Securing Apache/mod_ssl with SSL/TLS on RHEL8

Updated -

Securing Apache (httpd-2.4.37), mod_ssl (mod_ssl-2.4.37) that uses openssl

This article is part of the Securing Applications Collection

Cryptography in RHEL8

RHEL8 has a new mechnism to centralise the cryptographic defaults for a machine.
This is handled by the crypto-policies package. Details of the rationale and update policy can be found in other documents

Unless you have a very specific requirement for either restricting or relaxing the protocols or ciphers used by Apache the system-wide crypto policy is strongly recommended.

Configuration File

   /etc/httpd/conf.d/ssl.conf

shortform using system-wide crypto policy

The only item that requires specific customisation is the location of a suitable certificate.

    SSLCertificateKeyFile /etc/pki/tls/private/httpd.key
    SSLCertificateFile /etc/pki/tls/certs/httpd.dh.crt
    SSLCertificateChainFile /etc/pki/tls/certs/httpd-chain.crt

shortform for custom configuration

The equivalent of crypto-policy DEFAULT

SSLCertificateKeyFile /etc/pki/tls/private/httpd.key
SSLCertificateFile /etc/pki/tls/certs/httpd.dh.crt
SSLCertificateChainFile /etc/pki/tls/certs/httpd-chain.crt

SSLProtocol all -TLS1 -TLSv1.1
SSLCipherSuite @SECLEVEL=2:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kECDHEPSK:-aDSS:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8

Protocols

    SSLProtocol all -TLSv1 -TLSv1.1

Provides general compatibility.

Higher security, reduced compatibility protocols

SSLProtocol All -TLSv1 -TLSv1.1 -TLSv1.2

Enable TLSv1.0 for obsolete Browser Compatibility

SSLProtocol all

Ciphers

    SSLCipherSuite @SECLEVEL=2:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kECDHEPSK:-aDSS:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8

Reasonable selection of strong ciphers

Higher security, reduced compatibility protocols

SSLCipherSuite @SECLEVEL=3:kEECDH:kEDH:kPSK:kDHEPSK:kECDHEPSK:-kRSA:-aDSS:-AES128:-SHA256:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:-SHA1:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8

Enable legacy ciphers for obsolete Browser Compatibility

SSLCipherSuite @SECLEVEL=1:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kECDHEPSK:!DES:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8

Allow very old browsers

Certificate Handling

Apache expects separate PEM format files for key and certificate, and another for the CA chain.

Key File

SSLCertificateKeyFile /etc/pki/tls/private/httpd.key

key should be readable only by User as defined in the main configuration file

Certificate File

SSLCertificateFile /etc/pki/tls/certs/httpd.dh.crt

Since the SSLCertificateFile can contain Diffie-Helman parameters to enable PFS it is necessary to maintain an additional pair of files.
The actual certificate should be placed in

/etc/pki/tls/certs/httpd.crt

Then the following should be run to create the combined file
This sequence should then be run periodically (weekly) to update the DH parameters, followed by a service reload.

openssl dhparam -out /etc/pki/tls/private/httpd.dh.param.tmp 4096
mv /etc/pki/tls/private/httpd.dh.param.tmp  /etc/pki/tls/private/httpd.dh.param
cat /etc/pki/tls/certs/httpd.crt /etc/pki/tls/private/httpd.dh.param >/etc/pki/tls/certs/httpd.dh.crt
systemctl reload httpd

Certificate Authority Chain

SSLCertificateChainFile /etc/pki/tls/certs/httpd-chain.crt

Intermediate and Root certificates for the SSLCertificateFile