如何配置Apache的安全SSL/TLS?

Apache

1 基础知识

1.1 TLS版本现状

– 目前TLS 1.2和TLS 1.3以外的所有协议均被视为不安全
– 显示是许多Web服务器平台默认仍启用TLS 1.0和TLS 1.1
– 实际情况是当前所有Web浏览器都与TLS 1.2兼容

1.2 确认服务器支持的协议

nmap --script ssl-enum-ciphers -p <PORT> <DOMAIN NAME>  

1.3 测试服务器的协议

openssl s_client -connect <DOMAIN NAME>:<PORT>

2 最佳实践

2.1 操作的环境

如何部署CentOS 8.x nextCloud?

2.2 确认站点支持的SSL/TLS版本

2.2.1 安装工具

dnf install -y nmap

2.2.2 扫描站点域名

nmap --script ssl-enum-ciphers -p 443 nextcloud.cmdschool.org

可见如下显示,

Starting Nmap 7.70 ( https://nmap.org ) at 2020-12-09 20:12 EST
Nmap scan report for nextcloud.cmdschool.org (10.168.0.80)
Host is up (0.000053s latency).

PORT    STATE SERVICE
443/tcp open  https
| ssl-enum-ciphers:
|   TLSv1.0:
|     ciphers:
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 2048) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|     compressors:
|       NULL
|     cipher preference: client
|   TLSv1.1:
|     ciphers:
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 2048) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|     compressors:
|       NULL
|     cipher preference: client
|   TLSv1.2:
|     ciphers:
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 2048) - A
|       TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (dh 2048) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (secp256r1) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
|     compressors:
|       NULL
|     cipher preference: client
|_  least strength: A

Nmap done: 1 IP address (1 host up) scanned in 0.54 seconds

注:以上可见当前服务器开启的TLS协议版本包括TLSv1.0、TLSv1.1和TLSv1.2

2.3 禁用非安全的协议

vim /etc/httpd/conf.d/nextcloud.conf

参数修改如下,

#...

<VirtualHost *:443>
  #...

  SSLEngine on
  SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
  SSLHonorCipherOrder on
  SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:AES256-GCM-SHA384:AES256-SHA256
  SSLCertificateFile /etc/httpd/2_nextcloud.cmdschool.org.crt
  SSLCertificateKeyFile /etc/httpd/3_nextcloud.cmdschool.org.key
  SSLCertificateChainFile /etc/httpd/1_root_bundle.crt

  #...
</VirtualHost>

#...

配置参数解析如下,
– “SSLProtocol”参数定义当前服务器去掉“TLSv3”、“TLSv1”和“TLSv1.1”的支持
– “SSLCipherSuite”参数定义安全的加密集合

2.4 重载使配置生效

systemctl reload httpd.service

2.5 使用客户端检查

openssl s_client -connect nextcloud.cmdschool.org:443 -servername nextcloud.cmdschool.org

