Contents

Configuring SSL· 1

Overview·· 1

SSL security services· 1

SSL protocol stack· 1

Configuration task list 2

Configuring an SSL server policy· 2

SSL server policy configuration example· 4

Configuring an SSL client policy· 5

Disabling SSL 3.0· 6

Displaying SSL· 6

Troubleshooting SSL· 6

SSL handshake failure· 6

 

Configuring SSL

Overview

Secure Sockets Layer (SSL) is a cryptographic protocol that provides communication security for TCP-based application layer protocols such as HTTP. SSL has been widely used in applications such as e-business and online banking to provide secure data transmission over the Internet.

SSL security services 

SSL provides the following security services:

·     Privacy—SSL uses a symmetric encryption algorithm to encrypt data. It uses the asymmetric key algorithm of RSA to encrypt the key used by the symmetric encryption algorithm. For more information about RSA, see "Managing public keys."

·     Authentication—SSL uses certificate-based digital signatures to authenticate the SSL server and client. The SSL server and client obtain digital certificates through PKI. For more information about PKI and digital certificates, see "Configuring PKI."

·     Integrity—SSL uses the message authentication code (MAC) to verify message integrity. It uses a MAC algorithm and a key to transform a message of any length to a fixed-length message. Any change to the original message will result in a change to the calculated fixed-length message. As shown in Figure 1, the message integrity verification process is as follows:

a.     The sender uses a MAC algorithm and a key to calculate a MAC value for a message. Then, it appends the MAC value to the message and sends the message to the receiver.

b.     The receiver uses the same key and MAC algorithm to calculate a MAC value for the received message, and compares it with the MAC value appended to the message.

c.     If the two MAC values match, the receiver considers the message intact. Otherwise, the receiver considers that the message was tampered with and it discards the message.

Figure 1 Message integrity verification by a MAC algorithm

 

For more information about symmetric key algorithms, asymmetric key algorithm RSA, and digital signature, see "Managing public keys."

For more information about PKI, certificate, and CA, see "Configuring PKI."

SSL protocol stack

The SSL protocol stack includes the following protocols:

·     SSL record protocol at the lower layer.

·     SSL handshake protocol, SSL change cipher spec protocol, and SSL alert protocol at the upper layer.

Figure 2 SSL protocol stack

 

·     SSL record protocol—Fragments data received from the upper layer, computes and adds MAC to the data, and encrypts the data.

·     SSL handshake protocol—Negotiates the cipher suite used for secure communication, authenticates the server and client, and securely exchanges the keys between the server and client. The cipher suite that needs to be negotiated includes the symmetric encryption algorithm, key exchange algorithm, and MAC algorithm.

·     SSL change cipher spec protocol—Notifies the receiver that subsequent packets are to be protected based on the negotiated cipher suite and key.

·     SSL alert protocol—Sends alert messages to the receiving party. An alert message contains the alert severity level and a description.

Configuration task list

Task	Remarks
Configuring an SSL server policy	Required.
Configuring an SSL client policy	Optional.
Disabling SSL 3.0	Optional.

 

Configuring an SSL server policy

An SSL server policy is a set of SSL parameters used by the SSL server. An SSL server policy takes effect only after it is associated with an application such as HTTPS.

SSL versions include SSL 2.0, SSL 3.0, and TLS 1.0 (or SSL 3.1). When the device acts as the SSL server, it can communicate with clients running SSL 3.0 or TLS 1.0. When the server receives an SSL 2.0 Client Hello message from a client supporting both SSL 2.0 and SSL 3.0/TLS 1.0, it notifies the client to use SSL 3.0 or TLS 1.0 for communication.

In FIPS mode, only TLS 1.0 is supported.

