Domino 9.0.1 FP4 IF2 Security Update
Daniel Nashed – 26 September 2015 08:38:11
After updating to the new IF which introduces ECDHE with some additional settings you can get to a "A+" SSL Labs rating.
When you install IF2 by default you get a good set of ciphers.
In the previous sets oif fixes DHE was disabled by defaiult. Now you have DHE and also ECDHE enabled by default.
There is not much in addition to that you have to do.
Cipher Suites (SSL 3+ suites in server-preferred order; deprecated and SSL 2 suites at the end)
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) ECDH 256 bits (eq. 3072 bits RSA)
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) DH 2048 bits (p: 256, g: 1, Ys: 256)
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) ECDH 256 bits (eq. 3072 bits RSA)
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) DH 2048 bits (p: 256, g: 1, Ys: 256)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) ECDH 256 bits (eq. 3072 bits RSA)
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b) DH 2048 bits (p: 256, g: 1, Ys: 256)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH 256 bits (eq. 3072 bits RSA)
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) DH 2048 bits (p: 256, g: 1, Ys: 256)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) ECDH 256 bits (eq. 3072 bits RSA)
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67) DH 2048 bits (p: 256, g: 1, Ys: 256)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH 256 bits (eq. 3072 bits RSA)
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d) 256
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c) 128
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d) 256
TLS_RSA_WITH_AES_256_CBC_SHA (0x35) 256
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c) 128
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) 128
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) 112
The SSL Labs rating says that PFS is supported with current browsers: "Forward Secrecy - With modern browsers"
-- Disable SSL V3 --
First of all you have to disable SSL V3. By default it is still enabled.
And I think it is time to completely disable it.
DISABLE_SSLV3=1
The current fixes also support HSTS but by default the max age is a bit too low.
So I set the following notes.ini settings:
HTTP_HSTS_MAX_AGE=17280000
HTTP_HSTS_INCLUDE_SUBDOMAINS=1
Which resulted in the following rating:
"Strict Transport Security (HSTS) Yes max-age=17280000; includeSubDomains"
-- OCSP --
Also OCSP is supported in the current version.
I have set the following notes.ini settings to enable it and to specify the responder URL for my certificate provider.
And I also enabled debugging for testing and ensured that time differences of different clocks do not cause any issues.
SSL_ENABLE_OCSP_STAPLING=1
OCSP_RESPONDER=http://evssl-ocsp.globalsign.com/responder
OCSP_CLOCKSKEW=10
OCSP_LOGLEVEL=31
The result is:
OCSP stapling -> Yes
-- Cipher Configation --
The cipher configuration has changed a bit. For the new ciphers you need four digits.
Using the SSLCipherSpec you can continue to configure the existing ciphers using the two digit code.
But I would recommend that you start using 4 digits for all cipher types to keep the settings more consistent.
Also there is a way to disable certain ECDHE Curves via notes.ini settings.
And you can also gnerate your own DHE Groups.
I don't want to repeat all the settings from the current documentation.
The wiki entry has been updated. You find all the details here:
http://www.lotus.com/ldd/dominowiki.nsf/dx/TLS_Cipher_Configuration
Most of the settings are not really required. But those options can help when you have special requirements.
-- Daniel
- Comments [12]
1Matteo Bisi 27.09.2015 21:37:22 Domino 9.0.1 FP4 IF2 Security Update
thanks Daniel, awesome post !
2Andreas Imnitzer 28.09.2015 21:08:11 Domino 9.0.1 FP4 IF2 Security Update
Danke, Daniel!
3Wolfgang Fey 29.09.2015 6:42:37 Domino 9.0.1 FP4 IF2 Security Update
Sehr gute Erklärung. Danke !
4Jason 29.09.2015 17:57:42 Domino 9.0.1 FP4 IF2 Security Update
Any idea why this happen when testing on SSLLab?
Additional Certificates (if supplied)
Certificates provided 1 (2280 bytes)
Chain issues Incomplete
server.csr: openSSL-win64 generated
step by step from this:
{ Link }
Thanks
5Daniel Nashed 30.09.2015 6:04:49 Domino 9.0.1 FP4 IF2 Security Update
maybe you have not imported the intermediate certificates.
hard to tell without knowing details.
6Nahuel Andreano 30.09.2015 14:42:12 Domino 9.0.1 FP4 IF2 Security Update
Excellent post! Very useful.
I have a question: why HSTS parameters does no effect on my installation? It's Traveler's site.
7Martin Ziegler 02.10.2015 7:44:11 Domino 9.0.1 FP4 IF2 Security Update
Thanks for the post!
Same for me, I have tried to configure HSTS as described on a traveler server without success.
SSLLabs says: Strict Transport Security (HSTS) Disabled max-age=0
8Martyn 27.10.2015 11:22:15 Domino 9.0.1 FP4 IF2 Security Update
HSTS is only enabled when you use an Internet Site document. HSTS will not work with just a server document.
Add a website document ( in PAB -> Configuration -> Web -> Internet Sites ) using the IP/URL of your website.
9Daniel Nashed 02.11.2015 13:07:30 Domino 9.0.1 FP4 IF2 Security Update
@Martyn, yes this is a known issue --> SPR# BBSZA2UJPA
10Patrick Tippner 12.11.2015 14:55:01 Domino 9.0.1 FP4 IF2 Security Update
I Thank you for the valuable information you provided! I'm just wondering, why i can't seem to get neither OCSP-stapling nor HSTS working despite doing the changes in notes.ini and restarting the server. Might this happen because we're using multiple Internet Site documents with different Keyring-Files on our Domino Webserver? I found some comments on Darren Duke's site that seem to indicate this:
"2 - Shaun 10/01/2015 12:33:50 PM
Darren, do you know if there is any way to configure this for multiple internet sites that are using different keyrings with different SSL issuers?
Gravatar Image
3 - Darren Duke 10/02/2015 4:26:24 AM
@2, as far as I know there is not a way to do this in Domino. You could open a PMR and request it as a feature. In fact I had the same issue and fixed it by adding an NGINX proxy in front which can do this.
"
11Martin Fong 16.10.2017 15:38:18 Domino 9.0.1 FP4 IF2 Security Update
Anyone have tried recently with 9.0.1 FP9 IF2?
I have enabled OCSP for the first time using:
SSL_ENABLE_OCSP_STAPLING=1
OCSP_RESPONDER={ Link }
OCSP_CLOCKSKEW=10
The openssl test (with proper chain,etc) came back with certificate = ok.
When Domino restart or whenever it is doing its checking, I get the following:
OCSP response status: Request unauthorized
I googled around + IBM site and this blog seems to have the most information that I can find.
Please advise,
Martin.
12Dietmar Dumke 04.05.2018 9:01:20 Domino 9.0.1 FP4 IF2 Security Update
Getting some messages in the server log:
04.05.2018 08:58:56 OCSP: WARNING: No nonce received. A replay attack may be in progress
04.05.2018 08:58:56 OCSP: Certificate CN=*.accept-it.de is valid according to CN=RapidSSL RSA CA 2018/OU=www.digicert.com/O=DigiCert Inc/C=US
04.05.2018 08:58:56 Unable to contact OCSP responder at { Link } Buffer used to receive cryptographic output was too small
I guess the nonce warning ist normal, given that this OCSP server does not issue nonces at all (according to a separate test with openssl). Would like to have a notes.ini setting, telling Domino to stop requesting nonce from the OCSP server, to avoid that message.
More headache though regarding the buffer too small warning. Anyone how to suppress/fix that warning (perhaps with another notes.ini setting)?