可见如下显示,

CONNECTED(00000003)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = CN, O = "TrustAsia Technologies, Inc.", OU = Domain Validated SSL, CN = TrustAsia TLS RSA CA
verify return:1
depth=0 CN = nextcloud.cmdschool.org
verify return:1
---
Certificate chain
 0 s:CN = nextcloud.cmdschool.org
   i:C = CN, O = "TrustAsia Technologies, Inc.", OU = Domain Validated SSL, CN = TrustAsia TLS RSA CA
 1 s:C = CN, O = "TrustAsia Technologies, Inc.", OU = Domain Validated SSL, CN = TrustAsia TLS RSA CA
   i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgIQDcrRIA/WSDIaEsDQTaWB2jANBgkqhkiG9w0BAQsFADBy
MQswCQYDVQQGEwJDTjElMCMGA1UEChMcVHJ1c3RBc2lhIFRlY2hub2xvZ2llcywg
SW5jLjEdMBsGA1UECxMURG9tYWluIFZhbGlkYXRlZCBTU0wxHTAbBgNVBAMTFFRy
dXN0QXNpYSBUTFMgUlNBIENBMB4XDTIwMTExMTAwMDAwMFoXDTIxMTExMDIzNTk1
OVowIjEgMB4GA1UEAxMXbmV4dGNsb3VkLmNtZHNjaG9vbC5vcmcwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2+DE7SnXxja8sQhY3VdoY1Uh/ts/VqFTK
PB+fWTMATRhip7HAYzjOvsE2cGjQYs7hqp1qBtH2gr+V/dCUZ3Y4BBDNjaYZF6Vy
0g46Dz13R30KUO/yu4v1H6rwPiUH75CaaCSDhPmlGv41sXsytu3sW8oQs3h3rf2o
Lt2IO+vqTKTUDqkmuyWlKjqcxl5nI74Zy/WvoK9NbIAJUY2h7Nd3vIpUTn5KZsQU
ay/0RC1eSi2+7ZvlzVmTO1R8rvBhuu4WYUVdWtsTd4Z+QrwJqeJdcdBldkwUaQMC
aZNTzHbl6x8SYh+asgDCaZhdV8F817YsR2ijHcNefdvnYX/2fdF1AgMBAAGjggKO
MIICijAfBgNVHSMEGDAWgBR/05nzoEcOMQBWViKOt8ye3coBijAdBgNVHQ4EFgQU
ss0HUw6TePXPi1RPWXmVWDaN/SQwIgYDVR0RBBswGYIXbmV4dGNsb3VkLmNtZHNj
aG9vbC5vcmcwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjBMBgNVHSAERTBDMDcGCWCGSAGG/WwBAjAqMCgGCCsGAQUFBwIBFhxo
dHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECATCBkgYIKwYBBQUH
AQEEgYUwgYIwNAYIKwYBBQUHMAGGKGh0dHA6Ly9zdGF0dXNlLmRpZ2l0YWxjZXJ0
dmFsaWRhdGlvbi5jb20wSgYIKwYBBQUHMAKGPmh0dHA6Ly9jYWNlcnRzLmRpZ2l0
YWxjZXJ0dmFsaWRhdGlvbi5jb20vVHJ1c3RBc2lhVExTUlNBQ0EuY3J0MAkGA1Ud
EwQCMAAwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwD2XJQv0XcwIhRUGAgwlFaO
400TGTO/3wwvIAvMTvFk4wAAAXW1LFyAAAAEAwBIMEYCIQD2+v4PVB6oejAgESa5
qN4pmwBEZvqlcunTtpYUjeyZHgIhAJNeZofn78YgPfOvWywuiN+2vsQ/1j/qTw8r
MbSeee84AHYARJRlLrDuzq/EQAfYqP4owNrmgr7YyzG1P9MzlrW2gagAAAF1tSxc
dQAABAMARzBFAiEAyIzm0rm4SAm0ywMqMA2grk5QigjGnqBVLkDpsYS60icCIALS
P68sfHX3q7j4NlTEyqcmQpqwxsE05EDmQNfAVLaXMA0GCSqGSIb3DQEBCwUAA4IB
AQAKjciPq45QwNymoY2lg366vpPeu1EwGJhmzxSllWeZCXNQe/bnwr4tIE8g4FbW
TQ8LtfHvwV8arT2u0jLCC4FT7ebV9uJ4b7bt1TV3jo/aGppIeJL4A7zuSwONp1tY
ZYwIuTOjCdfU51eIMr3e7t2uPo1A3TlvvcmcuFkALyKN/T3Lf/CZeoJxeBni0seD
Ly/OvSLLVhkN/Z3VWN2pvydfoD6OAiu0XD23tbJaJeEKX28lqSmvg9cuGrsFbzRI
C/mALbjE8J5HBUTC+h9UsKekk5v5DiHLz0q51DbM/yAK4Eh38bHUGke/7/7F9j/W
fAQqLX5LP6SNVnNlBqu7ktRH
-----END CERTIFICATE-----
subject=CN = nextcloud.cmdschool.org

issuer=C = CN, O = "TrustAsia Technologies, Inc.", OU = Domain Validated SSL, CN = TrustAsia TLS RSA CA

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3225 bytes and written 411 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: 065F5FBF5E181FB88A2E6A3ABD587DAD324DCFB24EFCDF3E070919E1091D3D1D
    Session-ID-ctx:
    Resumption PSK: 8ECC6065C12AA151401542DB02AFF986955A08819BDB3D62AF4A717FAF27F18583941C8EBC9BA2AAA5E1745BC2EBA582
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - 7e 1e db db 31 31 eb 3b-dc 16 5b 56 bf 5f 0c cc   ~...11.;..[V._..
    0010 - 1f cf 9b cb f2 07 ae ea-a9 ef a2 ca 9d 12 97 4e   ...............N
    0020 - 04 94 1c 15 a1 2d 9f d6-15 7d 79 84 cc 6c 0d 4d   .....-...}y..l.M
    0030 - ad b3 fd 3e cb 1e 32 00-06 d8 02 61 e4 3d e1 3e   ...>..2....a.=.>
    0040 - 05 f6 07 7a 9a 35 c4 4f-6e a7 b6 c4 7b 66 a1 4b   ...z.5.On...{f.K
    0050 - 1b c5 d3 b4 52 f4 d9 d0-f0 d0 65 14 77 b7 b3 26   ....R.....e.w..&
    0060 - cb 83 d5 78 bc 65 05 6f-cc 17 ba 9d e8 35 ec 99   ...x.e.o.....5..
    0070 - 8a db 82 94 8d a6 65 25-40 ed e4 5b 97 6d a0 84   ......e%@..[.m..
    0080 - 34 d8 20 91 2e 75 63 9d-3e ec a1 f7 4b c5 ce d7   4. ..uc.>...K...
    0090 - 47 ef 50 8c 70 0c 94 da-7c 8b 6b 58 99 7a 2b 3e   G.P.p...|.kX.z+>
    00a0 - 89 5f bd 13 ee 72 aa fa-81 51 38 a2 1f e4 13 3d   ._...r...Q8....=
    00b0 - 0b ec d5 20 8e 6e ed d3-ca 65 f2 51 a3 d6 97 5d   ... .n...e.Q...]
    00c0 - b3 e3 db 4e 3e ef b0 bb-a9 66 1e 7b a9 69 f0 8c   ...N>....f.{.i..
    00d0 - ca 41 9d 6e 4a 3e f8 4f-36 98 1f 52 1d 96 0c 0b   .A.nJ>.O6..R....
    00e0 - 6e ca f6 d8 ff 72 55 a0-a8 14 a8 9b 6e 11 95 bd   n....rU.....n...
    00f0 - c6 6c 7f 3e a2 84 81 b0-0e 11 79 b9 35 f8 1d de   .l.>......y.5...

