logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in  RSS Apache Lounge  


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.



Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: Apache and FIPS-ready Page 1, 2  Next
Author
jraute



Joined: 13 Sep 2013
Posts: 188
Location: Rheinland, Germany

PostPosted: Mon 22 Sep '14 16:44    Post subject: Apache and FIPS-ready Reply with quote

We have apaches on win2008 R2 running as reverse proxy.
We have tried hard to make it as safe as possible regarding the ssl/tls connections.
But we haven't been able to configure it properly to get it FIPS-ready.

We included "SSLFIPS on" in the globals of our httpd.conf, but apache won't start. No errors in the log, just nothing, even if i define debug-level.

Any ideas?
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 6786
Location: Germany, Next to Hamburg

PostPosted: Mon 22 Sep '14 17:04    Post subject: Reply with quote

It is not about that parameter, but your ssl settings. I have a fips ready config. http://mariobrandt.de/archives/apache/apache-http-strict-transport-security-with-long-duration-817/ maybe you don't want to include the includeSubDomains. I had to remove it.
Back to top
jraute



Joined: 13 Sep 2013
Posts: 188
Location: Rheinland, Germany

PostPosted: Tue 23 Sep '14 8:49    Post subject: Reply with quote

I've tried the settings (they have been well known, i do remember a part of it as my own suggestion Wink), but it gives an A without FIPS-ready at SSL Report v1.10.31.
Back to top
glsmith
Moderator


Joined: 16 Oct 2007
Posts: 2243
Location: Sun Diego, USA

PostPosted: Tue 23 Sep '14 9:46    Post subject: Reply with quote

was OpenSSL compiled with FIPS?

If SSLFIPS is On and Apache will not start (re-reading your first post), chances are OpenSSL was not compiled with FIPS. No, you probably will not see anything in the error log since Apache failed before logs were even opened. It probably shows up in the Event Viewer.

My Apache 2.4.10 wrote:
SSLFIPS invalid, rebuild httpd and openssl compiled for FIPS


If not, you will surely see it when starting at the command line.
Back to top
jraute



Joined: 13 Sep 2013
Posts: 188
Location: Rheinland, Germany

PostPosted: Tue 23 Sep '14 13:59    Post subject: Reply with quote

(Btw. i've forgotten to give some information about the version.
It's the 2.4.10 Win64 version from apachelounge.)

Does someone know the requirements for FIPS?
Is SSLUseStapling etc. mandatory?
Can "FIPS-ready" be achieved with self signed certificates?

Thanks for the hint to look into the event log.
There is an error:
Quote:
The Apache service named reported the following error:
>>> SSLFIPS invalid, rebuild httpd and openssl compiled for FIPS.
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 6786
Location: Germany, Next to Hamburg

PostPosted: Tue 23 Sep '14 22:09    Post subject: Reply with quote

jraute wrote:
I've tried the settings (they have been well known, i do remember a part of it as my own suggestion Wink), but it gives an A without FIPS-ready at SSL Report v1.10.31.


I get the fips ready without fips flag while compilation of ossl. I gotta look into that when I'm back home next week. Testing it from my phone seems impossible Shocked
Back to top
Jan-E



Joined: 09 Mar 2012
Posts: 1039
Location: Amsterdam, NL, EU

PostPosted: Tue 23 Sep '14 23:15    Post subject: Reply with quote

jraute wrote:
I've tried the settings (they have been well known, i do remember a part of it as my own suggestion Wink), but it gives an A without FIPS-ready at SSL Report v1.10.31.

You will get an A+ if you enable HSTS:
Quote:
This server supports HTTP Strict Transport Security with long duration. Grade set to A+.
I've got such a server, but it is not FIPS-ready either. I will experiment a little bit to see if I can achieve it.

Edit helaas, pindakaas:

The Apache service named reported the following error:
>>> SSLFIPS invalid, rebuild httpd and openssl compiled for FIPS .

