List of SSL Ciphers and Protocols Supported By Eucalyptus API Endpoints and Eucalyptus Load Balancers (ELB)
Eucalyptus Versions: All
Due to the recent Eucalyptus Security Advisory regarding the POODLE Attack - ESA-28, there have been questions raised by the community regarding which SSL ciphers and protocols are utilized by the Eucalyptus API Endpoints (this also includes the User Facing Services APIs) and the Eucalyptus Load Balancer (ELB). This KB article will provide information regarding those SSL ciphers and protocols.
SSL Termination Endpoints
Currently, there are two endpoints that terminate SSL connections. They are as follows:
- Port 8443 - endpoint used to obtain credential information from CLC
- Port 8773 - primary API endpoint provided by the CLC and UFS
Supported SSL Protocols
(Eucalyptus Versions: 4.0.2 and Earlier)
The list of supported SSL protocols is as follows:
Note: This is a non-configurable list.
(Eucalyptus Versions: 4.1+)
In version 4.1, SSLv3 is disabled by default due to the POODLE Attack. The following cloud properties support the a default list of protocols, which can modified (via euca-modify-property) and require no restart of any cloud services:
|Property||Port||Default Protocol Value|
|www.https_protocols||8443||SSLv2Hello, TLSv1, TLSv1.1 TLSv1.2|
|bootstrap.webservices.ssl.server_ssl_protocols||8773||SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2|
Support Cipher Suites
Eucalyptus uses the default SunJSSE cipher suites. For a full list of the supported ciphers, please reference the Java Cryptography Architecture Oracle Providers Documentation for Java Platform Standard Edition 7.
Eucalyptus Cipher Properties
(Eucalyptus Versions: 4.0.1, 4.0.2, and 4.1)
The following cloud properties have the default cipher suites:
|Property||Port||Default Cipher Value|
These cloud properties can be modified using euca-modify-property. When modifying these properties, please keep in mind that the cipher properties follow a format that is similar to OpenSSL. Below are rules that are used to construct the list of enabled cipher suites when the SSL context is created by the server:
Example format of the string:
- Each identifier is separated by the colon character - ":"
- An identifier that does not start with TLS_ or SSL_, will match any cipher suite that has the identifier in it.
- An identifier beginning with ! tells the system to disable that cipher suite
- An identifier beginning with + tells the system to move that cipher suite to the end of the list of supported cipher suites.
- An identifier composed of two strings with the '+' character, for example RSA+DSE, tells the system to enable the cipher suite that has both values in the cipher suite.
- An identifier beginning with TLS_ or SSL_ needs to be a fully qualified cipher suite, for example: TLS_EMPTY_RENEGOTIATION_INFO_SCSV
Eucalyptus Load Balancer
The Eucalyptus Load Balancer (ELB) utilizes HAProxy to provide load balancing and SSL termination. According to the HAProxy documentation, the list of protocols and cipher suites supported are based on what OpenSSL supports (based upon what HAProxy has been built with). In Eucalyptus 4.0.0, and previous versions, there were no restrictions placed in the HAProxy configuration to disable certain protocols or cipher suites (however this can be done manually by creating a custom Eucalyptus Load Balancer image and using the 'ciphers' option in the HAProxy configuration file).
In Eucalyptus 4.0.2, we specifically added the 'no-sslv3' flag when HTTPS/SSL ELB is launched. At this time, it is not possible to adjust/modify the SSL configuration without creating a custom Eucalyptus Load Balancer image. EUCA-9746 is being evaluated for a future release.
Supported SSL Protocols and Ciphers Discovery for Eucalyptus Load Balancer
There are various methods and tools to use to observe what SSL protocols and ciphers are supported with a deployed Eucalyptus Load Balancer instance. For example, if the example mentioned in the resource "Testing for Weak SSL/TLS Ciphers, Insufficient Transport Layer Protection" where the Java JAR TestSSLServer is used to test against a Eucalyptus 4.0.2 HTTPS/SSL ELB, the following output would be returned:
$ java -jar Downloads/TestSSLServer.jar hasp-euca-elb-325271821652.eulb.future.euca-hasp.cs.prc.eucalyptus-systems.com 443 Supported versions: TLSv1.0 TLSv1.1 TLSv1.2 Deflate compression: no Supported cipher suites (ORDER IS NOT SIGNIFICANT): TLSv1.0 RSA_WITH_RC4_128_MD5 RSA_WITH_RC4_128_SHA RSA_WITH_IDEA_CBC_SHA RSA_WITH_DES_CBC_SHA RSA_WITH_3DES_EDE_CBC_SHA DHE_RSA_WITH_DES_CBC_SHA DHE_RSA_WITH_3DES_EDE_CBC_SHA RSA_WITH_AES_128_CBC_SHA DHE_RSA_WITH_AES_128_CBC_SHA RSA_WITH_AES_256_CBC_SHA DHE_RSA_WITH_AES_256_CBC_SHA RSA_WITH_CAMELLIA_128_CBC_SHA DHE_RSA_WITH_CAMELLIA_128_CBC_SHA RSA_WITH_CAMELLIA_256_CBC_SHA DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS_RSA_WITH_SEED_CBC_SHA TLS_DHE_RSA_WITH_SEED_CBC_SHA TLS_ECDHE_RSA_WITH_RC4_128_SHA TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (TLSv1.1: idem) TLSv1.2 RSA_WITH_RC4_128_MD5 RSA_WITH_RC4_128_SHA RSA_WITH_IDEA_CBC_SHA RSA_WITH_DES_CBC_SHA RSA_WITH_3DES_EDE_CBC_SHA DHE_RSA_WITH_DES_CBC_SHA DHE_RSA_WITH_3DES_EDE_CBC_SHA RSA_WITH_AES_128_CBC_SHA DHE_RSA_WITH_AES_128_CBC_SHA RSA_WITH_AES_256_CBC_SHA DHE_RSA_WITH_AES_256_CBC_SHA RSA_WITH_AES_128_CBC_SHA256 RSA_WITH_AES_256_CBC_SHA256 RSA_WITH_CAMELLIA_128_CBC_SHA DHE_RSA_WITH_CAMELLIA_128_CBC_SHA DHE_RSA_WITH_AES_128_CBC_SHA256 DHE_RSA_WITH_AES_256_CBC_SHA256 RSA_WITH_CAMELLIA_256_CBC_SHA DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS_RSA_WITH_SEED_CBC_SHA TLS_DHE_RSA_WITH_SEED_CBC_SHA TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_RC4_128_SHA TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ---------------------- Server certificate(s): 0295b423ed3cd6e13cf9599b11f6d716c3149384: EMAILADDRESSfirstname.lastname@example.org, CN=hasp-euca-elb.dev.eucalyptus-systems.com, OU=ELB Certificate, O=Honest CA, ST=California, C=US ---------------------- Minimal encryption strength: medium encryption (56-bit) Achievable encryption strength: strong encryption (96-bit or more) BEAST status: vulnerable CRIME status: protected
As you can see, the various supported SSL ciphers are displayed, as well as the supported SSL protocols. Notice how SSLv3 and SSLv2 are not displayed.
Please refer to EUCA-9746 for more information regarding the ability to configure this option in the future.