Securing Apache/mod_ssl with SSL/TLS on RHEL8

Updated -

Securing Apache (httpd-2.4.37), mod_ssl (mod_ssl-2.4.37) that uses openssl

This article is part of the Securing Applications Collection

Cryptography in RHEL8

RHEL8 has a new mechnism to centralise the cryptographic defaults for a machine.
This is handled by the crypto-policies package. Details of the rationale and update policy can be found in other documents

Unless you have a very specific requirement for either restricting or relaxing the protocols or ciphers used by Apache the system-wide crypto policy is strongly recommended.

Configuration File

   /etc/httpd/conf.d/ssl.conf

shortform using system-wide crypto policy

The only item that requires specific customisation is the location of a suitable certificate.

    SSLCertificateKeyFile /etc/pki/tls/private/httpd.key
    SSLCertificateFile /etc/pki/tls/certs/httpd.dh.crt
    SSLCertificateChainFile /etc/pki/tls/certs/httpd-chain.crt

shortform for custom configuration

The equivalent of crypto-policy DEFAULT

SSLCertificateKeyFile /etc/pki/tls/private/httpd.key
SSLCertificateFile /etc/pki/tls/certs/httpd.dh.crt
SSLCertificateChainFile /etc/pki/tls/certs/httpd-chain.crt

SSLProtocol all -TLS1 -TLSv1.1
SSLCipherSuite @SECLEVEL=2:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kECDHEPSK:-aDSS:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8

Protocols

    SSLProtocol all -TLSv1 -TLSv1.1

Provides general compatibility.

Higher security, reduced compatibility protocols

SSLProtocol All -TLSv1 -TLSv1.1 -TLSv1.2

Enable TLSv1.0 for obsolete Browser Compatibility

SSLProtocol all

Ciphers

    SSLCipherSuite @SECLEVEL=2:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kECDHEPSK:-aDSS:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8

Reasonable selection of strong ciphers

Higher security, reduced compatibility protocols

SSLCipherSuite @SECLEVEL=3:kEECDH:kEDH:kPSK:kDHEPSK:kECDHEPSK:-kRSA:-aDSS:-AES128:-SHA256:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:-SHA1:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8

Enable legacy ciphers for obsolete Browser Compatibility

SSLCipherSuite @SECLEVEL=1:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kECDHEPSK:!DES:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8

Allow very old browsers

Certificate Handling

Apache expects separate PEM format files for key and certificate, and another for the CA chain.

Key File

SSLCertificateKeyFile /etc/pki/tls/private/httpd.key

The key file should be readable only by the root user.

Certificate File

SSLCertificateFile /etc/pki/tls/certs/httpd.dh.crt

Since the SSLCertificateFile can contain Diffie-Helman parameters to enable PFS it is necessary to maintain an additional pair of files.
The actual certificate should be placed in

/etc/pki/tls/certs/httpd.crt

Then the following should be run to create the combined file
This sequence should then be run periodically (weekly) to update the DH parameters, followed by a service reload.

openssl dhparam -out /etc/pki/tls/private/httpd.dh.param.tmp 4096
mv /etc/pki/tls/private/httpd.dh.param.tmp  /etc/pki/tls/private/httpd.dh.param
cat /etc/pki/tls/certs/httpd.crt /etc/pki/tls/private/httpd.dh.param >/etc/pki/tls/certs/httpd.dh.crt
systemctl reload httpd

Certificate Authority Chain

SSLCertificateChainFile /etc/pki/tls/certs/httpd-chain.crt

Intermediate and Root certificates for the SSLCertificateFile

2 Comments

  1. Explain what properties the end result will have: e.g. is the certificate locked to the machine hardware, the particular OS installation, can it be placed in a suitable directory that allows the particular copy to run on another system (e.g. for a backup system used during maintenance; maybe this part should be characterized differently).
  2. define the files you need to get from the certifying authority (such as GoDaddy, IdenTrust, etc.). Show proper file name and sample content;
  3. show the files your system has to contain and show the command sequence to integrated certified file(s) with that system. Show resulting files (edited, appended, etc.);
  4. show the/a complete sample sequence(s) of steps with associated tests to integrate files with the system;
  5. show how to start / diagnose failure to start apache;
  6. point to sources to follow up on failures.

Per https://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslcertificatechainfile, SSLCertificateChainFile became obsolete/deprecated with version 2.4.8, when SSLCertificateFile was extended to also load intermediate CA certificates from the server certificate file.

Updating like below helped.

cat httpd.crt interim_chain.cer ../private/httpd.dh.param > httpd.dh.crt

where httpd.crt is the leaf cert for the machine and interim_chain.cer is the chained CA starting with the issuer of the machine cert and down the chain.

And that's the file that SSLCertificate points to httpd.dh.crt

Also, updating article which mentions dnf install mod_ssl provides sample/default conf.d/ssl.conf will be helpful too.