within early data are subject to replay attacks.
# To protect against such attacks at the application layer, the
# $ssl_early_data variable should be used:
# proxy_set_header Early-Data $ssl_early_data;
#
# The application should return response code 425 for anything that
# could contain user supplied data.
#
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/425
#
# https://github.com/certbot/certbot/issues/6367
# https://github.com/mozilla/server-side-tls/issues/217
# https://nginx.org/en/docs/http/ngx_http_ssl_module.html # https://nginx.org/en/docs/http/ngx_http_ssl_module.html
ssl_protocols TLSv1.2; ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+AES; ssl_ciphers EECDH+CHACHA20:EECDH+AES;
# (1) # (1)
ssl_ecdh_curve X25519:prime256v1:secp521r1:secp384r1; ssl_ecdh_curve X25519;
# (2)
#ssl_early_data on;