I have an IdHTTPServer , and I want to implement support for handling both HTTP and https requests. Got my consig
FSSLHandler := TIdServerIOHandlerSSLOpenSSL.Create(nil); FSSLHandler.SSLOptions.CertFile := 'certificate.pem'; FSSLHandler.SSLOptions.KeyFile := 'key.pem'; FSSLHandler.SSLOptions.RootCertFile := 'chain.pem'; FIdHTTPServer.Bindings.Add.Port := 443; FIdHTTPServer.IOHandler := FSSLHandler; FIdHTTPServer.Activate := true;
in the server directory I have ssleay32.dll and ssleay32.dll v1.0.2l (Win32) downloaded from http://indy.fulgan.com/SSL/
when I make a request from Chrome, on the security tab of the developer tool, I see:
In addition, while analyzing the server with sslyze , I have other security problems (see VULNERABLE label):
> sslyze --regular local.XXXXXXXXXXXXXX.com:4343 SCAN RESULTS FOR LOCAL.XXXXXXXXXXXXXX.COM:4343 - 127.0.0.1 -------------------------------------------------------- * SSLV2 Cipher Suites: Server rejected all cipher suites. * TLSV1_1 Cipher Suites: Preferred: None - Server followed client cipher suite preference. Accepted: TLS_RSA_WITH_AES_256_CBC_SHA - 256 bits TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - 256 bits TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - 128 bits TLS_RSA_WITH_AES_128_CBC_SHA - 128 bits TLS_RSA_WITH_SEED_CBC_SHA - 128 bits * SSLV3 Cipher Suites: Server rejected all cipher suites. * TLSV1 Cipher Suites: Preferred: None - Server followed client cipher suite preference. Accepted: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - 256 bits TLS_RSA_WITH_AES_256_CBC_SHA - 256 bits TLS_RSA_WITH_SEED_CBC_SHA - 128 bits TLS_RSA_WITH_AES_128_CBC_SHA - 128 bits TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - 128 bits * Deflate Compression: OK - Compression disabled * Downgrade Attacks: TLS_FALLBACK_SCSV: OK - Supported * OpenSSL Heartbleed: OK - Not vulnerable to Heartbleed * OpenSSL CCS Injection: OK - Not vulnerable to OpenSSL CCS injection * Session Renegotiation: Client-initiated Renegotiation: VULNERABLE - Server honors client-initiated renegotiations Secure Renegotiation: OK - Supported * Resumption Support: With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts). With TLS Tickets: OK - Supported * TLSV1_2 Cipher Suites: Preferred: None - Server followed client cipher suite preference. Accepted: TLS_RSA_WITH_AES_256_GCM_SHA384 - 256 bits TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - 256 bits TLS_RSA_WITH_AES_256_CBC_SHA - 256 bits TLS_RSA_WITH_AES_256_CBC_SHA256 - 256 bits TLS_RSA_WITH_AES_128_GCM_SHA256 - 128 bits TLS_RSA_WITH_AES_128_CBC_SHA - 128 bits TLS_RSA_WITH_SEED_CBC_SHA - 128 bits TLS_RSA_WITH_AES_128_CBC_SHA256 - 128 bits TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - 128 bits * Certificate Information: Content SHA1 Fingerprint: 47d0385fb45a82a91f9d8639ea222191adb12719 Common Name: *.XXXXXXXXXXXXXX.com Issuer: XXXXXXXX RSA Domain Validation Secure Server CA Serial Number: 10462331755053598199612105214047533723 Not Before: 2017-09-20 00:00:00 Not After: 2020-09-19 23:59:59 Signature Algorithm: sha256 Public Key Algorithm: RSA Key Size: 2048 Exponent: 65537 (0x10001) DNS Subject Alternative Names: ['*.XXXXXXXXXXXXXX.com', 'XXXXXXXXXXXXXX.com'] Trust Hostname Validation: OK - Certificate matches local.XXXXXXXXXXXXXX.com AOSP CA Store (7.0.0 r1): OK - Certificate is trusted Apple CA Store (OS X 10.11.6): OK - Certificate is trusted Java 7 CA Store (Update 79): OK - Certificate is trusted Microsoft CA Store (09/2016): OK - Certificate is trusted Mozilla CA Store (09/2016): OK - Certificate is trusted Received Chain: *.XXXXXXXXXXXXXX.com --> XXXXXXXX RSA Domain Validation Secure Server CA --> XXXXXXXX RSA Certification Authority Verified Chain: *.XXXXXXXXXXXXXX.com --> XXXXXXXX RSA Domain Validation Secure Server CA --> XXXXXXXX RSA Certification Authority Received Chain Contains Anchor: OK - Anchor certificate not sent Received Chain Order: OK - Order is valid Verified Chain contains SHA1: OK - No SHA1-signed certificate in the verified certificate chain OCSP Stapling NOT SUPPORTED - Server did not send back an OCSP response. SCAN COMPLETED IN 1.34 S ------------------------
I tried to fix the problems by installing CipherList and Method as follows:
FSSLHandler.SSLOptions.Method := sslvTLSv1_2; FSSLHandler.SSLOptions.Mode := sslmUnassigned; FSSLHandler.SSLOptions.SSLVersions := [sslvTLSv1, sslvTLSv1_1, sslvTLSv1_2]; FSSLHandler.SSLOptions.CipherList := 'TLSv1:TLSv1.2:SSLv3:!RC4:!NULL-MD5:!NULL-SHA:!NULL-SHA256:!DES-CBC-SHA:!DES-CBC3-SHA:!IDEA-CBC-SHA';
but errors persist.
how can I fix legacy key exchange (RSA) from Chrome and vulnerability. Client initiated client initiated from sslyze?
Side note: I want to try to implement ssl on the indy server, following the most common best practices, for example https://github.com/ssllabs/research/wiki/SSL-and-TLS-Deployment-Best-Practices
Following https://cipherli.st/ , I also tried using:
FSSLHandler.SSLOptions.Method := sslvTLSv1_2; FSSLHandler.SSLOptions.Mode := sslmUnassigned; FSSLHandler.SSLOptions.SSLVersions := [sslvTLSv1_2]; FSSLHandler.SSLOptions.CipherList := 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
but this is a raise and an exception:
Error connecting to SSL. Error: 1408A0C1: SSL routines: ssl3_get_client_hello: no general encryption
in IdSSLOpenSSL.pas on line 3563:
// RLebeau: if this socket IOHandler was cloned, no need to reuse the // original IOHandler active session ID, since this is a server socket // that generates its own sessions... error := SSL_accept(fSSL); if error <= 0 then begin EIdOSSLAcceptError.RaiseException(fSSL, error, RSSSLAcceptError); // EXCEPTION HERE end; if Supports(fParent, IIdSSLOpenSSLCallbackHelper, IInterface(LHelper)) then begin LParentIO := LHelper.GetIOHandlerSelf; if LParentIO <> nil then begin StatusStr := 'Cipher: name = ' + Cipher.Name + '; ' + {Do not Localize} 'description = ' + Cipher.Description + '; ' + {Do not Localize} 'bits = ' + IntToStr(Cipher.Bits) + '; ' + {Do not Localize} 'version = ' + Cipher.Version + '; '; {Do not Localize} LParentIO.DoStatusInfo(StatusStr); end; LHelper := nil; end;
IndyServer doesn't seem to accept CipherList in the same Apache way. The official documentation is unclear:
TIdSSLOptions.CipherList Property
Pascal
CipherList property: String;
Description
CipherList is a property of a published string. Write access for the property is implemented using fCipherList.