To configure an SSL server policy:

 

Step	Command	Remarks
1.     Enter system view.	system-view	N/A
2.     Create an SSL server policy and enter its view.	ssl server-policy policy-name	N/A
3.     Specify a PKI domain for the SSL server policy.	pki-domain domain-name	Optional. By default, no PKI domain is specified for an SSL server policy, and the SSL server generates and signs a certificate for itself and does not obtain a certificate from a CA server. If SSL clients authenticate the server through a digital certificate, you must use this command to specify a PKI domain and request a local certificate for the SSL server in the PKI domain. For information about how to configure a PKI domain, see "Configuring PKI."
4.     Specify the cipher suites that the SSL server policy supports.	·     In non-FIPS mode: ciphersuite [ rsa_3des_ede_cbc_sha | rsa_aes_128_cbc_sha | rsa_aes_256_cbc_sha | rsa_des_cbc_sha | rsa_rc4_128_md5 | rsa_rc4_128_sha ] * ·     In FIPS mode: ciphersuite [ dhe_rsa_aes_128_cbc_sha | dhe_rsa_aes_256_cbc_sha | rsa_aes_128_cbc_sha | rsa_aes_256_cbc_sha ] *	Optional. By default, an SSL server policy supports all cipher suites.
5.     Set the handshake timeout time for the SSL server.	handshake timeout time	Optional. By default, the handshake timeout time is 3600 seconds.
6.     Set the SSL connection close mode.	close-mode wait	Optional. By default, an SSL server sends a close-notify alert message to the client and closes the connection without waiting for the close-notify alert message from the client.
7.     Set the maximum number of cached sessions and the caching timeout time.	session { cachesize size | timeout time } *	Optional. By default, the SSL server can cache a maximum of 500 sessions, and the session cache timeout time is 3600 seconds.
8.     Configure the server to require certificate-based SSL client authentication.	client-verify enable	Optional. By default, SSL client authentication is disabled.
9.     Enable SSL client weak authentication.	client-verify weaken	Optional. By default, SSL client weak authentication is disabled. This command takes effect only when the client-verify enable command is configured.

 

SSL server policy configuration example

Network requirements

Configure the AC to operate as an HTTPS server so that the client accesses the HTTPS server through HTTPS. Configure a CA server to issue certificates.

Figure 3 Network diagram

 

Configuration procedure

In this example, Windows Server operates as the CA server and the SCEP plug-in is installed on the CA server.

Before performing the following tasks, make sure the client, the AC, and the CA server can reach each other.

1.     Request a certificate for the AC:

# Create a PKI entity named en and configure it.

<AC> system-view

[AC] pki entity en

[AC-pki-entity-en] common-name http-server1

[AC-pki-entity-en] fqdn ssl.security.com

[AC-pki-entity-en] quit

# Create a PKI domain and configure it.

[AC] pki domain 1

[AC-pki-domain-1] ca identifier ca1

[AC-pki-domain-1] certificate request url http://10.1.2.2/certsrv/mscep/ mscep.dll

[AC-pki-domain-1] certificate request from ra

[AC-pki-domain-1] certificate request entity en

[AC-pki-domain-1] quit

# Create the local RSA key pairs.

[AC] public-key local create rsa

# Retrieve the CA certificate.

[AC] pki retrieval-certificate ca domain 1

# Request a local certificate.

[AC] pki request-certificate domain 1

2.     Configure an SSL server policy:

# Create an SSL server policy named myssl.

[AC] ssl server-policy myssl

# Specify the PKI domain for the SSL server policy as 1.

[AC-ssl-server-policy-myssl] pki-domain 1

# Enable client authentication.

[AC-ssl-server-policy-myssl] client-verify enable

[AC-ssl-server-policy-myssl] quit

3.     Associate HTTPS service with the SSL server policy and enable HTTPS service:

# Configure HTTPS service to use SSL server policy myssl.

[AC] ip https ssl-server-policy myssl

# Enable HTTPS service.

[AC] ip https enable

4.     Verify the configuration:

Launch IE on the client and enter https://10.1.1.1 in the address bar. You should be able to log in to the AC and manage it.

