12-Security Configuration Guide

HomeSupportResource CenterTechnical DocumentsConfigure & DeployConfiguration GuidesH3C MSR810[830][2600][3600] Routers Configuration Guides(V7)-R0821-6W50012-Security Configuration Guide
15-SSL configuration
Title Size Download
15-SSL configuration 104.64 KB

Configuring SSL

About SSL

Secure Sockets Layer (SSL) is a cryptographic protocol that provides communication security for TCP-based application layer protocols such as HTTP. SSL has been widely used in applications such as e-business and online banking to provide secure data transmission over the Internet.

SSL security services

SSL provides the following security services:

·     Privacy—SSL uses a symmetric encryption algorithm to encrypt data. It uses the asymmetric key algorithm of RSA to encrypt the key used by the symmetric encryption algorithm. For more information about RSA, see "Managing public keys."

·     Authentication—SSL uses certificate-based digital signatures to authenticate the SSL server and client. The SSL server and client obtain digital certificates through PKI. For more information about PKI and digital certificates, see "Configuring PKI."

·     Integrity—SSL uses the message authentication code (MAC) to verify message integrity. It uses a MAC algorithm and a key to transform a message of any length to a fixed-length message. Any change to the original message will result in a change to the calculated fixed-length message. As shown in Figure 1, the message integrity verification process is as follows:

a.     The sender uses a MAC algorithm and a key to calculate a MAC value for a message. Then, it appends the MAC value to the message and sends the message to the receiver.

b.     The receiver uses the same key and MAC algorithm to calculate a MAC value for the received message, and compares it with the MAC value appended to the message.

c.     If the two MAC values match, the receiver considers the message intact. Otherwise, the receiver considers that the message was tampered with and it discards the message.

Figure 1 MAC algorithm diagram

 

SSL protocol stack

The SSL protocol stack includes the following protocols:

·     SSL record protocol at the lower layer.

·     SSL handshake protocol, SSL change cipher spec protocol, and SSL alert protocol at the upper layer.

Figure 2 SSL protocol stack

 

The following describes the major functions of SSL protocols:

·     SSL record protocol—Fragments data received from the upper layer, computes and adds MAC to the data, and encrypts the data.

·     SSL handshake protocol—Negotiates the cipher suite used for secure communication, authenticates the server and client, and securely exchanges the keys between the server and client. The cipher suite that needs to be negotiated includes the symmetric encryption algorithm, key exchange algorithm, and MAC algorithm.

·     SSL change cipher spec protocol—Notifies the receiver that subsequent packets are to be protected based on the negotiated cipher suite and key.

·     SSL alert protocol—Sends alert messages to the receiving party. An alert message contains the alert severity level and a description.

SSL protocol versions

SSL protocol versions include SSL 2.0, SSL 3.0, TLS 1.0 (or SSL 3.1), TLS 1.1, and TLS 1.2. Because SSL 3.0 is known to be insecure, you can disable SSL 3.0 for the SSL server to ensure security.

FIPS compliance

The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode (see "Configuring FIPS") and non-FIPS mode.

Restrictions and guidelines: SSL configuration

By default, the SSL server can communicate with clients running all SSL protocol versions. When the server receives an SSL 2.0 Client Hello message from a client, it notifies the client to use a later version for communication.

SSL tasks at a glance

Configuring the SSL server

·     Configuring an SSL server policy

·     (Optional.) Disabling SSL protocol versions for the SSL server

·     (Optional.) Disabling SSL session renegotiation

Configuring the SSL client

Configuring an SSL client policy

Configuring an SSL server policy

About this task

An SSL server policy is a set of SSL parameters used by the device when the device acts as the SSL server. An SSL server policy takes effect only after it is associated with an application such as HTTPS.

Procedure

1.     Enter system view.

system-view

2.     Create an SSL server policy and enter its view.

ssl server-policy policy-name

3.     Specify a PKI domain for the SSL server policy.

pki-domain domain-name

By default, no PKI domain is specified for an SSL server policy.

If SSL server authentication is required, you must specify a PKI domain and request a local certificate for the SSL server in the domain.

For information about configuring a PKI domain, see "Configuring PKI."

