Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...

 
alt

Daniel Nashed

 

Daniel Nashed's Blog

Domino 9.0.1 FP4 IF2 Security Update

Daniel Nashed  26 September 2015 08:38:11

After updating to the new IF which introduces ECDHE with some additional settings you can get to a "A+" SSL Labs rating.


Image:Domino 9.0.1 FP4 IF2 Security Update


When you install IF2 by default you get a good set of ciphers.
In the previous sets oif fixes DHE was disabled by defaiult. Now you have DHE and also ECDHE enabled by default.
There is not much in addition to that you have to do.

Cipher Suites (SSL 3+ suites in server-preferred order; deprecated and SSL 2 suites at the end)


TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)   ECDH 256 bits (eq. 3072 bits RSA)
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f)   DH 2048 bits (p: 256, g: 1, Ys: 256)
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)   ECDH 256 bits (eq. 3072 bits RSA)
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e)   DH 2048 bits (p: 256, g: 1, Ys: 256)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)   ECDH 256 bits (eq. 3072 bits RSA)
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b)   DH 2048 bits (p: 256, g: 1, Ys: 256)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)   ECDH 256 bits (eq. 3072 bits RSA)
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39)   DH 2048 bits (p: 256, g: 1, Ys: 256)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)   ECDH 256 bits (eq. 3072 bits RSA)
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67)   DH 2048 bits (p: 256, g: 1, Ys: 256)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)   ECDH 256 bits (eq. 3072 bits RSA)

TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d)         256
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c)         128

TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d)         256
TLS_RSA_WITH_AES_256_CBC_SHA (0x35)         256
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)         128
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)         128

TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa)         112

The SSL Labs rating says that PFS is supported with current browsers: "Forward Secrecy - With modern browsers"

-- Disable SSL V3 --

First of all you have to disable SSL V3. By default it is still enabled.
And I think it is time to completely disable it.

DISABLE_SSLV3=1

The current fixes also support HSTS but by default the max age is a bit too low.
So I set the following notes.ini settings:

HTTP_HSTS_MAX_AGE=17280000
HTTP_HSTS_INCLUDE_SUBDOMAINS=1

Which resulted in the following rating:

"Strict Transport Security (HSTS)   Yes   max-age=17280000; includeSubDomains"

-- OCSP --

Also OCSP is supported in the current version.

I have set the following notes.ini settings to enable it and to specify the responder URL for my certificate provider.
And I also enabled debugging for testing and ensured that time differences of different clocks do not cause any issues.

SSL_ENABLE_OCSP_STAPLING=1
OCSP_RESPONDER=http://evssl-ocsp.globalsign.com/responder
OCSP_CLOCKSKEW=10
OCSP_LOGLEVEL=31

The result is:

OCSP stapling  -> Yes


-- Cipher Configation --

The cipher configuration has changed a bit. For the new ciphers you need four digits.
Using the SSLCipherSpec you can continue to configure the existing ciphers using the two digit code.
But I would recommend that you start using 4 digits for all cipher types to keep the settings more consistent.

Also there is a way to disable certain ECDHE Curves via notes.ini settings.
And you can also gnerate your own DHE Groups.

I don't want to repeat all the settings from the current documentation.
The wiki entry has been updated. You find all the details here:

http://www.lotus.com/ldd/dominowiki.nsf/dx/TLS_Cipher_Configuration

Most of the settings are not really required. But those options can help when you have special requirements.

-- Daniel

Comments

1Matteo Bisi  27.09.2015 21:37:22  Domino 9.0.1 FP4 IF2 Security Update

thanks Daniel, awesome post !

2Andreas Imnitzer   28.09.2015 21:08:11  Domino 9.0.1 FP4 IF2 Security Update

Danke, Daniel!

3Wolfgang Fey  29.09.2015 6:42:37  Domino 9.0.1 FP4 IF2 Security Update

Sehr gute Erklärung. Danke !

4Jason  29.09.2015 17:57:42  Domino 9.0.1 FP4 IF2 Security Update

Any idea why this happen when testing on SSLLab?

