9.4 . More T han a Secure Shell
Chapter 11. Web Servers
11.1. T he Apache HT T P Server
11.1.9. Enabling t he mod_nss Module
If you intend to set up an HTTPS server using mo d _nss, you can n o t have the mod_ssl package installed with its default settings as mo d _ssl will use port 4 4 3 by default, however this is the default HTTPS port. If at all possible, remove the package.
To remove mod_ssl, enter the following command as ro o t:
~]# yum remo ve mo d _ssl
Note
If mo d _ssl is required for other purposes, modify the /etc/httpd /co nf. d /ssl . co nf file to use a port other than 4 4 3 to prevent mo d _ssl conflicting with mo d _nss when its port to listen on is changed to 4 4 3.
Only one module can own a port, therefore mo d _nss and mo d _ssl can only co-exist at the same time if they use unique ports. For this reason mo d _nss by default uses 84 4 3, but the default port for HTTPS is port 4 4 3. The port is specified by the Li sten directive as well as in the VirtualHost name or address.
Everything in NSS is associated with a “ token” . The software token exists in the NSS database but you can also have a physical token containing certificates. With OpenSSL, discrete certificates and private keys are held in PEM files. With NSS, these are stored in a database. Each certificate and key is associated with a token and each token can have a password protecting it. This password is optional, but if a password is used then the Apache HTTP server needs a copy of it in order to open the database without user intervention at system start.
Pro ced u re 11.4 . Co n f ig u rin g mo d _n ss 1. Install mod_nss as ro o t:
~]# yum i nstal l mo d _nss
This will create the mo d _nss configuration file at /etc/httpd /co nf. d /nss. co nf. The /etc/httpd /co nf. d / directory is included in the main Apache HTTP Server configuration file by default. For the module to be loaded, restart the httpd service as described in
Section 11.1.3.3, “ Restarting the Service”.
2. As ro o t, open the /etc/httpd /co nf. d /nss. co nf file and search for all instances of the Li sten directive.
Edit the Li sten 84 4 3 line as follows:
Listen 443
Port 4 4 3 is the default port for HT T P S.
3. Edit the default Vi rtual Ho st _d efaul t_: 84 4 3 line as follows:
VirtualHost _default_:443
Edit any other non-default virtual host sections if they exist. Save and close the file.
4. Mozilla NSS stores certificates in a server certificate database indicated by the
NSSC erti fi cateD atabase directive in the /etc/httpd /co nf. d /nss. co nf file. By default the path is set to /etc/httpd /al i as, the NSS database created during installation.
To view the default NSS database, issue a command as follows:
~]# certuti l -L -d /etc/httpd /al i as
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
cacert CTu,Cu,Cu
Server-Cert u,u,u alpha
u,pu,u
In the above command output, Server-C ert is the default NSSNi ckname. The -L option lists all the certificates, or displays information about a named certificate, in a certificate database. The -d option specifies the database directory containing the certificate and key database files. See the certuti l (1) man page for more command line options.
5. To configure mod_nss to use another database, edit the NSSC erti fi cateD atabase line in the /etc/httpd /co nf. d /nss. co nf file. The default file has the following lines within the VirtualHost section.
# Server Certificate Database:
# The NSS security database directory that holds the certificates and
# keys. The database consists of 3 files: cert8.db, key3.db and secmod.db.
# Provide the directory that these files exist.
NSSCertificateDatabase /etc/httpd/alias
In the above command output, al i as is the default NSS database directory, /etc/httpd /al i as/.
6. To apply a password to the default NSS certificate database, use the following command as ro o t:
~]# certuti l -W -d /etc/httpd /al i as
Enter Password or Pin for "NSS Certificate DB":
Enter a password which will be used to encrypt your keys.
The password should be at least 8 characters long,
and should contain at least one non-alphabetic character.
Enter new password:
Re-enter password:
Password changed successfully.
7. Before deploying the HTTPS server, create a new certificate database using a certificate signed by a certificate authority (CA).