Apache 2.4.10 VC9 32-bits

Edit 2 I had this config:

Code:
SSLProtocol -ALL +TLSv1.2 +TLSv1
SSLHonorCipherOrder On
SSLCipherSuite ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:!aNULL:!MD5:!ADH


When I changed the cyphersuite into the one from http://mariobrandt.de/archives/apache/apache-http-strict-transport-security-with-long-duration-817/ the server was FIPS-ready (without SSLFIPS on). I will not disclose anything by showing the SSLlabs verdict:

https://www.ssllabs.com/ssltest/analyze.html?d=sessiondatabase.net&hideResults=on
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 6786
Location: Germany, Next to Hamburg

PostPosted: Wed 24 Sep '14 1:15    Post subject: Reply with quote

jraute wrote:

Does someone know the requirements for FIPS?
Is SSLUseStapling etc. mandatory?
Can "FIPS-ready" be achieved with self signed certificates?



1) that somewhere in the handbook from that test lab
2) I'm not sure, but it make sence for me to use it http://httpd.apache.org/docs/trunk/mod/mod_ssl.html#sslusestapling
3) that is a point not to get the fips ready since the certificate is not valid / can not be checked from browser cause it doesn't know the issuer
Back to top
jraute



Joined: 13 Sep 2013
Posts: 188
Location: Rheinland, Germany

PostPosted: Wed 24 Sep '14 8:04    Post subject: Reply with quote

Thanks for shedding light on this topic.
For me it seems a bit strange that FIPS-ready can be achieved without the SSLFIPS-switch turned on, but the main problem in my case for sure is to have an uncomplete certificate chain on my test-server, cuz there i use self signed certificates.
Back to top
Jan-E



Joined: 09 Mar 2012
Posts: 1039
Location: Amsterdam, NL, EU

PostPosted: Wed 24 Sep '14 14:36    Post subject: Reply with quote

Try this one for testing: http://freessl.com/

In the mean time I found out that enabling SSLv3 breaks the FIPS-readyness. SSLUseStapling is not needed.
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 6786
Location: Germany, Next to Hamburg

PostPosted: Wed 24 Sep '14 21:47    Post subject: Reply with quote

Or use startssl.com Smile
Back to top
Jan-E



Joined: 09 Mar 2012
Posts: 1039
Location: Amsterdam, NL, EU

PostPosted: Fri 26 Sep '14 17:20    Post subject: Reply with quote

I had a real challenge. My SSL setup already was A+ with Strict Transport Security (HSTS) and Robust Forward Secrecy. But I wanted the server to be FIPS-ready as well.

I started with this config:
Code:
SSLProtocol -ALL +TLSv1.2 +TLSv1
SSLHonorCipherOrder On
SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:!LOW:!MD5:!aNULL:!eNULL:!3DES:!EXP:!PSK:!SRP:!DSS

This resulted in the following report by SSLLabs:
https://www.ssllabs.com/ssltest/analyze.html?d=sessiondatabase.net&hideResults=on

Not supported browsers:
Android 2.3.7
IE6 / XP
IE8 / XP
All Java's

That should be acceptable nowadays. Alas, one of our customers reported that the server was down. They happened to be using IE8 on XP. Yeah, really.

I went looking for a solution and stumbled across this description: https://github.com/client9/sslassert/wiki/IE-Supported-Cipher-Suites
Quote:
DES-CBC3-SHA unfortunately allows the BEAST attack and is very slow. However some XP machines are configured to be "FIPS Compliant" and ONLY this cipher will be used. It's not clear how wide-spread the configuration of "Windows XP + FIPS + Internet Explorer" is, but for maximum compatibility this cipher suite is required.

I removed the !3DES from the config, added DES-CBC3-SHA as last cipher and tested this at SSLLabs: "BEAST attack; Not mitigated server-side". A pity, but the BEAST attack is not considered an issue by SSLLabs anymore.

