AnsweredAssumed Answered

Eliminating DES-CBC-SHA from cipher list in lighttpd 1.4.33

Question asked by seegee on Oct 25, 2013
Latest reply on Oct 27, 2013 by seegee

I have been using the SSL Labs server test (https://www.ssllabs.com/ssltest/) to evaluate my server settings.

 

The server is Ubuntu 12.04.3 with lighttpd 1.4.33, OpenSSL 1.0.1-4ubuntu5.10. As far as I can tell it includes patches from 1.0.1e.

I have disabled SSLv3.

 

Every time I run the security check I get a B result because there are two weak cipher suites in the list. I am using the recommended cipher list from Ivan Ristic's blog, modified for use with lighttpd:

 

ssl.cipher-list = "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECD\

H+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRS\

A RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"

 

The two cipher suites that I am hung up on are

 

TLS_DHE_RSA_WITH_DES_CBC_SHA (0x15)   DH 1024 bits (p: 128, g: 128, Ys: 128)   FS   WEAK        56   

TLS_RSA_WITH_DES_CBC_SHA (0x9)   WEAK        56

 

I think these are EDH-RSA-DES-CBC-SHA and DES-CBC-SHA in OpenSSL parlance.

 

When I do

openssl s_client -connect server:443 -cipher ECDHE-RSA-RC4-SHA,

 

The handshake is successful (supported cipher, what I expect).

 

With

openssl s_client -connect server:443 -cipher EDH-RSA-DES-CBC-SHA

openssl s_client -connect server:443 -cipher DES-CBC-SHA

 

I get a fail to handshake message from both, including the line

 

New, (NONE), Cipher is (NONE)

 

So I don't know how the SSLLabs test is showing that these cipher suites are available. Does anyone have an idea what's going on?

Outcomes