Examp le 11.3. Ad d in g a Cert if icat e t o t h e Mo z illa NSS d at ab ase
The certuti l command is used to add a CA certificate to the NSS database files:
certuti l d /etc/httpd /nssdbdirectory/ A n "CA_certificate" -t C T ,, -a -i cer-ti fi ca-te. pem
The above command adds a CA certificate stored in a PEM-formatted file named certificate.pem. The -d option specifies the NSS database directory containing the certificate and key database files, the -n option sets a name for the certificate, -t C T ,, means that the certificate is trusted to be used in TLS clients and servers. The -A option adds an existing certificate to a certificate database. If the database does not exist it will be created. The -a option allows the use of ASCII format for input or output, and the -i option passes the certi fi cate. pem input file to the command.
See the certuti l (1) man page for more command line options.
8. The NSS database should be password protected to safeguard the private key.
Examp le 11.4 . Set t in g _a_Passwo rd _f o r_a_Mo z illa_NSS_d at ab ase
The certuti l tool can be used set a password for an NSS database as follows:
certutil -W -d /etc/httpd/nss-db-directory/
For example, for the default database, issue a command as ro o t as follows:
~]# certuti l -W -d /etc/httpd /al i as
Enter Password or Pin for "NSS Certificate DB":
Enter a password which will be used to encrypt your keys.
The password should be at least 8 characters long,
and should contain at least one non-alphabetic character.
Enter new password:
Re-enter password:
Password changed successfully.
9. Configure mo d _nss to use the NSS internal software token by changing the line with the
NSSP assP hraseD i al o g
~]# vi /etc/httpd /co nf. d /nss. co nf
NSSPassPhraseDialog file:/etc/httpd/password.conf
This is to avoid manual password entry on system start. The software token exists in the NSS database but you can also have a physical token containing your certificates.
10. If the SSL Server Certificate contained in the NSS database is an RSA certificate, make certain that the NSSNi ckname parameter is uncommented and matches the nickname displayed in step 4 above:
~]# vi /etc/httpd /co nf. d /nss. co nf NSSNickname Server-Cert
If the SSL Server Certificate contained in the NSS database is an ECC certificate, make certain that the NSSEC C Ni ckname parameter is uncommented and matches the nickname displayed in step 4 above:
~]# vi /etc/httpd /co nf. d /nss. co nf NSSECCNickname Server-Cert
Make certain that the NSSC erti fi cateD atabase parameter is uncommented and points to the NSS database directory displayed in step 4 or configured in step 5 above:
~]# vi /etc/httpd /co nf. d /nss. co nf
NSSCertificateDatabase /etc/httpd/alias
Replace /etc/httpd /al i as with the path to the certificate database to be used.
11. Create the /etc/httpd /passwo rd . co nf file as ro o t:
~]# vi /etc/httpd /passwo rd . co nf Add a line with the following form:
internal:password
Replacing password with the password that was applied to the NSS security databases in step 6 above.
12. Apply the appropriate ownership and permissions to the /etc/httpd /passwo rd . co nf file:
~]# chg rp apache /etc/httpd /passwo rd . co nf
~]# chmo d 6 4 0 /etc/httpd /passwo rd . co nf
~]# l s -l /etc/httpd /passwo rd . co nf
-rw-r---. 1 root apache 10 Dec 4 17:13 /etc/httpd/password.conf 13. To configure mo d _nss to use the NSS the software token in /etc/httpd /passwo rd . co nf,
edit /etc/httpd /co nf. d /nss. co nf as follows:
~]# vi /etc/httpd /co nf. d /nss. co nf
14. Restart the Apache server for the changes to take effect as described in Section 11.1.3.3,
“ Restarting the Service”
Important
Due to the vulnerability described in POODLE: SSLv3 vulnerability (CVE-2014-3566), Red Hat recommends disabling SSL and using only T LSv1. 1 or T LSv1. 2. Backwards compatibility can be achieved using T LSv1. 0. Many products Red Hat supports have the ability to use SSLv2 or SSLv3 protocols, or enable them by default. However, the use of SSLv2 or SSLv3 is now strongly recommended against.
