Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...

alt

Daniel Nashed

Some Additonal TLS 1.0 Information

Daniel Nashed – 6 November 2014 15:28:26
TLS 1.0 and the removal of SSL 3.0 from browsers that triggered the whole discussion is not just something that needs to be addresses on a Domino server.
IBM has done a lot of work in quite a short time and now that customers are implementing the fix it shows that also other software is effected.

Introducing TLS 1.0 for Domino was the first step from IBM to ensure that clients that only support TLS 1.0 and higher can still connect to the Domino server.
For now IBM still has SSL 3.0 enabled to allow communication with software that does not yet support TLS 1.0 and they are preventing clients from the downgrade attacks as mentioned in the IBM technotes.

Notes Client Software

But Domino is not the only server for most customer environments. Many companies completely disable SSL 3.0 and cause issues with other client software.
And also Notes Clients are affected for example when connecting to other HTTP servers or using secure IMAP, POP3, LDAP or SMTP.

For example here in Germany GMX one of the larger, well known email-providers disabled SSL 3.0.
In that case you need a fix for the Notes Client side. IBM did not yet ship the full set of clients because they are waiting for some I think unrelated Java patches.

But because there is also an enhancement for SHA256 for the cert request database, IBM shipped already the Win32 Standard Client.
The download is a bit more difficult to find on Fix Central but you should find it using the following link.

http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ELotus&product=ibm/Lotus/Lotus+Notes&release=9.0.1.2&platform=Windows&function=fixId&fixids=Notes_901FP2IF2_W32_Standard&includeSupersedes=0&source=fc

If you need a client connection for one of the internet protocols and the server does only support TLS 1.0, you will need to install this IF.

Other Client Software -- Other Issues


Notes/Domino is not the only application having an issue with servers that don't support SSL 3.0 any more or servers that changes the way they negotiate SSL versions.
Domino for example has SSL 2.0 including the SSL 2.0 handshake disabled with 9.0.1 FP2 IF1. Other servers might have done the same or similar.

This leads to interesting interoperability challenges. For example older OpenSSL versions do not nicely negotiate their SSL level with Domino servers without explicitly specifying TLS 1.0 as Andrew Pollack found out.
In case of wget in combination with an older OpenSSL version according to IBM the negotiation failed because that OpenSSL version used an V2 handshake, which failed and stopped the negotiation.

And there might be other application issues where a server does not work nicely with your Java 1.6 application (which supports TLS 1.0 but maybe not the ciphers the server is expecting).
Java 1.7 does also support TLS 1.1 and 1.2 but not in all cases you can switch to the later Java version.

I have tested Java 1.6 in Notes with an unpatched Notes client against a server that does have SSL 3.0 completely disabled and the Java agent worked unmodified.
But there are other parts in Notes that use the native SSL stack. And from what I heard from IBM some parts in Java also seem to use the native Notes/Domino stack instead of the Java stack.


So when the browser vendors decided to stop supporting SSL 3.0 any more they did not just challenge the server vendors but because of the impact to client software all applications using SSL connections might be affected.
When introducing new versions of software that support TLS and might not support SSL 3.0 at all or have a changed way to negotiate the session, you really have to test all your applications and see which SSL level they support and which types of ciphers.


The SSL Test website (https://www.ssllabs.com/ssltest/) tries to test what happens when you access your server with various client software and you should have a look if your server does support a cipher for all of you client access types.

As I said, this is not just a challenge for Domino but also for other applications -- even if they are totally unrelated -- because many vendors are working on their SSL stack (or administrators disabling SSL 3.0 and below).

Sometimes you have to specify the right SSL level (currently TLS 1.0 for Domino) to establish a connection and that could be even good from security point of view.

On the others side you might have to think about updating the software on the client machine itself. For example older versions of OpenSSL should be updated to solve SSL handshake issues.

There are many parts you should test. And this post should just give you some more background and a heads up what could break now or in the near future when more and more servers are patched/reconfigured. In many cases the solution is to update your software.


-- Daniel



Comments

1Ray Bilyk  06.11.2014 20:27:24  Some Additonal TLS 1.0 Information

You mentioned 'older versions of OpenSSL' are having issues negotiating with Domino. Do you know at what version of OpenSSL it starts working correctly?

2Daniel Nashed  07.11.2014 9:48:06  Some Additonal TLS 1.0 Information

I have personally just tested two versions of OpenSSL.

One is quite old version that is included in the last GNU wget that does not work without explicitly specifying TLS 1.0.

The one that worked for me is a version on my up to date CentOS release 6.6 machine.

openssl version

OpenSSL 1.0.1e-fips 11 Feb 2013

yum info openssl

Installed Packages

Name : openssl

Arch : x86_64

Version : 1.0.1e

Release : 30.el6_6.4

Size : 4.0 M

Repo : installed

From repo : updates

the GNU version I tested is the latest available version on the GNU website from 2008.

I have no detailed information at which stage they changed the way the session handshake works.

If someone has more detailed information about versions that work by default, please poste a reply

-- Daniel

3Thelay  27.01.2015 2:46:30  Some Additonal TLS 1.0 Information

Hi Daniel,

I am using lotus domino server 8.0.6 and have issues with sslv3. Do you have any idea how to switch off?

Thanks in advance

4Daniel Nashed  09.02.2015 10:26:09  Some Additonal TLS 1.0 Information

@Thelay, you really need to move to a later version of Domino.

The new fixes that will introduce TLS 1.2 will need SHA-2 support and that is only available in the 9.x code-stream.

IBM fixed POODLE in all currently supported versions but they cannot add SHA-2 because it is not at all in that code base.

So you have to move to a newer release anyway soon! Disabling SSLv3 is in the current "POODLE" fixes and in 9.0.1 FP3.

-- Daniel

Links

    Archives


    • [HCL Domino]
    • [Domino on Linux]
    • [Nash!Com]
    • [Daniel Nashed]