AnsweredAssumed Answered

Per-protocol cipher suites for Apache 2.4

Question asked by Rob Moss on Nov 3, 2015
Latest reply on Nov 4, 2015 by Rob Moss

I have what I think is a reasonably good setup for Apache 2.4:

 

# Redirect all requests to HTTPS

RewriteEngine On

RewriteCond %{HTTPS} !=on

RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

# Listen on port 443 for HTTPS requests

Listen 443 https

# Set HSTS header (ignored for HTTP requests by clients, but that's OK)

<IfModule mod_headers.c>

    Header always set Strict-Transport-Security: max-age=15768000

</IfModule>

# Enable SSL session cache

SSLSessionCache "shmcb:/var/cache/httpd/ssl/ssl_gcache_data(512000)"

# OCSP stapling configuration

SSLUseStapling On

SSLStaplingResponderTimeout 5

SSLStaplingReturnResponderErrors off

SSLStaplingCache "shmcb:/var/cache/httpd/ssl/ssl_stapling(512000)"

# Thou shalt not use TLS compression

SSLCompression off

# Virtual host configuration

<VirtualHost *:443>

    SSLEngine On

    SSLProxyEngine on

    SSLCertificateFile "/etc/pki/tls/certs/mycert.crt"

    SSLCertificateKeyFile "/etc/pki/tls/private/mycert.key"

    SSLCertificateFile "/etc/pki/tls/certs/mycert.eccrt"

    SSLCertificateKeyFile "/etc/pki/tls/private/mycert.eckey"

    SSLCACertificateFile "/etc/pki/tls/certs/cabundle.crt"

    SSLProtocol all -SSLv2 -SSLv3

    SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:!aNULL:!eNULL:!EXPORT:!RC4:!MD5:!PSK

    SSLHonorCipherOrder on

  # Other virtual host configuration not related to TLS

</VirtualHost>

 

However, IE6 on Windows XP is not supported by this configuration, and we have a requirement for a certain website to support IE6. Currently, the best I've managed to get Apache 2.4 to do in order to support IE6 (which needs SSL3) is to use only GCM and RC4 suites. Ideally, I'd like to be able to use my existing cipher suite for TLS 1.0/1.1/1.2, and then enable SSL3, not use any of these cipher suites with SSL 3 but just the RC4 suite that IE6 needs. The downside of doing so is that modern browsers which don't support GCM end up using RC4, which is horrible. Is there any way for me to do what I want here? Or is it just not possible to tie specific cipher suites to specific protocols with Apache?

Outcomes