Apache2的SSL模块

Apache2的SSL模块

我正在尝试对我的 CentOS 6.9 服务器进行漏洞扫描。我试图解决的最后一个问题与过时的 SSL 协议的使用有关。当我尝试在 ssl.conf 中使用以下行时

SSLProtocol -all +TLSv1.1

然后运行配置

service httpd24-httpd configtest

我收到错误消息

SSLProtocol: Illegal protocol 'TLSv1.1'

我已将范围缩小到可能是过时的 OpenSSL 版本。当我开始此过程时,我使用的是该版本OpenSSL 1.0.1e-fips 11 Feb 2013,并且我已按照以下说明将其更新为更新的版本:http://www.ehowstuff.com/how-to-install-and-update-openssl-on-centos-6-centos-7/

现在,当我检查我得到的版本时OpenSSL 1.0.2l 25 May 2017,但在配置测试期间我仍然遇到相同的错误。我现在认为 apache 中的 mod_ssl.so 文件需要升级,但我对接下来的步骤有点不知所措(此时我有点超出了我的深度)。因为我下载了 httpd24 作为一个包,所以我从来不需要编译它,而且我不知道下一步该去哪里。据我了解,可以在不重新编译 Apache 的情况下包含一个新的 mod_ssl.so,但实际上我不知道该怎么做。

答案1

Apache2的SSL模块


您可能只是忘记启用 SSL 模块,您应该首先确保使用(作为 root 或使用sudo):

a2enmod ssl

然后您可以尝试重新启动 Apache2 Web 服务器。


给未来读者的重要提示


SSL 1.0、2.0、3.0(维基百科)最新版本的 OpenSSL 不再支持这些。

TLS 1.0(维基百科

这个版本的 TLS 是 1999 年的,我建议禁用它。

TLS 1.1(维基百科

此版本的 TLS 是 2006 年的版本,当前(2019 年)没有操作系统/软件明确依赖它,我建议也禁用它。

您可能想阅读 1.2 之前版本的弃用信息DigiCert 文章。摘录如下:

较旧的协议存在安全风险 互联网上 TLS 1.0 和 1.1 的存在主要构成安全风险——服务器几乎普遍支持这些协议,但客户端对它们的使用更接近于相反。需要使用这些版本的客户正遭受着它们的缺点的困扰。互联网的其余部分很容易受到降级攻击(这迫使用户使用较弱版本的 TLS 以利用已知的漏洞),而几乎没有任何实际好处。对于大多数服务器,旧版本的 TLS 可能会保留“以防万一”,或者有人在打开新版本时忘记关闭它们。

TLS 1.2(维基百科

不管它是在 2008 年定义的,但出于兼容性原因,在 2019 年我们确实需要它。

TLS 1.3(维基百科

这是协议这么多年之后的一次重大升级,如果您可以启用它,请立即启用。


SSL 模块配置示例


<IfModule mod_ssl.c>

## Pseudo Random Number Generator (PRNG):
## Configure one or more sources to seed the PRNG of the SSL library.
## The seed data should be of good random quality.
## WARNING! On some platforms /dev/random blocks if not enough entropy
## is available. This means you then cannot use the /dev/random device
## because it would lead to very long connection times (as long as
## it requires to make more entropy available). But usually those
## platforms additionally provide a /dev/urandom device which doesn't
## block. So, if available, use this one instead. Read the mod_ssl User
## Manual for more details.
# I changed the default values of 512 to 1024
SSLRandomSeed    startup    builtin
SSLRandomSeed    startup    file:/dev/urandom    1024
SSLRandomSeed    connect    builtin
SSLRandomSeed    connect    file:/dev/urandom    1024

## Some MIME-types for downloading Certificates and CRLs
AddType    application/x-x509-ca-cert    .crt
AddType    application/x-pkcs7-crl       .crl

## Pass Phrase Dialog:
## Configure the pass phrase gathering process.
## The filtering dialog program (`builtin' is a internal
## terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog    exec:/usr/share/apache2/ask-for-passphrase

## Inter-Process Session Cache:
## Configure the SSL Session Cache: First the mechanism
## to use and second the expiring timeout (in seconds).
## (The mechanism dbm has known memory leaks and should not be used).
# I changed the default timeout of 300 to 600
SSLSessionCache           shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
SSLSessionCacheTimeout    600

## Disabling SSLSessionTickets ensures Perfect Forward Secrecy
## is not compromised if the server is not restarted regularly
# I changed the default value as I won't restart the webserver
SSLSessionTickets    Off

## Semaphore:
## Configure the path to the mutual exclusion semaphore the
## SSL engine uses internally for inter-process synchronization.
## (Disabled by default, the global Mutex directive consolidates by default this)
#Mutex    file:${APACHE_LOCK_DIR}/ssl_mutex    ssl-cache

## The protocols to enable:
## Available values: all, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3
## SSLv2 and SSLv3 are no longer supported
# I prefer the latest TLSv1.3 and TLSv1.2 for compatibility reasons
# TLSv1 / TLSv1.1 are 20 / 13 years old, so decided to disable them
SSLProtocol    -all    +TLSv1.3 +TLSv1.2

# Enabling compression causes security issues in most setups (the so called CRIME attack).
SSLCompression Off

## SSL server cipher order preference:
## Use server priorities for cipher algorithm choice.
## Clients may prefer lower grade encryption. You should enable this
## option if you want to enforce stronger encryption, and can afford
## the CPU cost, and did not override SSLCipherSuite
## in a way that puts insecure ciphers first.
# I changed the default value because:
# - I can afford the extra CPU costs
# - I want to force the clients to honor my cipher preferences
SSLHonorCipherOrder    On

## SSL Cipher Suites:
## List the ciphers that the client is permitted to negotiate. See the
## ciphers(1) man page from the openssl package for list of all available options.
# I can always run `openssl ciphers` to find all currently available ciphers
# As for TLSv1.3 the TLS_AES_128_GCM_SHA256 is mandatory as per RFC 8446:
# https://tools.ietf.org/html/rfc8446#section-9
SSLCipherSuite    TLSv1.3    TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256
SSLCipherSuite    SSL        ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256


## Don't allow insecure renegotiation with clients which
## do not yet support the secure renegotiation protocol.
SSLInsecureRenegotiation    Off

## Forbid non-SNI clients to access name based virtual hosts
# I changed the default value as I want to
# reject all of the old / archaic clients
SSLStrictSNIVHostCheck    On

# Allow these elliptic curves and prefer the safe X25519 for TLSv1.3
SSLOpenSSLConfCmd    Curves    X25519:secp521r1:secp384r1:prime256v1

# Enable OSCP Stapling cache
SSLStaplingCache    shmcb:${APACHE_RUN_DIR}/ssl_stapling_cache(128000)

</IfModule>

为什么我只使用 AES 密码

因为现代 CPU 极大地加速了它们AES指令集,如下所示:


AES 密码此时统治世界

答案2

刚才也有同样的问题。比较几台服务器之间的差异,我意识到有问题的服务器没有以某种方式安装 mod_ssl。

yum install mod_ssl

为我解决了这个问题。

相关内容