Symantec VIP Enterprise Gateway force strong key exchange for SSL/TLS server communication
Article ID: 245789
Updated On:
Products
Issue/Introduction
Security scans detecting VIP Enterprise Gateway as supporting weak SSL/TLS ciphers. There is a need to change the SSL/TLS server configuration to only allow strong key exchanges. Key exchanges should provide at least 224 bits of security, which translates to a minimum key size of 2048 bits for Diffie-Hellman and RSA key exchanges and Ephemeral Diffie-Hellman 2048 key size.
Environment
Symantec VIP Enterprise Gateway, Self-Service IdP, My VIP IdP, and VIP Manager IdP portals.
Cause
The existing weakciphers.properties file will already disable any cipher using less than 128 bits, but security scans, recommendations, or policies may require additional ciphers to ensure a higher key exchange.
Resolution
VIP Enterprise Gateway 9.10.3 or later is recommended to preserve the file changes after a server restart.
STEP 1:
- Weak ciphers can be disabled by adding them to the 'weakciphers.properties' file on the VIP Enterprise Gateway. (See also: https://knowledge.broadcom.com/external/article?articleId=150540)
- The weakciphers.properties file is located at <VIPEG_INSTALLATION>/conf/weakciphers.properties
- Ciphers should be added in using the IANA naming convention: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
- Utilizing this table, additional ciphers can be added to disable DH/DHE/ECDH ciphers that are less than 224 bits. To exclude any DHE cipher with less than 224 bits of security, add the following to the 'weakciphers.properties' file under the '#Weak TLS ciphers' section (server reboot required to take effect):
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_SEED_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA
TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
TLS_DH_DSS_WITH_AES_128_CBC_SHA
TLS_DH_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
TLS_DH_DSS_WITH_AES_128_CBC_SHA256
TLS_DH_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA
TLS_DHE_DSS_WITH_RC4_128_SHA
TLS_DH_anon_WITH_AES_128_CBC_SHA256
TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
TLS_DHE_PSK_WITH_AES_128_CBC_SHA
TLS_DH_DSS_WITH_SEED_CBC_SHA
TLS_DH_RSA_WITH_SEED_CBC_SHA
TLS_DHE_DSS_WITH_SEED_CBC_SHA
TLS_DH_anon_WITH_SEED_CBC_SHA
TLS_DH_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
TLS_DH_DSS_WITH_AES_128_GCM_SHA256
TLS_DH_anon_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CCM
TLS_DHE_RSA_WITH_AES_128_CCM_8
TLS_DHE_PSK_WITH_AES_128_CCM
TLS_PSK_DHE_WITH_AES_128_CCM_8
TLS_ECDHE_ECDSA_WITH_AES_128_CCM
TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
STEP 2:
- WINDOWS:
- Use a text editor in administrator mode to edit the file: <EG_INSTALL_HOME>\IDP\services\SSP\conf\wrapper.conf
- Locate the section Java Additional Parameters. Add the following line to this section: wrapper.java.additional.10=-Djdk.tls.ephemeralDHKeySize=2048
The file entry should look similar to this: - If necessary, the 10 value in the added line can be changed to reflect the next sequential value from the line above it. For example, if the existing previous line begins with wrapper.java.additional.32=..., the next added line would be wrapper.java.additional.33=-Djdk.tls.ephemeralDHKeySize=2048
- Save the changes.
- Restart the VIP Enterprise Gateway server.
- LINUX:
- Use a text editor edit the file: <EG_INSTALL_HOME>/IDP/bin/idpstartservice.
- Locate the following if statement:
if [ -s "services/${SERVERNAME}/conf/ssp.conf" ]; then - Add the following java parameter to the export CMD= value:
-Djdk.tls.ephemeralDHKeySize=2048 - Example:
- Save the changes.
- Restart the VIP Enterprise Gateway server.
Additional Information
Root Cause Analysis: The Diffie Hellman key Exchange aka DHE algorithm is the key exchange mechanism used for encrypting server and client shared secrets with each other. It currently uses the 1024 bits, which the Server and Client use during the SSL handshake to agree on a common symmetric key. This is an asymmetric algorithm. Step #2 enforces the DH key size to be 2048 bits for the SSP/MyVIP/VIP Manager IdP communication.
Feedback
