Disabling SSLv3 and SSLv2 in Tomcat and JBoss Web

Solution Verified - Updated -

Environment

  • Red Hat Enterprise Linux 5, 6, 7
  • Red Hat Certificate System 8
  • Red Hat JBoss Enterprise Application Platform (EAP) 4, 5, 6
  • Red Hat JBoss Enterprise Web Platform (EWP) 5
  • Red Hat Network Satellite 5
  • JBoss Enterprise Web Server (EWS) 1, 2
  • Red Hat JBoss Data Grid (JDG) 6
  • Red Hat JBoss Data Virtualization (JDV) 6
  • Red Hat JBoss BRMS Platform (BRMS-P) 5, 6
  • Red Hat JBoss BPM Suite (BPMS) 6
  • Red Hat JBoss SOA Platform (SOA-P) 4, 5
  • Red Hat JBoss Fuse Service Works (FSW) 6
  • Red Hat JBoss Operations Network (JON) 3
  • Red Hat JBoss Portal Platform (JPP) 5, 6

Issue

  • How can I disable less secure encryption methods and use only TLS?
  • How do I avoid impact to a Tomcat or JBoss Enterprise Middleware system from CVE-2014-3566?
  • Resolution for POODLE SSLv3 vulnerability (CVE-2014-3566) in Tomcat and JBoss Web

Resolution

Red Hat recommends disabling SSL and using only TLSv1.1 or TLSv1.2. Backwards compatibility can be achieved using TLSv1.0. Many products Red Hat supports have the ability to use SSLv2 or SSLv3 protocols, however it is strongly recommended against.

JBoss Web in EAP 4/5 and JBoss 4.x/5.x products

Note: the following mitigation instructions are only applicable if you are using the JSSE connectors for HTTPS configuration. Refer to the Tomcat APR section if you are using native connectors.

For EAP 4/5 and JBoss 4/5.x products based on EAP 4/5, SSLv2 and SSLv3 can be disabled by configuring the https connectors to have the sslProtocols attribute set to "TLSv1,TLSv1.1,TLSv1.2" in the configuration located within $JBOSS_HOME/jboss-as/server/$JBOSS_PROFILE/deploy
/jbossweb.sar/server.xml. For example:

      <Connector protocol="HTTP/1.1" SSLEnabled="true" 
           port="8443" address="${jboss.bind.address}"
           scheme="https" secure="true" clientAuth="false" 
           keystoreFile="${jboss.server.home.dir}/conf/keystore.jks"
           keystorePass="rmi+ssl"
           sslProtocols = "TLSv1,TLSv1.1,TLSv1.2" />

The sslProtocols attribute specifies the versions of the SSL protocol to use. If not specified, the default is "TLS". Note TLSv1.2 is only available when using JDK 7 and higher. For more information see http://docs.jboss.org/jbossweb/2.1.x/config/http.html. Note that this applies to only JBoss Web prior to 7.x. In 7.x and later, a connector supports the protocol attribute as discussed for EAP 6 below. Refer to http://docs.jboss.org/jbossweb/7.0.x/config/ssl.html for more information in regards to this.

JBoss Web in EAP 6 and JBoss 6.x products

Note: the following mitigation instructions are only applicable if you are using the JSSE connectors for HTTPS configuration. Refer to the Tomcat APR section if you are using native connectors.

For EAP 6 and JBoss 6.x products based on EAP 6, SSLv2 and SSLv3 can be disabled by setting the protocol attribute to "TLSv1,TLSv1.1,TLSv1.2" for the HTTPS connector in the web subsystem. This can be done using the following CLI commands.
In standalone mode:

/subsystem=web/connector=HTTPS/ssl=configuration/:write-attribute(name=protocol,value="TLSv1,TLSv1.1,TLSv1.2")
:reload

In domain mode

/profile=default/subsystem=web/connector=HTTPS/ssl=configuration/:write-attribute(name=protocol,value="TLSv1,TLSv1.1,TLSv1.2")
:reload

Alternatively, edit the configuration file manually:

In standalone mode: $JBOSS_HOME/standalone/configuration/$JBOSS_PROFILE.xml
In domain mode: $JBOSS_HOME/domain/configuration/$JBOSS_PROFILE.xml

Locate and edit the following element in the configuration file. The protocol attribute is set to "TLSv1,TLSv1.1,TLSv1.2" in this example.

