はじめに
Nginx で TLS1.1以前のプロトコルを無効にする設定を記載する。
随分前だが、TLS1.1以前については使用が非推奨となっている。
最近では、1年ほど前にブラウザ側でTLS1.0/1.1での接続ができないようになっている。
準備
この記事で作成した Nginx の構築を流用する。
試してみたい!というのであれば、上記の記事の設定を見ていただければと思う。
設定
ssl.conf に下記のように記載する。
ssl_protocols TLSv1.2 TLSv1.3;全体はこんな感じ。
server {
listen 443 ssl;
server_name localhost;
ssl_certificate /etc/nginx/certs/server.crt;
ssl_certificate_key /etc/nginx/certs/server.key;
+ ssl_protocols TLSv1.2 TLSv1.3;
location / {
root /usr/share/nginx/html;
}
}
※設定を変更したら、 nginx -s reload でリロードをする。
TLS1.0, TLS1.1が無効、TLS1.2, TLS1.3が有効になっているかの確認
下記のコマンドで確認する。
openssl s_client -connect localhost:443 -tls1
openssl s_client -connect localhost:443 -tls1_1
openssl s_client -connect localhost:443 -tls1_2
openssl s_client -connect localhost:443 -tls1_3$ openssl s_client -connect localhost:443 -tls1
CONNECTED(00000003)
40A743CF737F0000:error:0A0000BF:SSL routines:tls_setup_handshake:no protocols available:../ssl/statem/statem_lib.c:104:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 7 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---$ openssl s_client -connect localhost:443 -tls1_1
CONNECTED(00000003)
40C748DAE97F0000:error:0A0000BF:SSL routines:tls_setup_handshake:no protocols available:../ssl/statem/statem_lib.c:104:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 7 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---$ openssl s_client -connect localhost:443 -tls1_2
CONNECTED(00000003)
Can't use SSL_get_servername
depth=0 C = JP, ST = Tokyo, O = Internet Widgits Pty Ltd, CN = localhost
verify error:num=18:self-signed certificate
verify return:1
depth=0 C = JP, ST = Tokyo, O = Internet Widgits Pty Ltd, CN = localhost
verify return:1
---
Certificate chain
0 s:C = JP, ST = Tokyo, O = Internet Widgits Pty Ltd, CN = localhost
i:C = JP, ST = Tokyo, O = Internet Widgits Pty Ltd, CN = localhost
a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
v:NotBefore: Jun 17 01:54:06 2023 GMT; NotAfter: Jun 14 01:54:06 2033 GMT
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDczCCAlugAwIBAgIULh3/kNB5rqg4qJSAX6R0GQJvIigwDQYJKoZIhvcNAQEL
BQAwVDELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBVRva3lvMSEwHwYDVQQKDBhJbnRl
cm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMzA2
MTcwMTU0MDZaFw0zMzA2MTQwMTU0MDZaMFQxCzAJBgNVBAYTAkpQMQ4wDAYDVQQI
DAVUb2t5bzEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRIwEAYD
VQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM
YsvEc8+bo/1oB1nPcfkqBf2YoEjvwjMh1qtvA+oRqdBp5rZJDGBJ9L9KMV50NArj
W4U/HJqMM3lUPomXqAB5KGmxv30qxeBgfXqEnnd/X4A+ZAhpvtXFQe3a8Gb1Daer
ck8tlDUC2WxZZO+Sc8C9RxUcK+CcVQDwP+l9g/wFWuJWqFuTA9TK8EODBQ17Q3lF
pluzhT8NwwDLL1hTJd93Ex94uYvaO6FOu3H7bNYQ0Xfk4pHtyW3eUzAS7GydBIzk
Byi/Coi9rM8OJZpYMQetXERVbuYKRi5QLjzP6oEfwEMYbfvOdZiEdvT+MRV5/Dmf
KeInhqrysldhO3e/nqibAgMBAAGjPTA7MBoGA1UdEQQTMBGCCWxvY2FsaG9zdIcE
fwAAATAdBgNVHQ4EFgQUKmFAf5tOriBgNCaOyoQH+zt1qagwDQYJKoZIhvcNAQEL
BQADggEBAIJ5Li1M2VP+z3z//ubfOTE7A9wWjukSp30HMN2XogjJkn0kRU6m08gz
+yuwnRMyqZjf8HwY+SshHIWv28AKS/ske53PJY7sK1F8UhZ+NsS8A2cKVYEtz3Xm
32H+vKg4EuTJBM3PNfqL3VcBAN+dpbkjUzfNvK4cFLbBn7cnFRMhffiBrbumoXkt
8pN/GPsXBs//BqnAmK9q5Nee+KwGsgm8setF9bngUnx9nwfoudYwnwInNYA2SP9/
rEkC7vdX2ho7+WXpx4oXQ9zzHKZmGqZEjQcwCkrHI8D2Uy4PiaJeypGl+OBBlyXr
UpuCpsYDqzOFwIYEDFHKSBEOWD62P1E=
-----END CERTIFICATE-----
subject=C = JP, ST = Tokyo, O = Internet Widgits Pty Ltd, CN = localhost
issuer=C = JP, ST = Tokyo, O = Internet Widgits Pty Ltd, CN = localhost
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 1544 bytes and written 281 bytes
Verification error: self-signed certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: 7DAFA220E37F073EDEE65D7F5A8DC702E1B7BC08B7B2613344DBB9139CDE05D1
Session-ID-ctx:
Master-Key: 7B2F1F1259621560D2596780F50E7B71B4CA7BA8B9C45DD6BC2A61C762633FD50ADD16677DCE501008B11CF3F2554E1B
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 91 d0 ae 7b 8b 65 12 d7-cd ea db 23 32 15 24 ea ...{.e.....#2.$.