For more information about PKI configuration commands and the public-key local create rsa command, see Security Command Reference.

Configuring an SSL client policy

An SSL client policy is a set of SSL parameters that the client uses to establish a connection to the server. An SSL client policy takes effect only after it is associated with an application layer protocol.

To configure an SSL client policy:

 

Step	Command	Remarks
1.     Enter system view.	system-view	N/A
2.     Create an SSL client policy and enter its view.	ssl client-policy policy-name	N/A
3.     Specify a PKI domain for the SSL client policy.	pki-domain domain-name	Optional. No PKI domain is specified by default. If SSL client authentication is required, you must specify a PKI domain and request a local certificate for the SSL client in the PKI domain. For information about how to configure a PKI domain, see "Configuring PKI."
4.     Specify the preferred cipher suite for the SSL client policy.	·     In non-FIPS mode: prefer-cipher { rsa_3des_ede_cbc_sha | rsa_aes_128_cbc_sha | rsa_aes_256_cbc_sha | rsa_des_cbc_sha | rsa_rc4_128_md5 | rsa_rc4_128_sha } ·     In FIPS mode: prefer-cipher { dhe_rsa_aes_128_cbc_sha d dhe_rsa_aes_256_cbc_sha | rsa_aes_128_cbc_sha | rsa_aes_256_cbc_sha }	Optional. rsa_rc4_128_md5 by default.
5.     Specify the SSL protocol version for the SSL client policy.	version { ssl3.0 | tls1.0 }	Optional. By default, the SSL client policy uses TLS 1.0.
6.     Enable certificate-based SSL server authentication.	server-verify enable	Optional. By default, SSL server authentication is enabled.

 

Disabling SSL 3.0

This feature allows you to disable SSL 3.0 on a device to enhance system security.

·     An SSL server supports only TLS 1.0 after SSL 3.0 is disabled.

·     An SSL client always uses SSL 3.0 if SSL 3.0 is specified for the client policy, whether you disable SSL 3.0 or not.

To ensure successful establishment of an SSL connection, do not disable SSL 3.0 on a device when the peer device only supports SSL 3.0. H3C recommends upgrading the peer device to support TLS 1.0 to improve security.

To disable SSL 3.0 on a device:

 

Step	Command	Remarks
1.     Enter system view.	system-view	N/A
2.     Disable SSL 3.0 on the device.	ssl version ssl3.0 disable	By default, the device supports SSL 3.0.

 

Displaying SSL

Task	Command	Remarks
Display SSL server policy information.	display ssl server-policy { policy-name | all } [ | { begin | exclude | include } regular-expression ]	Available in any view.
Display SSL client policy information.	display ssl client-policy { policy-name | all } [ | { begin | exclude | include } regular-expression ]	Available in any view.

 

Troubleshooting SSL

SSL handshake failure

Symptom

As the SSL server, the device fails to handshake with the SSL client.

Analysis

SSL handshake failure might result from the following causes:

·     The SSL client is configured to authenticate the SSL server, but the SSL server has no certificate, or the certificate is not trusted.

·     The SSL server is configured to authenticate the SSL client, but the SSL client has no certificate, or the certificate is not trusted.

·     The server and the client have no matching cipher suite.

Solution

1.     Issue the debugging ssl command and view the debugging information to locate the problem:

¡     If the SSL client is configured to authenticate the SSL server but the SSL server has no certificate, request one for it.

¡     If the server’s certificate cannot be trusted, install the root certificate of the CA that issued the local certificate to the SSL server on the SSL client, or let the server request a certificate from the CA that the SSL client trusts.

¡     If the SSL server is configured to authenticate the client, but the SSL client has no certificate or the certificate cannot be trusted, request and install a certificate for the client.

2.     Use the display ssl server-policy command to view the cipher suites that the SSL server policy supports. If the server and the client have no matching cipher suite, use the ciphersuite command to modify the cipher suite configuration of the SSL server.