I am a firm believer in using SSL as much as possible, for me that is pretty much everywhere and, thanks to the wonderful guys at GlobalSign, most of my SSL certificates are free becauses my projects are all open source.
I used a blog post by Hynek Schlawack as a base for my SSL setup, he is keeping this article up-to-date as much as possible so it should be a great source for any security conscious people that would like to know more and get good explanations about each part.
Let’s take a brief look at how this website achieves it’s A* rating.
Key
I use a 4096 bit RSA key that is no a Debian weak key.
Protcols
I do not support SSLv2 or SSLv3 but I do support much stronger protocols;
- TLS 1.2,
- TLS 1.1 and,
- TLS 1.0.
dhparam
It’s a good idea to generate a set of DH parameters with a prime that is larger than the RSA key being used. For me that’s 4096 so to generate this I use:
openssl dhparam 4096
Once generated it gets appended to our PEM chain.
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE----- # intermediate cert
-----END CERTIFICATE-----
-----BEGIN DH PARAMETERS-----
-----END DH PARAMETERS-----
Cipher suites & key exchanges
I only support Elliptic curve Diffie–Hellman and Diffie–Hellman for key exchange.
The website prefers ECDH+AESGCM or DH+AESGCM which specifically uses AES-128, if AESGCM isn’t supported by the browser (at time of writing, it’s only support by Chrome 32) it will fall back to ECDH+AES256 or DH+AES256 or fall further back to ECDH+AES128 or DH+AES.
ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:HIGH:!aNULL:!eNULL:!EXPORT:!MD5:!DSS:!DES:!3DES:!RC4:!PSK
For most browser versions this should provide extremely secure connectivity and Forward Secrecy. Please consult the Notes section for more information.
Forcing SSL usage
This one is really quite simple, if you attempt to browse this site using the unsecure interface (HTTP) you will simply be redirected to a secure interface.
SSL compression
Thankfully, at time of writing, I am using OpenSSL 1.0.1e and nginx 1.5.8 meaning SSL compression is disabled, you will have to do some Googling to find out what specific versions you will need to disable SSL compression.
HSTS
Finally, I support HSTS telling my browser it should only access this website via a secure method, this is done by simply providing an STS header as shown below.
Strict-Transport-Security: max-age=15768000
Notes
This configuration does not allow for Windows XP operating system or IE6. It supports IE7 and above on Windows Vista or higher.
Consult Hynek’s article for support for Windows XP and IE6.
Testing
You can use SSL Labs by Qualys to determine your own website’s security and you can look at the Qualys report for this website as a comparison.