            <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" enable-lookups="false" secure="true">
                <ssl name="https" key-alias="KEY_ALIAS" password="SECRET" certificate-key-file="${jboss.server.config.dir}/keystore.jks" protocol="TLSv1,TLSv1.1,TLSv1.2"/>
            </connector>

The protocol attribute specifies the version of the SSL protocol to use. Supported values include SSLv2, SSLv3, TLSv1, SSLv2+SSLv3, and ALL. The default is ALL. See the EAP 6 Administration and Configuration Guide for more information.

EAP 6 Management Interfaces

EAP 6 users exposing HTTPS Management Interfaces may not be able to disable SSLv3 via the current configuration options exposed by security-realm/server-identities/ssl configuration parameter. A bug has been filed to add functionality that would make this possible. The following steps allow you to mitigate this issue on EAP 6 systems exposing HTTPS Management Interfaces.

  • Explicitly set the protocol attribute in the ssl configuration to TLSv1:
                <server-identities>
                    <ssl protocol="TLSv1">
                        <keystore path="https.keystore" relative-to="keystore.home" keystore-password="secret" alias="https" key-password="secret" />
                    </ssl>

Tomcat

When using Tomcat with the JSSE connectors, the SSL protocol to be used can be configured via $TOMCAT_HOME/conf/server.xml. The following example shows how the sslProtocol in an https connector is configured.

Tomcat 5 and 6 (prior to 6.0.38)

    <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
               clientAuth="false" sslProtocols = "TLSv1,TLSv1.1,TLSv1.2" />

Tomcat 6 (6.0.38 and later) and 7

    <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
               clientAuth="false" sslEnabledProtocols = "TLSv1,TLSv1.1,TLSv1.2" />

If the sslEnabledProtocols or sslProtocols attributes are specified, only protocols that are listed and supported by the SSL implementation will be enabled. If not specified, the JVM default is used. The permitted values may be obtained from the JVM documentation for the allowed values for algorithm when creating an SSLContext instance e.g. Oracle Java 6 and Oracle Java 7.

Tomcat APR

When using Tomcat with the APR/Native connectors, the SSL protocol to be used can be configured in $TOMCAT_HOME/conf/server.xml. The following example shows how the SSLProtocol in an https connector is configured.

<Connector port="443" maxHttpHeaderSize="8192"
               maxThreads="150"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" scheme="https" secure="true"
               SSLEnabled="true" 
               SSLProtocol="TLSv1"
               SSLCertificateFile="${catalina.base}/conf/localhost.crt"
               SSLCertificateKeyFile="${catalina.base}/conf/localhost.key" />

Configuration parameters are documented here. The default is for the SSLProtocol attribute to be set to ALL, with other acceptable values being SSLv2, SSLv3, TLSv1 and SSLv2+SSLv3. Starting with version 1.1.21 of the Tomcat native library any combination of the three protocols concatenated with a plus sign will be supported. Note that the protocol SSLv2 is inherently unsafe.

Root Cause

SSLv3 is inherently less secure than it's successor Transport Socket Layer (TLS). It is considered a better security practice to disable any variation of SSL and adopt only TLS.

A vulnerability was found in the SSLv3.0 protocol. This vulnerability allows a man-in-the-middle attacker to decrypt ciphertext using a padding oracle side-channel attack. For more information about this vulnerability, refer to the following article: POODLE: SSLv3.0 vulnerability (CVE-2014-3566)

Diagnostic Steps

For diagnostic steps, refer to the following article: POODLE: SSLv3.0 vulnerability (CVE-2014-3566)

This solution has been reviewed for technical accuracy, optimized for search, and integrated with Product Documentation and/or Red Hat Access Labs. Much like when a software package is accepted upstream, this content has moved from the general KCS editing workflow into the responsibility of Customer Content Services as maintainers.

Comments