4.     Specify the cipher suites that the SSL server policy supports.

In non-FIPS mode:

ciphersuite { dhe_rsa_aes_128_cbc_sha | dhe_rsa_aes_128_cbc_sha256 | dhe_rsa_aes_256_cbc_sha | dhe_rsa_aes_256_cbc_sha256 | ecdhe_ecdsa_aes_128_cbc_sha256 | ecdhe_ecdsa_aes_128_gcm_sha256 | ecdhe_ecdsa_aes_256_cbc_sha384 | ecdhe_ecdsa_aes_256_gcm_sha384 | ecdhe_rsa_aes_128_cbc_sha256 | ecdhe_rsa_aes_128_gcm_sha256 | ecdhe_rsa_aes_256_cbc_sha384 | ecdhe_rsa_aes_256_gcm_sha384 | exp_rsa_des_cbc_sha | exp_rsa_rc2_md5 | exp_rsa_rc4_md5 | rsa_3des_ede_cbc_sha | rsa_aes_128_cbc_sha | rsa_aes_128_cbc_sha256 | rsa_aes_256_cbc_sha | rsa_aes_256_cbc_sha256 | rsa_des_cbc_sha | rsa_rc4_128_md5 | rsa_rc4_128_sha } *

In FIPS mode:

ciphersuite { ecdhe_ecdsa_aes_128_cbc_sha256 | ecdhe_ecdsa_aes_256_cbc_sha384 | ecdhe_ecdsa_aes_128_gcm_sha256 | ecdhe_ecdsa_aes_256_gcm_sha384 | ecdhe_rsa_aes_128_cbc_sha256 | ecdhe_rsa_aes_128_gcm_sha256 | ecdhe_rsa_aes_256_cbc_sha384 | ecdhe_rsa_aes_256_gcm_sha384 | rsa_aes_128_cbc_sha | rsa_aes_128_cbc_sha256 | rsa_aes_256_cbc_sha | rsa_aes_256_cbc_sha256 } *

By default, an SSL server policy supports all cipher suites.

5.     (Optional.) Set the maximum number of sessions that the SSL server can cache and the session cache timeout time.

session { cachesize size | timeout time } *

By default, the SSL server can cache a maximum of 500 sessions, and the session cache timeout time is 3600 seconds.

6.     Enable mandatory or optional SSL client authentication.

client-verify { enable | optional }

By default, SSL client authentication is disabled. The SSL server does not perform digital certificate-based authentication on SSL clients.

When authenticating a client by using the digital certificate, the SSL server verifies the certificate chain presented by the client. It also verifies that the certificates in the certificate chain (except the root CA certificate) are not revoked.

7.     (Optional.) Enable the SSL server to send the complete certificate chain to the client during SSL negotiation.

certificate-chain-sending enable

By default, the SSL server sends the server certificate rather than the complete certificate chain to the client during negotiation.

Configuring an SSL client policy

About this task

An SSL client policy is a set of SSL parameters used by the device when the device acts as the SSL client. The SSL client uses the settings in the client policy to establish a connection to the server. An SSL client policy takes effect only after it is associated with an application such as FTP. For information about FTP, see Fundamental Configuration Guide.

Restrictions and guidelines

As a best practice to enhance system security, do not specify SSL 3.0 for the SSL client policy.

Procedure

1.     Enter system view.

system-view

2.     Create an SSL client policy and enter its view.

ssl client-policy policy-name

3.     Specify a PKI domain for the SSL client policy.

pki-domain domain-name

By default, no PKI domain is specified for an SSL client policy.

If SSL client authentication is required, you must specify a PKI domain and request a local certificate for the SSL client in the PKI domain.

For information about configuring a PKI domain, see "Configuring PKI."

4.     Specify the preferred cipher suite for the SSL client policy.

In non-FIPS mode:

prefer-cipher { dhe_rsa_aes_128_cbc_sha | dhe_rsa_aes_128_cbc_sha256 | dhe_rsa_aes_256_cbc_sha | dhe_rsa_aes_256_cbc_sha256 | ecdhe_ecdsa_aes_128_cbc_sha256 | ecdhe_ecdsa_aes_128_gcm_sha256 | ecdhe_ecdsa_aes_256_cbc_sha384 | ecdhe_ecdsa_aes_256_gcm_sha384 | ecdhe_rsa_aes_128_cbc_sha256 | ecdhe_rsa_aes_128_gcm_sha256 | ecdhe_rsa_aes_256_cbc_sha384 | ecdhe_rsa_aes_256_gcm_sha384 | exp_rsa_des_cbc_sha | exp_rsa_rc2_md5 | exp_rsa_rc4_md5 | rsa_3des_ede_cbc_sha | rsa_aes_128_cbc_sha | rsa_aes_128_cbc_sha256 | rsa_aes_256_cbc_sha | rsa_aes_256_cbc_sha256 | rsa_des_cbc_sha | rsa_rc4_128_md5 | rsa_rc4_128_sha } *

By default, the preferred cipher suites of an SSL client policy are dhe_rsa_aes_128_cbc_sha, dhe_rsa_aes_256_cbc_sha, rsa_3des_ede_cbc_sha, rsa_aes_128_cbc_sha, and rsa_aes_256_cbc_sha.

