SSL ciphers questions
Hi,
I have a F5 pair running 11.5.2 where we are trying to mitigate Poodle vulnerability for a certain public facing VIP.
I have performed the following cipher config :
!SSLv3:!ADH:AES-GCM:RC4-SHA
What we want to achieve is RC4 and SSLv3 disabled, and ECDHE (PFS) prioritised over DHE (PFS, but weak at only 1024 bits) over RSA (non-PFS). There’s no issue with non-PFS, we just want to ensure, that the PFS ones are prioritised.
What’s currently live:
TLS 1.2 (suites in server-preferred order)
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) ECDH secp256r1 (eq. 3072 bits RSA) FS256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) DH 1024 bits FS WEAK256 TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d) WEAK256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) ECDH secp256r1 (eq. 3072 bits RSA) FS128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) DH 1024 bits FS WEAK128 TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c) WEAK128 TLS_RSA_WITH_RC4_128_SHA (0x5) INSECURE128
TLS 1.1 (we could not determine if the server has a preference)
TLS_RSA_WITH_RC4_128_SHA (0x5) INSECURE128
TLS 1.0 (we could not determine if the server has a preference)
TLS_RSA_WITH_RC4_128_SHA (0x5) INSECURE128
Essentially, we have two issues here:
- The ordering of ECDHE > DHE > RSA is not correct.
- RC4 is enabled, CBC mode disabled. Should be the other way around.
Thanks. Liviu