httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: [users@httpd] DH^H^H EC parameter selection on httpd 2.2
Date Fri, 31 Mar 2017 14:52:26 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

All,

On 3/30/17 4:32 PM, Christopher Schultz wrote:
> All,
> 
> I'm running httpd 2.2.31 on Amazon Linux, and the docs for 
> SSLCertificateFile say:
> 
> " Beginning with version 2.2.30, mod_ssl makes use of standardized
> DH parameters with prime lengths of 2048, 3072, 4096, 6144 and 8192
> bits (from RFC 3526), and hands them out to clients based on the
> length of the certificate's RSA/DSA key. "
> 
> I have a 4096-bit RSA key and yet I'm not getting a 100% on SSL
> Labs' SSL testing tool. That suggests that the DH parameter
> strength is less than what I was expecting: 4096-bit (or
> equivalent).
> 
> How does httpd determine which DH primes to use based upon the RSA 
> key? The server's key is 4096-bit, but the issuer's key (in the
> chain) is 2048-bit. Is that the reason SSL Test is not giving me
> full marks?
> 
> I'm trying to create a 4096-bit parameters file (to attach to the
> RSA key chain), but it's taking a while so I figured I'd ask in the
> meantime .

I added my 4096-bit DH parameters to the end of my cert file, like this:

- -----BEGIN CERTIFICATE-----
[my RSA certificate]
- -----END CERTIFICATE-----
- -----BEGIN DH PARAMETERS-----
[my DH parameters data]
- -----END DH PARAMETERS-----

and restarted httpd.

When running SSL Labs' test, it tells me the following:

cipher / key-exch / strength / forward-security
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)   ECDH secp256r1 (eq.
3072 bits RSA)   FS
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)   ECDH secp256r1 (eq.
3072 bits RSA)   FS
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f)   DH 4096 bits   FS
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b)   DH 4096 bits   FS

So it looks like the DH parameters are okay, but the EC RSA-bit-equiv
is only 3072.

Does this mean that I'd need to create an ecparam file to raise that
RSA-bit-equiv even higher?

Thanks,
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJY3m0pAAoJEBzwKT+lPKRY+yEP/RoJD/UK7DtWRsklRqf7dnkK
b1ISfV7+tbJokQ+i+gnBHeU+IXA70DLU0y5bjd82zEXfBJ4rwk0yhDXr2110PVjE
reZz8C37NfXXCNXWJiSAfOOyEYJBzXQ8/hsrcbRTcDnetWvsXwZ09OIn7q/IDRvP
94W5LjtZM9FW0Obtcgrn2P/nQSPKIJlHAdZFgwVZkart1snRwAklQQ2kwX29Knyt
h/ZZ1i5B31euZRrQsbTIYKkpCrfALi1eRQvmgGuW+Myjlj3M+Cr7Hw9uR73qKCAW
4cNrue+8DmYSDHwjAHbfcxqcEEJvgkfgBU3SuRdWrud/zwWlYhI2HxfGwoONK4Vo
wGljRAcen3X8jebnkXj3v4QhToGmESFU2vBnxXpmDjo0pxMhSk2OzAYXdSTBtLL9
BjlrObQM5WAvyX0PjBAji+fD1Iz690jCbGJWqHfOeNIAlkDbVtjZE8fiNK0k57K8
dSjzLWDjDOAgC/rPc5SeFCAewcqcBDVAObfITKrm77c2hqHH6jOjWdNiZj/2Xg5d
6FUTC6VLlk/VULf8xK0WL27RaqwvOcExbrnbed4oLB+wmIw1uD47LFFAz9dmL+J4
RppIcIBcnXPvuaeXbZ227gkO/2ShSgPzH1oZm09UORMdbZw+Xwm8Gks/PcHQujMD
UG8+nS4yiXV0VLkqMs2e
=NUwP
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message