0010 - d0 dd 97 b6 97 08 bc 42-4e 94 fa ef a8 91 0e 31 .......BN......1
0020 - 74 45 73 d6 8d b9 33 84-10 40 b5 b5 8c 16 75 32 tEs...3..@....u2
0030 - 31 87 84 24 47 51 5b cd-b0 d7 67 52 88 95 fe 8d 1..$GQ[...gR....
0040 - c0 e1 68 2d 33 51 22 f2-c0 05 4f bf c0 9d 0a 38 ..h-3Q"...O....8
0050 - 89 03 aa c1 3e 3d 57 37-6b ce 20 ed 86 2a 2e cb ....>=W7k. ..*..
0060 - 5a e0 72 80 ee aa ea 28-22 2e 03 6d e3 34 c9 04 Z.r....("..m.4..
0070 - 88 67 80 be 36 8b e1 f0-ac 58 a7 c2 5c 62 04 a0 .g..6....X..\b..
0080 - 0d ee f5 65 f1 d7 64 ec-f0 02 4f f1 69 12 6e c3 ...e..d...O.i.n.
0090 - 4d a8 5a 0b de 9b e7 a5-0b b5 bb 89 38 31 db 86 M.Z.........81..
00a0 - 0d 82 c2 dd ca 29 c2 7f-89 46 21 11 1a 75 12 6e .....)...F!..u.n
00b0 - 97 60 c2 65 a5 22 c7 1b-82 1a 1f 82 f9 c9 9e 84 .`.e."..........
Start Time: 1687045154
Timeout : 7200 (sec)
Verify return code: 18 (self-signed certificate)
Extended master secret: yes
---$ openssl s_client -connect localhost:443 -tls1_3
CONNECTED(00000003)
Can't use SSL_get_servername
depth=0 C = JP, ST = Tokyo, O = Internet Widgits Pty Ltd, CN = localhost
verify error:num=18:self-signed certificate
verify return:1
depth=0 C = JP, ST = Tokyo, O = Internet Widgits Pty Ltd, CN = localhost
verify return:1
---
Certificate chain
0 s:C = JP, ST = Tokyo, O = Internet Widgits Pty Ltd, CN = localhost
i:C = JP, ST = Tokyo, O = Internet Widgits Pty Ltd, CN = localhost
a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
v:NotBefore: Jun 17 01:54:06 2023 GMT; NotAfter: Jun 14 01:54:06 2033 GMT
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDczCCAlugAwIBAgIULh3/kNB5rqg4qJSAX6R0GQJvIigwDQYJKoZIhvcNAQEL
BQAwVDELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBVRva3lvMSEwHwYDVQQKDBhJbnRl
cm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMzA2
MTcwMTU0MDZaFw0zMzA2MTQwMTU0MDZaMFQxCzAJBgNVBAYTAkpQMQ4wDAYDVQQI
DAVUb2t5bzEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRIwEAYD
VQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM
YsvEc8+bo/1oB1nPcfkqBf2YoEjvwjMh1qtvA+oRqdBp5rZJDGBJ9L9KMV50NArj
W4U/HJqMM3lUPomXqAB5KGmxv30qxeBgfXqEnnd/X4A+ZAhpvtXFQe3a8Gb1Daer
ck8tlDUC2WxZZO+Sc8C9RxUcK+CcVQDwP+l9g/wFWuJWqFuTA9TK8EODBQ17Q3lF
pluzhT8NwwDLL1hTJd93Ex94uYvaO6FOu3H7bNYQ0Xfk4pHtyW3eUzAS7GydBIzk
Byi/Coi9rM8OJZpYMQetXERVbuYKRi5QLjzP6oEfwEMYbfvOdZiEdvT+MRV5/Dmf
KeInhqrysldhO3e/nqibAgMBAAGjPTA7MBoGA1UdEQQTMBGCCWxvY2FsaG9zdIcE
fwAAATAdBgNVHQ4EFgQUKmFAf5tOriBgNCaOyoQH+zt1qagwDQYJKoZIhvcNAQEL
BQADggEBAIJ5Li1M2VP+z3z//ubfOTE7A9wWjukSp30HMN2XogjJkn0kRU6m08gz
+yuwnRMyqZjf8HwY+SshHIWv28AKS/ske53PJY7sK1F8UhZ+NsS8A2cKVYEtz3Xm
32H+vKg4EuTJBM3PNfqL3VcBAN+dpbkjUzfNvK4cFLbBn7cnFRMhffiBrbumoXkt