In FIPS mode:

prefer-cipher { ecdhe_ecdsa_aes_128_cbc_sha256 | ecdhe_ecdsa_aes_128_gcm_sha256 | ecdhe_ecdsa_aes_256_cbc_sha384 | ecdhe_ecdsa_aes_256_gcm_sha384 | ecdhe_rsa_aes_128_cbc_sha256 | ecdhe_rsa_aes_128_gcm_sha256 | ecdhe_rsa_aes_256_cbc_sha384 | ecdhe_rsa_aes_256_gcm_sha384 | rsa_aes_128_cbc_sha | rsa_aes_128_cbc_sha256 | rsa_aes_256_cbc_sha | rsa_aes_256_cbc_sha256 } *

By default, the preferred cipher suites of an SSL client policy are rsa_3des_ede_cbc_sha, rsa_aes_128_cbc_sha, and rsa_aes_256_cbc_sha.

5.     Specify the SSL protocol version for the SSL client policy.

In non-FIPS mode:

version { ssl3.0 | tls1.0 | tls1.1 | tls1.2 }

In FIPS mode:

version { tls1.0 | tls1.1 | tls1.2 }

By default, an SSL client policy uses TLS 1.0.

6.     Enable the SSL client to authenticate servers through digital certificates.

server-verify enable

By default, SSL server authentication is enabled.

Disabling SSL protocol versions for the SSL server

About this task

To enhance security, you can disable the SSL server from using specific SSL protocol versions for session negotiation.

You can disable an SSL protocol version for the SSL server in system view or in SSL server policy view. The SSL server can use an SSL protocol version for session negotiation only when the status of the SSL protocol version in the SSL server policy is Enabled. The status of an SSL protocol version in an SSL server policy is determined in the following sequence:

1.     Configuration of the version disable command in SSL server policy view.

2.     Configuration of the ssl version disable command in system view.

3.     Default setting (Enabled).

Make sure the SSL server is allowed to use a minimum of one SSL protocol version for session negotiation.

Restrictions and guidelines

Disabling an SSL protocol version does not affect the availability of earlier SSL protocol versions. For example, if you execute the ssl version tls1.1 disable command, TLS 1.1 is disabled but TLS 1.0 is still available for the SSL server.

Procedure

1.     Enter system view.

system-view

2.     Disable SSL protocol versions for the SSL server in system view.

In non-FIPS mode:

ssl version { ssl3.0 | tls1.0 | tls1.1 | tls1.2 } * disable

By default, the SSL server supports SSL 3.0, TLS 1.0, TLS 1.1, and TLS 1.2.

In FIPS mode:

ssl version { tls1.0 | tls1.1 | tls1.2 } * disable

By default, the SSL server supports TLS 1.0, TLS 1.1, and TLS 1.2.

3.     Enter SSL server policy view.

ssl server-policy policy-name

4.     Disable SSL protocol versions in the SSL server policy.

In non-FIPS mode:

version { ssl3.0 | tls1.0 | tls1.1 | tls1.2 } * disable

In FIPS mode:

version { tls1.0 | tls1.1 | tls1.2 } * disable

By default, an SSL protocol version is enabled in an SSL sever policy unless it is explicitly disabled in system view by using the ssl version disable command.

Disabling SSL session renegotiation

About this task

The SSL session renegotiation feature enables the SSL client and server to reuse a previously negotiated SSL session for an abbreviated handshake.

Disabling session renegotiation causes more computational overhead to the system but it can avoid potential risks.

Restrictions and guidelines

Disable SSL session renegotiation only when explicitly required.

Procedure

1.     Enter system view.

system-view

2.     Disable SSL session renegotiation.

ssl renegotiation disable

By default, SSL session renegotiation is enabled.

Display and maintenance commands for SSL

Execute display commands in any view.

Task

Command

Display SSL client policy information.

display ssl client-policy [ policy-name ]

Display SSL server policy information.

display ssl server-policy [ policy-name ]

SSL server policy configuration examples

Example: Configuring an SSL server policy

Network configuration

As shown in Figure 3, users need to access and manage the device through the Web page.