Done? No, because I lost Robust Forward Secrecy in the process. So I had to look for a variant of DES-CBC3-SHA with Elliptic Curve cryptography. That happened to be EDH-RSA-DES-CBC3-SHA, so I added this one as well.

Final config:
Code:
SSLProtocol -ALL +TLSv1.2 +TLSv1
SSLHonorCipherOrder On
SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:EDH-RSA-DES-CBC3-SHA:DES-CBC3-SHA:!LOW:!MD5:!aNULL:!eNULL:!EXP:!PSK:!SRP:!DSS

I applied this setup to the server where I am hosting my PHP builds. SSLLabs report:
https://www.ssllabs.com/ssltest/analyze.html?d=phpdev.toolsforresearch.com

I lost the 100% score on cipher strength, but only Android 2.3.7, IE8 on XP and Java 8b132 are using the 112 bits cipher. Not really something to be worried about.
Back to top
Jan-E



Joined: 09 Mar 2012
Posts: 1039
Location: Amsterdam, NL, EU

PostPosted: Sun 28 Sep '14 15:38    Post subject: Reply with quote

jraute wrote:
(Btw. i've forgotten to give some information about the version.
It's the 2.4.10 Win64 version from apachelounge.)

VC9, VC10 or VC11?

I have compiled SSL with the openssl-fips-2.0.8.tar.gz from openssl.org:
https://phpdev.toolsforresearch.com/openssl-1.0.1i-fips-2.4.10-x86-vc9.zip

However, if I replace my non-FIPS ssl*.dll and mod_ssl.so with the FIPS ones, I get this error messge:
Code:
[ssl:emerg] [pid 4980:tid 1208] AH01903: Failed to configure CA certificate chain!

It does not matter if I add 'SSLFIPS on' or not. In both cases it fails.

If anyone manages to get this working, please share you config.


Last edited by Jan-E on Tue 07 Oct '14 19:00; edited 1 time in total
Back to top
jraute



Joined: 13 Sep 2013
Posts: 188
Location: Rheinland, Germany

PostPosted: Mon 29 Sep '14 8:23    Post subject: Reply with quote

VC11, but the main problem is the chain, i think.
Back to top
Jan-E



Joined: 09 Mar 2012
Posts: 1039
Location: Amsterdam, NL, EU

PostPosted: Mon 29 Sep '14 8:51    Post subject: Reply with quote

Try this one
https://phpdev.toolsforresearch.com/openssl-1.0.1i-fips-2.0.8-apache-2.4.10-VC11-x64.zip

I have got this running on my development server:
https://www.ssllabs.com/ssltest/analyze.html?d=ie8xp.sessiondatabase.net&s=109.72.82.224&hideResults=on

Or, without support for IE8 on XP:
https://www.ssllabs.com/ssltest/analyze.html?d=fips.sessiondatabase.net

See the Apache signature in the report:
Apache/2.4.10 (Win64) OpenSSL/1.0.1i-fips PHP/5.6.1

Edit: The 'without support for IE8 on XP' is not true. Although I did not specify TLS_RSA_WITH_3DES_EDE_CBC_SHA, IR8 on XP uses it nevertheless:
Quote:
IE8/XP TLS 1.0 TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) 112

SSLLabs reports 100 on cypher strength, which is strange because IE8 on XP uses only 112 bits.

Edit 2: In reality IE8 on XP is not able to connect to https://fips.sessiondatabase.net so the 'without support for IE8 on XP' is true after all. The SSLLabs report is not accurate on the point.


Last edited by Jan-E on Tue 30 Sep '14 0:22; edited 1 time in total
Back to top
glsmith
Moderator


Joined: 16 Oct 2007
Posts: 2243
Location: Sun Diego, USA

PostPosted: Mon 29 Sep '14 19:57    Post subject: Reply with quote

I find it odd that I have your same cyphers + 2 others, same protocols, same everything but certificates yet I get this for IE8/XP: Protocol or cipher suite mismatch

Mine is rather obvious it is not going to work with the red. What I would want to know is how during the browser emulation portion of the test it is able to pick up that cypher it is showing for IE8/XP. It is not one of your 4 configured cyphers.