8pN/GPsXBs//BqnAmK9q5Nee+KwGsgm8setF9bngUnx9nwfoudYwnwInNYA2SP9/
rEkC7vdX2ho7+WXpx4oXQ9zzHKZmGqZEjQcwCkrHI8D2Uy4PiaJeypGl+OBBlyXr
UpuCpsYDqzOFwIYEDFHKSBEOWD62P1E=
-----END CERTIFICATE-----
subject=C = JP, ST = Tokyo, O = Internet Widgits Pty Ltd, CN = localhost
issuer=C = JP, ST = Tokyo, O = Internet Widgits Pty Ltd, CN = localhost
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 1443 bytes and written 305 bytes
Verification error: self-signed certificate
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 18 (self-signed certificate)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
Session-ID: 5534F6703AB6C12A57ACC74FA9458899D9379BF81E6FF7C8B59F3CE580C7170D
Session-ID-ctx:
Resumption PSK: F084E51FAB491404772F0909462E48D4B80B8725C67EED34E349822EB0DED3B185481F3DB87F42D6461D5EEC3591FC56
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 91 d0 ae 7b 8b 65 12 d7-cd ea db 23 32 15 24 ea ...{.e.....#2.$.
0010 - 14 8f aa 6b e1 2c 23 be-ef f7 25 53 82 61 80 d1 ...k.,#...%S.a..
0020 - 7f ba 98 85 e0 75 b6 80-f7 b5 72 60 a6 80 cf d4 .....u....r`....
0030 - 77 f5 c2 17 1b 02 45 e2-73 c0 69 d5 22 64 fd a9 w.....E.s.i."d..
0040 - 17 a6 6c 5c ab 8f fc a1-b5 9f 46 40 88 25 fa 6d ..l\......F@.%.m
0050 - e3 09 bb c6 4d ee aa b9-c9 19 74 cf b8 68 f1 e6 ....M.....t..h..
0060 - 54 a8 cb 5a 13 67 af a8-66 22 dc bf 39 d9 bb 65 T..Z.g..f"..9..e
0070 - 6f 10 be f7 7e ce 8d 2d-95 5e a7 c6 26 7d 53 b9 o...~..-.^..&}S.
0080 - 3f 72 a8 9d af 66 ac 10-19 24 59 fc 95 76 b1 7d ?r...f...$Y..v.}
0090 - 1c 85 4a b0 b5 72 45 af-cc d7 a8 9c 07 13 52 4b ..J..rE.......RK
00a0 - 9e 22 31 90 a3 a9 89 2e-82 89 b1 af 2b 56 25 38 ."1.........+V%8
00b0 - 2a 79 fa ee de 43 69 1c-94 a3 0b 58 a7 79 9d 07 *y...Ci....X.y..
00c0 - 6f e7 2b 88 5d ad f2 ba-99 36 25 fa 8c c4 dc 94 o.+.]....6%.....
00d0 - c3 b0 5a 3b aa 1a 51 8a-76 c1 36 8a 50 37 f4 df ..Z;..Q.v.6.P7..
Start Time: 1687045177
Timeout : 7200 (sec)
Verify return code: 18 (self-signed certificate)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
Session-ID: A410C2EE88DD6FC46D10F9178785E0E8D0A23FD6CF950B041D0C3665FBD14E2B
Session-ID-ctx:
Resumption PSK: 39F7914D89C2C31280414029DFBFBE08D4FF69E9A109A8542BCFCD4D4E8286CE33C280C8D10B9AB152EF0522ADCEEED2
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 91 d0 ae 7b 8b 65 12 d7-cd ea db 23 32 15 24 ea ...{.e.....#2.$.
0010 - 39 63 ad 33 c0 48 e3 d0-e3 8e 2d 94 9f 2e fd 8c 9c.3.H....-.....
0020 - 95 21 8f 67 75 8e 84 c9-5e e3 26 d8 04 97 94 71 .!.gu...^.&....q
0030 - 85 5f 93 f6 b3 bb 03 7b-8e 78 63 9e f4 6f 2d 4b ._.....{.xc..o-K
0040 - 41 db d1 e4 c7 d1 e8 f2-46 16 15 0f e9 76 8a a1 A.......F....v..