Additional Certificates (if supplied)

Certificates provided 1 (2280 bytes)

Chain issues Incomplete

server.csr: openSSL-win64 generated

step by step from this:

{ Link }

Thanks

5Daniel Nashed  30.09.2015 6:04:49  Domino 9.0.1 FP4 IF2 Security Update

maybe you have not imported the intermediate certificates.

hard to tell without knowing details.

6Nahuel Andreano  30.09.2015 14:42:12  Domino 9.0.1 FP4 IF2 Security Update

Excellent post! Very useful.

I have a question: why HSTS parameters does no effect on my installation? It's Traveler's site.

7Martin Ziegler  02.10.2015 7:44:11  Domino 9.0.1 FP4 IF2 Security Update

Thanks for the post!

Same for me, I have tried to configure HSTS as described on a traveler server without success.

SSLLabs says: Strict Transport Security (HSTS) Disabled max-age=0

8Martyn  27.10.2015 11:22:15  Domino 9.0.1 FP4 IF2 Security Update

HSTS is only enabled when you use an Internet Site document. HSTS will not work with just a server document.

Add a website document ( in PAB -> Configuration -> Web -> Internet Sites ) using the IP/URL of your website.

9Daniel Nashed  02.11.2015 13:07:30  Domino 9.0.1 FP4 IF2 Security Update

@Martyn, yes this is a known issue --> SPR# BBSZA2UJPA

10Patrick Tippner  12.11.2015 14:55:01  Domino 9.0.1 FP4 IF2 Security Update

I Thank you for the valuable information you provided! I'm just wondering, why i can't seem to get neither OCSP-stapling nor HSTS working despite doing the changes in notes.ini and restarting the server. Might this happen because we're using multiple Internet Site documents with different Keyring-Files on our Domino Webserver? I found some comments on Darren Duke's site that seem to indicate this:

"2 - Shaun 10/01/2015 12:33:50 PM

Darren, do you know if there is any way to configure this for multiple internet sites that are using different keyrings with different SSL issuers?

Gravatar Image

3 - Darren Duke 10/02/2015 4:26:24 AM

@2, as far as I know there is not a way to do this in Domino. You could open a PMR and request it as a feature. In fact I had the same issue and fixed it by adding an NGINX proxy in front which can do this.

"

11Martin Fong  16.10.2017 15:38:18  Domino 9.0.1 FP4 IF2 Security Update

Anyone have tried recently with 9.0.1 FP9 IF2?

I have enabled OCSP for the first time using:

SSL_ENABLE_OCSP_STAPLING=1

OCSP_RESPONDER={ Link }

OCSP_CLOCKSKEW=10

The openssl test (with proper chain,etc) came back with certificate = ok.

When Domino restart or whenever it is doing its checking, I get the following:

OCSP response status: Request unauthorized

I googled around + IBM site and this blog seems to have the most information that I can find.

Please advise,

Martin.

12Dietmar Dumke  04.05.2018 9:01:20  Domino 9.0.1 FP4 IF2 Security Update

Getting some messages in the server log:

04.05.2018 08:58:56 OCSP: WARNING: No nonce received. A replay attack may be in progress

04.05.2018 08:58:56 OCSP: Certificate CN=*.accept-it.de is valid according to CN=RapidSSL RSA CA 2018/OU=www.digicert.com/O=DigiCert Inc/C=US

04.05.2018 08:58:56 Unable to contact OCSP responder at { Link } Buffer used to receive cryptographic output was too small

I guess the nonce warning ist normal, given that this OCSP server does not issue nonces at all (according to a separate test with openssl). Would like to have a notes.ini setting, telling Domino to stop requesting nonce from the OCSP server, to avoid that message.

More headache though regarding the buffer too small warning. Anyone how to suppress/fix that warning (perhaps with another notes.ini setting)?

Recent Entries

Feeds

Links

    Archives

    • [HCL Domino]
    • [Domino on Linux]
    • [Nash!Com]
    • [Daniel Nashed]