1 1 .1 .9 .1 . Enabling and Disabling SSL and T LS in m o d_nss
To disable and enable specific versions of the SSL and TLS protocol, either do it globally by adding the NSSP ro to co l directive in the “ ## SSL Global Context” section of the configuration file and removing it everywhere else, or edit the default entry under “ # SSL Protocol” in all “ VirtualHost”
sections. If you do not specify it in the per-domain VirtualHost section then it will inherit the settings from the global section. To make sure that a protocol version is being disabled the administrator should either o n ly specify NSSP ro to co l in the “ SSL Global Context” section, or specify it in all per-domain VirtualHost sections.
Pro ced u re 11.5. Disab le All SSL an d T LS Pro t o co ls Excep t T LS 1 an d Up in mo d _n ss To disable all SSL and TLS protocol versions except TLS version 1 and higher, proceed as follows:
1. As ro o t, open the /etc/httpd /co nf. d /nss. co nf file and search for all instances of the NSSP ro to co l directive. By default, the configuration file contains one section that looks as follows:
~]# vi /etc/httpd /co nf. d /nss. co nf
# SSL Protocol:
output omitted
# Since all protocol ranges are completely inclusive, and no protocol in the
# middle of a range may be excluded, the entry "NSSProtocol SSLv3,TLSv1.1"
# is identical to the entry "NSSProtocol SSLv3,TLSv1.0,TLSv1.1".
NSSProtocol SSLv3,TLSv1.0,TLSv1.1 This section is within the VirtualHost section.
2. Edit the NSSP ro to co l line as follows:
# SSL Protocol:
NSSProtocol TLSv1.0,TLSv1.1
Repeat this action for all VirtualHost sections.
3. Edit the Li sten 84 4 3 line as follows:
Listen 443
4. Edit the default Vi rtual Ho st _d efaul t_: 84 4 3 line as follows:
VirtualHost _default_:443
Edit any other non-default virtual host sections if they exist. Save and close the file.
5. Verify that all occurrences of the NSSP ro to co l directive have been changed as follows:
~]# g rep NSSP ro to co l /etc/httpd /co nf. d /nss. co nf
# middle of a range may be excluded, the entry "NSSP ro to co l SSLv3,TLSv1.1"
# is identical to the entry "NSSP ro to co l SSLv3,TLSv1.0,TLSv1.1".
NSSP ro to co l TLSv1.0,TLSv1.1
This step is particularly important if you have more than one VirtualHost section.
6. Restart the Apache daemon as follows:
~]# servi ce httpd restart
Note that any sessions will be interrupted.
Pro ced u re 11.6 . T est in g t h e St at u s o f SSL an d T LS Pro t o co ls in mo d _n ss
To check which versions of SSL and TLS are enabled or disabled in mo d _n ss, make use of the o penssl s_cl i ent -co nnect command. Install the openssl package as ro o t:
~]# yum i nstal l o penssl
The o penssl s_cl i ent -co nnect command has the following form:
openssl s_client -connect hostname:port -protocol
Where port is the port to test and protocol is the protocol version to test for. To test the SSL server running locally, use l o cal ho st as the host name. For example, to test the default port for secure HTTPS connections, port 4 4 3 to see if SSLv3 is enabled, issue a command as follows:
1. ~]# o penssl s_cl i ent -co nnect l o cal ho st: 4 4 3 -ssl 3 CONNECTED(00000003)
3077773036:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:337:
output omitted
New, (NONE), C i pher i s (NO NE)
Secure Renegotiation IS NOT supported Compression: NONE
Expansion: NONE SSL-Session:
Protocol : SSLv3 output truncated
The above output indicates that the handshake failed and therefore no cipher was negotiated.
2. ~]$ o penssl s_cl i ent -co nnect l o cal ho st: 4 4 3 -tl s1 CONNECTED(00000003)
depth=1 C = US, O = example.com, CN = Certificate Shack
output omitted
New, TLSv1/SSLv3, C i pher i s AES128-SHA Server public key is 1024 bit
Secure Renegotiation IS supported Compression: NONE
Expansion: NONE SSL-Session:
Protocol : TLSv1 output truncated
The above output indicates that no failure of the handshake occurred and a set of ciphers was negotiated.
The o penssl s_cl i ent command options are documented in the s_cl i ent(1) manual page.
For more information on the SSLv3 vulnerability and how to test for it, see the Red Hat Knowledgebase article POODLE: SSLv3 vulnerability (CVE-2014-3566).