Transition Technology: Ticket #795: SHA1 Deprecation: Regenerate all certs using SHA256

chris — Tue, 11 Nov 2014 13:32:13 GMT

Gandi now support SHA256 see:

The *.transitionnetwork.org cert expires on 24/01/2015 so that would be the time to switch to SHA256.

chris — Tue, 11 Nov 2014 13:33:19 GMT

The certs can be checked at these URLs:

hours, totalhours changed

chris — Thu, 22 Jan 2015 13:16:52 GMT

hours changed from 0.0 to 0.25
totalhours changed from 0.0 to 0.25

A new SHA512 cert has been ordered on ticket:820#comment:3, using the Mozilla intermediate compatibility guide is probably the pragmatic choice.

Ciphersuite: ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
Versions: TLSv1, TLSv1.1, TLSv1.2
RSA key size: 2048
DH Parameter size: 2048 (1024 tolerable)
Elliptic curves: secp256r1, secp384r1, secp521r1 (at a minimum)
Certificate signature: SHA-256

For Nginx (the version of Apache is too old for this AFAIK) we can generate a strong dhparam for PFS, on PenguinServer:

sudo -i
cd /etc/ssl/transitionnetwork.org/
openssl dhparam 2058 > dhparam.pem
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
...............................................................
chmod 600 dhparam.pem

And the same was done on PuffinServer.

Nginx will need a chained certificate.

cc changed

ed — Thu, 22 Jan 2015 14:24:54 GMT

cc ade added; ed removed

add ADE removing ED

hours, totalhours changed

chris — Thu, 22 Jan 2015 15:00:07 GMT

hours changed from 0.0 to 0.25
totalhours changed from 0.25 to 0.5

For the chained cert, on PenguinServer, following https://wiki.gandi.net/en/ssl/intermediate

sudo -i
cd /etc/ssl/transitionnetwork.org/2015
wget "https://www.gandi.net/static/CAs/GandiStandardSSLCA2.pem"
wget "http://crt.usertrust.com/USERTrustRSAAddTrustCA.crt"
openssl x509 -inform DER -in USERTrustRSAAddTrustCA.crt -out USERTrustRSAAddTrustCA.pem
cat USERTrustRSAAddTrustCA.pem > gandi.pem
cat GandiStandardSSLCA2.pem >> gandi.pem
cat transitionnetwork.org.crt > transitionnetwork.org.chained.pem
cat GandiStandardSSLCA2.pem >> transitionnetwork.org.chained.pem
cat USERTrustRSAAddTrustCA.pem >> transitionnetwork.org.chained.pem
chmod 600 *.*

To be continued...

hours, status, totalhours changed; resolution set

chris — Fri, 23 Jan 2015 12:12:12 GMT

hours changed from 0.0 to 1.5
status changed from new to closed
resolution set to fixed
totalhours changed from 0.5 to 2.0

All the files in /etc/nginx/sites-available/ were edited to update the ciphers:

        #ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:+RC4:RC4;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;

Also these lines were added where appropriate:

        ssl_prefer_server_ciphers   on;
        add_header Strict-Transport-Security max-age=15768000;

We already had:

        listen 443 ssl spdy;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

Then the old files were moved out of the way and the new ones installed, Nginx checked and restarted:

cd /etc/ssl/transitionnetwork.org
mv *.* 2014/
mv 2015/* .
/etc/init.d/nginx configtest
/etc/init.d/nginx restart

The server was checked at SSLLabs.com and we now have a A+ rating.

Transfering the key and cert to other two server first enable ssh to root account on ParrotServer by editing /etc/ssh/sshd_config and changing these lines:

#PermitRootLogin no
PermitRootLogin yes

Restart sshd, make a new directory for the files:

mkdir /etc/ssl/transitionnetwork.org/2015
chmod 700 /etc/ssl/transitionnetwork.org/2015

Push the files from PenguinServer (keys and aliases were set up ages ago):

rsync -av /etc/ssl/transitionnetwork.org/*.* parrot:/etc/ssl/transitionnetwork.org/2015/

Re-edit sshd_config on ParrotServer and restart sshd to disable root logins.

Find the files on ParrotServer that might need editing:

sudo -i
cd /etc/apache2/
grep -rl SSL .
./conf.d/webarch.conf
./sites-available/tc
./sites-available/annesley
./sites-available/reconomy
./sites-available/reconredirect
./sites-available/ttt
./sites-available/ts
./mods-available/ssl.conf
./ports.conf

Manually edit the ones not in sites-available, adding / editing these lines as appropriate:

Header set Strict-Transport-Security "max-age=31536000"
#SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS:!aNULL
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA

Do the same for /root/webarch/conf/apache.template and regenerate the configs in sites-available by running /usr/local/webarch/bin/buildapache-all, move the new cert and key into place:

cd /etc/ssl/transitionnetwork.org
mv *.* 2014/
mv 2015/* .

Check, apache2ctl configtest and restart apache, and test at SSLLabs.com, we have a A+.

Repeat the above for PuffinServer and edit these Nginx config files:

/var/aegir/config/server_master/nginx/vhost.d/chive.master.puffin.webarch.net
/var/aegir/config/server_master/nginx/pre.d/nginx_wild_ssl.conf

Changing:

  #ssl_protocols                SSLv3 TLSv1 TLSv1.1 TLSv1.2;
  #ssl_ciphers                  RC4:HIGH:!aNULL:!MD5;
  ssl_protocols                TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers                  ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
  add_header Strict-Transport-Security max-age=15768000;
  ssl_dhparam /etc/ssl/transitionnetwork.org/dhparam.pem;

Check the config, /etc/init.d/nginx configtest, restart, and check the config at SSLLabs.com, and again we now have a A+.

Updated the wiki:SecurityInfo and https://wiki.transitionnetwork.org/Security page, to get the fingerprints:

openssl x509 -noout -in transitionnetwork.org.crt -fingerprint
SHA1 Fingerprint=67:E3:06:44:B5:95:67:74:1A:7A:EC:E2:82:C5:FC:27:A7:01:9C:F7
openssl x509 -noout -in transitionnetwork.org.crt -fingerprint -sha256
SHA256 Fingerprint=19:BF:1D:C7:34:FB:12:D1:AB:69:6E:96:1A:E3:94:C0:B8:C0:F6:85:03:D2:8A:E9:57:42:61:B3:F2:95:39:28