openssl 版本 -a

openssl 版本 -a

在 Ubuntu 12.01 LTS 上将 Apache 和 PHP 升级到最新版本后,其上的 SSL 站点变得无法访问,并显示错误“ssl_error_no_cypher_overlap”。

我尝试使用以下方法生成新的自签名 SSL 证书openssl req -x509 -nodes -days 1826 -newkey rsa:2048 -keyout apache_x509_RSA-2048_days-1826_013115.key -out apache_x509_RSA-2048_days-1826_013115.crt

但是当我跑步时: /etc/ssl/our_certs# sslscan --no-failed mydomain.com

我懂了:

                   _
           ___ ___| |___  ___ __ _ _ __                                           
          / __/ __| / __|/ __/ _` | '_ \                                          
          \__ \__ \ \__ \ (_| (_| | | | |                                         
          |___/___/_|___/\___\__,_|_| |_|                                         

                  Version 1.8.2                                                   
             http://www.titania.co.uk                                             
        Copyright Ian Ventura-Whiting 2009                                        

Testing SSL server mydomain.com on port 443

  Supported Server Cipher(s):
    Accepted  SSLv3  256 bits  ECDHE-RSA-AES256-SHA
    Accepted  SSLv3  256 bits  DHE-RSA-AES256-SHA
    Accepted  SSLv3  256 bits  DHE-RSA-CAMELLIA256-SHA
    Accepted  SSLv3  256 bits  AES256-SHA
    Accepted  SSLv3  256 bits  CAMELLIA256-SHA
    Accepted  SSLv3  168 bits  ECDHE-RSA-DES-CBC3-SHA
    Accepted  SSLv3  168 bits  EDH-RSA-DES-CBC3-SHA
    Accepted  SSLv3  168 bits  DES-CBC3-SHA
    Accepted  SSLv3  128 bits  ECDHE-RSA-AES128-SHA
    Accepted  SSLv3  128 bits  DHE-RSA-AES128-SHA
    Accepted  SSLv3  128 bits  DHE-RSA-CAMELLIA128-SHA
    Accepted  SSLv3  128 bits  AES128-SHA
    Accepted  SSLv3  128 bits  CAMELLIA128-SHA

  Prefered Server Cipher(s):
    SSLv3  256 bits  ECDHE-RSA-AES256-SHA

  SSL Certificate:
    Version: 2
    Serial Number: -17181615592741643472
    Signature Algorithm: sha1WithRSAEncryption
    Issuer: /C=PH/ST=NCR/L=Manila/O=Our_Company/CN=mydomain.com/[email protected]
    Not valid before: Sep  5 00:40:40 2013 GMT
    Not valid after: Sep  3 00:40:40 2023 GMT
    Subject: /C=PH/ST=NCR/L=Manila/O=Our_Company/CN=mydomain.com/[email protected]
    Public Key Algorithm: rsaEncryption
    RSA Public Key: (2048 bit)
      Public-Key: (2048 bit)
      Modulus:
          00:df:c2:a9:69:9b:df:09:25:b9:6d:15:d2:2e:3c:
          d2:bf:48:40:97:7f:c9:d5:9b:d0:0c:13:0d:26:67:
          98:3e:be:fe:0a:fd:e7:da:24:90:7c:f4:51:de:6e:
          a0:98:2a:e1:23:fb:cc:0c:ab:1d:53:6a:f5:d6:f9:
          51:b4:d5:f4:f3:1b:9c:25:fa:39:83:f4:3c:3b:f4:
          c1:50:5f:b0:8d:8e:13:53:fb:05:be:4d:5c:b9:98:
          a8:58:15:76:5a:18:b9:fb:88:a8:ec:a1:c4:4e:83:
          d6:7d:9a:ce:1f:91:68:31:ae:fa:64:90:8a:e0:77:
          51:ad:ba:46:98:d8:c1:c6:1c:3d:93:c3:5f:c2:28:
          8a:0d:6f:05:58:15:d8:df:81:05:20:de:18:cf:98:
          8c:12:42:27:b4:40:5e:fb:b5:98:94:d0:d2:ae:41:
          a5:b5:a2:60:39:9f:f7:56:a0:e8:fb:6c:2c:64:d7:
          82:11:96:9f:f0:27:e1:6b:7d:fd:2c:0d:be:82:ee:
          df:39:ff:8f:f2:db:cf:0b:01:c3:31:93:a5:35:83:
          2c:4f:b2:a8:4b:66:4e:66:79:79:01:91:ef:d0:bb:
          75:6c:e3:ca:95:e2:b8:fe:3c:81:21:7b:58:49:7e:
          21:a5:12:1f:eb:8a:40:c6:4d:80:78:0f:4e:0a:3b:
          a2:2d
      Exponent: 65537 (0x10001)
    X509v3 Extensions:
      X509v3 Subject Key Identifier:
        B3:66:DF:F6:36:5C:F6:B0:A5:AF:D0:09:80:0A:88:58:04:B4:C6:04
      X509v3 Authority Key Identifier:
        keyid:B3:66:DF:F6:36:5C:F6:B0:A5:AF:D0:09:80:0A:88:58:04:B4:C6:04