    Start Time: 1607563092
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    Max Early Data: 0
---
read R BLOCK
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: 62017E87817D6513734FA4DB2E064F39FC236B1243DFFE9A1C6D4E3A265370AA
    Session-ID-ctx:
    Resumption PSK: 6F6306521FF012415BEF34BBEB70759436D49440A4A7B3C258EEB74857ECCD528A5B5848C04D695901F3EF12A67593EC
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - 7e 1e db db 31 31 eb 3b-dc 16 5b 56 bf 5f 0c cc   ~...11.;..[V._..
    0010 - 0b 39 29 4e 65 c5 c1 83-ba 71 cd 0c 60 17 8a 38   .9)Ne....q..`..8
    0020 - 53 7b c4 d7 36 c4 02 dd-c5 66 91 09 3c 75 18 22   S{..6....f..<u."
    0030 - 85 0e 22 d7 c2 78 a0 bf-09 d3 62 68 a9 63 84 61   .."..x....bh.c.a
    0040 - 37 ef ce 54 b3 26 d2 36-c7 7e a7 3d 05 d2 95 3b   7..T.&.6.~.=...;
    0050 - ac 4c 09 fa ed 1f 27 3c-f3 0f 99 a4 15 b3 f0 2e   .L....'<........
    0060 - b8 a9 ea 39 4c 62 fb bf-2e d4 09 3c a9 6e ee c7   ...9Lb......U
    00a0 - f5 78 91 72 69 1b 69 7f-2e 90 39 39 7b 9a bf de   .x.ri.i...99{...
    00b0 - ac 06 69 3a 7e db 94 6c-4c 5b a5 de 35 dd be db   ..i:~..lL[..5...
    00c0 - f0 19 e8 79 6e aa ff 48-f0 53 a3 d3 40 a3 eb 7c   ...yn..H.S..@..|
    00d0 - 3b fc 83 08 a8 6f 5a 8c-db bd ac c7 d5 b2 d1 f4   ;....oZ.........
    00e0 - 0f 59 f1 6f f2 c4 e2 28-6d e2 a3 d4 5a fd 7b 50   .Y.o...(m...Z.{P
    00f0 - 52 d4 28 63 3b fb ae 53-8b 18 7e a5 ca 78 0f 1b   R.(c;..S..~..x..

    Start Time: 1607563092
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    Max Early Data: 0
---
read R BLOCK
closed

如果你尝试用低版本协议链接,可尝试如下命令,

openssl s_client -connect nextcloud.cmdschool.org:443 -servername nextcloud.cmdschool.org -tls1

会收到如下拒绝信息,

CONNECTED(00000003)
140236387342144:error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version:ssl/record/rec_layer_s3.c:1543:SSL alert number 70
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 136 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1607563505
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
---

另外,也可以之前的命令测试,

nmap --script ssl-enum-ciphers -p 443 nextcloud.cmdschool.org

可见如下显示,

Starting Nmap 7.70 ( https://nmap.org ) at 2020-12-09 20:22 EST
Nmap scan report for nextcloud.cmdschool.org (10.168.0.80)
Host is up (0.000051s latency).

PORT    STATE SERVICE
443/tcp open  https
| ssl-enum-ciphers:
|   TLSv1.2:
|     ciphers:
|       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (ecdh_x25519) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (ecdh_x25519) - A
|       TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 2048) - A
|       TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A
|     compressors:
|       NULL
|     cipher preference: server
|_  least strength: A

Nmap done: 1 IP address (1 host up) scanned in 0.45 seconds

参阅文档
====================
https://www.ssl.com/guide/disable-tls-1-0-and-1-1-apache-nginx/

https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html

https://docs.nginx.com/nginx/admin-guide/security-controls/terminating-ssl-http/

http://nginx.org/en/docs/http/ngx_http_ssl_module.html

https://httpd.apache.org/docs/2.4/mod/mod_ssl.html

没有评论

发表评论

Apache
如何传递真实IP到Apache后端?

1 前言 一个问题,一篇文章,一出故事。 本章需要实现前端反向代理(Nginx)的服务器需要传递客户 …

Apache
如何编译安装Apache+PHP7.4.3?

1 前言 笔者平素不喜欢简单的编译安装,因为很多系统管理员为了省事,编译安装的东西没有rpm包安装那 …

Apache
如何打包Docker Apache+PHP 7.4.11(可连MySQL)?

1 基础知识 以下版本基于MySQL数据库的连接,本章节需要你先掌握Linux系统的PHP 7.4. …