ebl2qa
Last Updated: February 25, 2016
·
7.062K
· bear
1d1d1c010659cc824304b9a35ea33a14

nginx ssl config with forward secrecy enabled

Two things are important for any HTTPd configuration: mitigation of BEAST and Forward Secrecy. Perfect Forward Secrecy is hard since IE9 does not support any of the DHE or ECDHE.
For details on what all that means see SSL Labs article on deploying forward secrecy. This config below scores very well with SSL Labs test suite.

server_tokens off;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA;
Say Thanks
Respond

5 Responses
Add your response

11183
Cdbd775ff8b4873e426feb6c2f039fb0 normal

I would add to your documentation how to use openssl to append the DH randomness to your key chain:

openssl dhparam -rand - 1024 >> mychain.pem

over 1 year ago ·
12084
04f3babefa4ba85e7904b40e6846e217

For the benefit of future readers: using the explicit list of ciphers from the referenced SSL Labs article only got my site an overall "C" rating in SSL Labs' own tests, whereas the following much simpler alternative gets an "A":

ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
over 1 year ago ·
13964
04f3babefa4ba85e7904b40e6846e217

Re. @rtaprh's comment, with the current stable nginx versions it's no longer necessary to do the dhparam trick, and in fact it's downright discouraged.

over 1 year ago ·
17023
715090826868a4a97ffd8cd2cd4c18bc

Maybe a best source of informations about that problem is : https://community.qualys.com/blogs/securitylabs/2013/08/05/configuring-apache-nginx-and-openssl-for-forward-secrecy

And we can check our servers configurations with their tool : https://www.ssllabs.com/ssltest/index.html

;)

over 1 year ago ·
17902
None

Thanks for this article. Not sure how up to date it is, but you could consider taking SSLv3 out.

over 1 year ago ·