To protect the device and prevent data from being eavesdropped or tampered with, configure the device to be accessible through HTTPS only.

In this example, the CA server runs Windows Server and has the SCEP plug-in installed.

To meet the network requirements, perform the following tasks:

·     Configure the device as the HTTPS server and request a server certificate for the device.

·     Request a client certificate for the host so that the device can authenticate the identity of the host.

Figure 3 Network diagram

Procedure

1.     Make sure the device, the host, and the CA server can reach each other. (Details not shown.)

2.     Configure the HTTPS server on the device:

# Create a PKI entity named en. Set the common name and FQDN for the entity.

<Device> system-view

[Device] pki entity en

[Device-pki-entity-en] common-name http-server1

[Device-pki-entity-en] fqdn ssl.security.com

[Device-pki-entity-en] quit

# Create PKI domain 1 and specify CA server as the name of the trusted CA. Set the URL of the registration server to http://10.1.2.2/certsrv/mscep/mscep.dll, the authority for certificate request to RA, and the entity for certificate request to en. Set the URL of the CRL repository to http://10.1.2.2/CertEnroll/caserver.crl.

[Device] pki domain 1

[Device-pki-domain-1] ca identifier CA server

[Device-pki-domain-1] certificate request url http://10.1.2.2/certsrv/mscep/mscep.dll

[Device-pki-domain-1] certificate request from ra

[Device-pki-domain-1] certificate request entity en

[Device-pki-domain-1] crl url http://10.1.2.2/CertEnroll/caserver.crl

# Configure a general-purpose RSA key pair named abc and set the key modulus length to 1024 bits.

[Device-pki-domain-1] public-key rsa general name abc length 1024

[Device-pki-domain-1] quit

# Generate RSA key pair abc.

[Device] public-key local create rsa name abc

The range of public key size is (512 ~ 2048).

If the key modulus is greater than 512,it will take a few minutes.

Press CTRL+C to abort.

Input the modulus length [default = 1024]:

Generating Keys...

..........................++++++

.....................................++++++

Create the key pair successfully.

# Obtain the CA certificate.

[Device] pki retrieve-certificate domain 1 ca

The trusted CA's finger print is:

    MD5  fingerprint:7682 5865 ACC2 7B16 6F52 D60F D998 4484

    SHA1 fingerprint:DF6B C53A E645 5C81 D6FC 09B0 3459 DFD1 94F6 3DDE

Is the finger print correct?(Y/N):y

Retrieved the certificates successfully.

# Request a server certificate for the device.

[Device] pki request-certificate domain 1

Start to request general certificate ...

Certificate requested successfully.

# Create an SSL server policy named myssl.

[Device] ssl server-policy myssl

# Specify PKI domain 1 for the SSL server policy.

[Device-ssl-server-policy-myssl] pki-domain 1

# Enable client authentication.

[Device-ssl-server-policy-myssl] client-verify enable

[Device-ssl-server-policy-myssl] quit

# Configure the HTTPS service to use SSL server policy myssl.

[Device] ip https ssl-server-policy myssl

# Enable the HTTPS service.

[Device] ip https enable

# Create a local user named usera and set the password. Configure the service type to https, and user role to network-admin.

[Device] local-user usera

[Device-luser-usera] password simple 123456TESTplat&!

[Device-luser-usera] service-type https

[Device-luser-usera] authorization-attribute user-role network-admin

3.     Request a client certificate for the host:

a.     Launch IE on the host, and then enter http://10.1.2.2/certsrv in the address bar.

b.     Request a client certificate for the host. (Details not shown.)

Verifying the configuration

Perform the following tasks on the host:

1.     Launch IE and enter https://10.1.1.1 in the address bar.

2.     Select the certificate issued by the CA server to the host.

The login page of the device should appear.

3.     Enter username usera and password 123.

Verify that now you can log in to the Web interface to access and manage the device.

 

  • Cloud & AI
  • InterConnect
  • Intelligent Computing
  • Security
  • SMB Products
  • Intelligent Terminal Products
  • Product Support Services
  • Technical Service Solutions
All Services
  • Resource Center
  • Policy
  • Online Help
All Support
  • Become a Partner
  • Partner Resources
  • Partner Business Management
All Partners
  • Profile
  • News & Events
  • Online Exhibition Center
  • Contact Us
All About Us
新华三官网