      X509v3 Basic Constraints:
        CA:TRUE
  Verify Certificate:
    self signed certificate

如果我理解正确的话,SSL 2 和 3 现在都被认为是不安全的,我需要使用 TLSv1、v1.1 还是 v1.2?

我需要知道的是如何生成使用这些 TLS 版本的证书以及它还应该接受的任何其他内容?

我可能应该提一下,该证书将在多个域中使用。谢谢。

附加信息:

openssl 版本 -a

OpenSSL 1.0.1 14 Mar 2012
built on: Fri Jan  9 17:52:49 UTC 2015
platform: debian-amd64
options:  bn(64,64) rc4(16x,int) des(idx,cisc,16,int) blowfish(idx)
compiler: cc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,--noexecstack -Wall -DOPENSSL_NO_TLS1_2_CLIENT -DMD32_REG_T=int -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
OPENSSLDIR: "/usr/lib/ssl"

Apache2-v

Server version: Apache/2.4.10 (Ubuntu)
Server built:   Jul 22 2014 22:57:50

php-v 命令

PHP 5.5.21-1+deb.sury.org~precise+2 (cli) (built: Jan 26 2015 20:02:42)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.5.0, Copyright (c) 1998-2014 Zend Technologies
    with Zend OPcache v7.0.4-dev, Copyright (c) 1999-2014, by Zend Technologies

uname -a

Linux s2.mydomain.com 3.13.0-34-generic #60~precise1-Ubuntu SMP Wed Aug 13 15:55:33 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

答案1

证书不能确定连接是否使用 TLS 或 SSL;这完全取决于 Web 服务器(在本例中为 apache)的配置。

您需要查看的配置选项是 SSLProtocol,可能使用:

SSL协议全部 -SSLv2 -SSLv3

如果您想禁用 SSL 协议但保留所有版本的 TLS。

答案2

除了SSLProtocol前面提到的指令控制着新连接中可以接受的 SSL/TLS 协议的版本,第二个指令用于配置客户端在 SSL/TLS 握手阶段可以协商的密码套件。

那就是SSLCipherSuite指令。理论上,可以允许 TLS 协议,但排除 TLS 规范中实际包含的所有加密密码 :)。合理的配置是:

SSLCipherSuite ALL:!ADH:!EXPORT:RC4+RSA:+HIGH:-MEDIUM:-LOW

一个稍微“更好”的选择是给予提供以下服务的加密密码者一些优先权前向保密例如:

SSLCipherSuite EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:ALL:!ADH:!EXPORT:RC4+RSA:+HIGH:-MEDIUM:-LOW

一般而言,虽然理论上 apache 主要通过 httpd.conf 配置文件进行配置,但该配置文件可以包含来自其他文件的模块化部分。(即文件conf.d/*.conf和 Ubuntu 特定sites-enabled/*.conf)顺序很重要!当某些指令多次出现时,通常只应用最后一次出现的情况。因此请检查所有包含的内容!

相关内容