I'm going to try building FIPS sometime this weak. I've done it before and when I ran this ssl labs test with FIPS I had a weaker score than without it.
Back to top
glsmith
Moderator


Joined: 16 Oct 2007
Posts: 2243
Location: Sun Diego, USA

PostPosted: Tue 30 Sep '14 3:27    Post subject: Reply with quote

Works for me but this is VC9 x86. I will also try vc11 x64.

HTTPS="on"
REQUEST_METHOD="GET"
REQUEST_SCHEME="https"
REQUEST_URI="/cgi-bin/printenv.pl"
SCRIPT_NAME="/cgi-bin/printenv.pl"
SERVER_ADDR="::1"
SERVER_NAME="localhost"
SERVER_PORT="443"
SERVER_PROTOCOL="HTTP/1.1"
SERVER_SIGNATURE=""
SERVER_SOFTWARE="Apache/2.4.10 (Win32) OpenSSL/1.0.1i-fips"
SSL_TLS_SNI="localhost"

and

[Mon Sep 29 18:26:25.146400 2014] [ssl:notice] [pid 5424:tid 484] AH01884: Operating in SSL FIPS mode

Edit:
VC11 x64 same results
SERVER_SOFTWARE="Apache/2.4.10 (Win64) OpenSSL/1.0.1i-fips"
[Mon Sep 29 22:37:48.303677 2014] [ssl:notice] [pid 1752:tid 416] AH01884: Operating in SSL FIPS mode


A challenge was building 32bit fips on an x64 OS.
Back to top
ivanr



Joined: 27 Apr 2013
Posts: 6

PostPosted: Tue 30 Sep '14 11:52    Post subject: Reply with quote

Jan-E wrote:

Edit 2: In reality IE8 on XP is not able to connect to https://fips.sessiondatabase.net so the 'without support for IE8 on XP' is true after all. The SSLLabs report is not accurate on the point.


No, it is accurate. Your configuration relies on Server Name Indication, which IE8 doesn't send, and you have a different configuration on the default host. You can verify this by connecting using "$ openssl s_client -connect hostname -cipher 3DES".
Back to top
Jan-E



Joined: 09 Mar 2012
Posts: 1039
Location: Amsterdam, NL, EU

PostPosted: Tue 30 Sep '14 14:55    Post subject: Reply with quote

To test the IE8 connectivity I changed the http-ssl.conf. I now have only one SSL Virtualhost:
Code:
<VirtualHost _default_:443>

   ServerName fips.sessiondatabase.net:443
   ServerAlias *.sessiondatabase.net:443 sessiondatabase.net:443
etc

But IE8 on XP still cannot load https://fips.sessiondatabase.net/
And SSLLabs reports that correctly.


Last edited by Jan-E on Tue 30 Sep '14 15:23; edited 1 time in total
Back to top
ivanr



Joined: 27 Apr 2013
Posts: 6

PostPosted: Tue 30 Sep '14 15:12    Post subject: Reply with quote

Jan-E wrote:
To test the IE8 connectivity I changed the http-ssl.conf. I now have only one SSL Virtualhost:
Code:
<VirtualHost _default_:443>

   ServerName fips.sessiondatabase.net:443
   ServerAlias *.sessiondatabase.net:443 sessiondatabase.net:443
etc

But IE8 on XP still cannot load https://fips.sessiondatabase.net/
And SSLLabs reports that correctlt.


True, but SSL Labs is now also showing that IE8/XP won't connect ("Protocol or cipher suite mismatch") Smile
Back to top


Reply to topic   Topic: Apache and FIPS-ready View previous topic :: View next topic
Post new topic   Forum Index -> Apache Page 1, 2  Next