SSL v3 Vulnerability - Remedies and What You Can Do

 

If you are running systems that maintain SSL 3.0 compatibility, you are advised to define a Signaling Cipher Suite Value (SCSV) to prevent unintended protocol downgrades between clients and servers when both parties support a higher version of the protocol.

Disabling fallback to lower protocols is different from operating system to operating system. Here are some guidelines for the most frequently used webservers:

Internet Information Services (IIS)

Microsoft Windows NT Server stores protocol information in the HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols registry key. This key contains subkeys for PCT 1.0, SSL 2.0, SSL 3.0 and TLS 1.0. You can disable any of these protocols by creating a new DWORD value with the “00 00 00 00” value in the server subkey corresponding to the protocol to be disabled. More information about configuring crypto on IIS is available here.

Apache HTTPD Server

Include the following line in the server configuration file: SSLProtocol All -SSLv2 -SSLv3. Restart the service with sudo service apache2 restart (If running Linux).

Nginx server

Include the following line in the Nginx configuration file: ssl_protocols TLSv1 TLSv1.1 TLSv1.2; Restart the service with sudo service nginx restart (if running Linux).

Postfix SMTP

Add or change the smtpd_tls_mandatory_protocols directive like this:

smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3

Restart Postfix with sudo postfix restart for the changes to take effect.

HAProxy Server

Edit the /etc/haproxy.cfg file and find your bind line. Append no-sslv3 directive like in the example below:

bind :443 ssl crt <crt> ciphers <ciphers> no-sslv3

More info on configuring webservers under Linux is available here.

JBoss Web

Configure the https connectors to have the sslProtocol attribute set to "TLS" in the configuration file:

      <Connector protocol="HTTP/1.1" SSLEnabled="true"

           port="8443" address="${jboss.bind.address}"

           scheme="https" secure="true" clientAuth="false"

           keystoreFile="${jboss.server.home.dir}/conf/keystore.jks"

           keystorePass="rmi+ssl" sslProtocol = "TLS" />

Tomcat

The SSL protocol to be used can be configured via $TOMCAT_HOME/conf/server.xml:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"

               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"

               clientAuth="false" sslProtocol="TLS"/>

Tomcat APR

Similar to Tomcat, the protocol to be used is defined in the $TOMCAT_HOME/conf/server.xml file:

<Connector port="443" maxHttpHeaderSize="8192"

               maxThreads="150"

               enableLookups="false" disableUploadTimeout="true"

               acceptCount="100" scheme="https" secure="true"

               SSLEnabled="true"

               SSLProtocol="TLSv1"

               SSLCertificateFile="${catalina.base}/conf/localhost.crt"

               SSLCertificateKeyFile="${catalina.base}/conf/localhost.key" />

 

For more information on mitigating unwanted protocol downgrades, please refer to the TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade Attacks draft.

Read More on Applied Crypto Hardening!