I have been using the SSL Labs server test (https://www.ssllabs.com/ssltest/) to evaluate my server settings.
The server is Ubuntu 12.04.3 with lighttpd 1.4.33, OpenSSL 1.0.1-4ubuntu5.10. As far as I can tell it includes patches from 1.0.1e.
I have disabled SSLv3.
Every time I run the security check I get a B result because there are two weak cipher suites in the list. I am using the recommended cipher list from Ivan Ristic's blog, modified for use with lighttpd:
ssl.cipher-list = "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECD\
H+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRS\
A RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"
The two cipher suites that I am hung up on are
TLS_DHE_RSA_WITH_DES_CBC_SHA (0x15) DH 1024 bits (p: 128, g: 128, Ys: 128) FS WEAK 56
TLS_RSA_WITH_DES_CBC_SHA (0x9) WEAK 56
I think these are EDH-RSA-DES-CBC-SHA and DES-CBC-SHA in OpenSSL parlance.
When I do
openssl s_client -connect server:443 -cipher ECDHE-RSA-RC4-SHA,
The handshake is successful (supported cipher, what I expect).
openssl s_client -connect server:443 -cipher EDH-RSA-DES-CBC-SHA
openssl s_client -connect server:443 -cipher DES-CBC-SHA
I get a fail to handshake message from both, including the line
New, (NONE), Cipher is (NONE)
So I don't know how the SSLLabs test is showing that these cipher suites are available. Does anyone have an idea what's going on?