0050 - c9 45 66 93 0f 87 bf b8-7f 5a fa 9e 76 56 5e ac .Ef......Z..vV^.
0060 - 3a 25 16 7e 30 93 95 e3-37 12 34 ea a2 70 94 5c :%.~0...7.4..p.\
0070 - 63 84 34 b2 37 32 4a 23-1f 31 c7 ff c0 aa 3c 77 c.4.72J#.1....<w
0080 - 4a 2a 99 a0 5c 8a 39 8b-e9 5c 4c 9a e7 57 f4 e0 J*..\.9..\L..W..
0090 - ba 9e d9 cf 08 0d 92 8a-52 52 17 69 f9 9c 37 e8 ........RR.i..7.
00a0 - fa 84 ba 53 ee ab a0 b3-c2 cb 95 5a 66 79 9c 1c ...S.......Zfy..
00b0 - 3e 8b 3b ac 6a d9 7c cf-ef da f3 e0 0d f7 92 ef >.;.j.|.........
00c0 - 89 1a 2e 17 e2 af ae 9d-9c 6d 97 39 b4 e0 16 b0 .........m.9....
00d0 - 8e 7c b9 27 61 de 70 59-99 c6 32 20 dc a5 06 a1 .|.'a.pY..2 ....
Start Time: 1687045177
Timeout : 7200 (sec)
Verify return code: 18 (self-signed certificate)
Extended master secret: no
Max Early Data: 0
---
read R BLOCKTLS1.0, TLS1.1の接続では証明書の取得ができていない。
TLS1.2, TLS1.3では接続し証明書の取得ができているのでOK。
補足
下記のコマンドでも確認が可能
curl -I -v --tlsv1.2 --tls-max 1.2 https://localhost
curl -I -v --tlsv1.3 --tls-max 1.3 https://localhost$ curl -I -v --tlsv1.2 --tls-max 1.2 https://localhost
* Trying 127.0.0.1:443...
* Connected to localhost (127.0.0.1) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS header, Unknown (21):
* TLSv1.2 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: self-signed certificate
* Closing connection 0
curl: (60) SSL certificate problem: self-signed certificate
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.curl -I -v --tlsv1.3 --tls-max 1.3 https://localhost
* Trying 127.0.0.1:443...
* Connected to localhost (127.0.0.1) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS header, Unknown (21):
* TLSv1.3 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: self-signed certificate
* Closing connection 0
curl: (60) SSL certificate problem: self-signed certificate
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.※ TLS1.1の場合は下記のように、 no protocols available が出る。
curl -I -v --tlsv1.1 --tls-max 1.1 https://localhost
* Trying 127.0.0.1:443...
* Connected to localhost (127.0.0.1) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Unknown (21):
* TLSv1.3 (OUT), TLS alert, protocol version (582):
* error:0A0000BF:SSL routines::no protocols available
* Closing connection 0
curl: (35) error:0A0000BF:SSL routines::no protocols availableおまけ
使用しているサイトで、SSLの診断をしたい場合は下記のサイトを利用すると便利。
とても助かっている :smile:
- SSL Labs
https://www.ssllabs.com/ssltest/
参考
Chrome「ERR_SSL_OBSOLETE_VERSION」警告通知の解決方法
https://kinsta.com/jp/knowledgebase/err_ssl_obsolete_version/Webサイトのセキュリティ強化を!TLSバージョンアップの対応にむけて
https://www.sqat.jp/kawaraban/19215/#:~:text=TLS%201.0%2F1.1%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6%E3%81%AF,%E3%81%8C%E5%85%AC%E9%96%8B%E3%81%95%E3%82%8C%E3%81%A6%E3%81%84%E3%81%BE%E3%81%99%E3%80%82TLS 1.0および1.1の廃止について
https://www.digicert.com/jp/blog/depreciating-tls-1-0-and-1-1nginx documentation
http://nginx.org/en/docs/nginxでTLS1.2のみを許可する設定手順
https://zenn.dev/tatsuyasusukida/scraps/1152b6749ec233How To Configure Nginx to use TLS 1.2 / 1.3 only
https://www.cyberciti.biz/faq/configure-nginx-to-use-only-tls-1-2-and-1-3/
おわりに
現在ではブラウザ側非推奨の画面が出るため、サーバ側に接続する前にブラウザからの接続はできないはず。
なのだが、一応ブラウザの設定でTLS1.1以前のプロトコルでの接続が可能ではあるらしい。
なので、サーバ側でも設定しておきたいという気持ちも込めて備忘録。
古いアーキテクチャで使用しているのは、Apache の方が使用頻度は多いが今回は nginx での設定を記載した。Apacheでの設定についてはほとんど同じなので、迷うポイントは少ないはず。
確認手段に関しては、この記事と同じ手順で確認できる。