Disable weak SSL ciphers in JBossWeb, or HTTP connector, in EAP 6
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 6.x
Issue
- Can I specify cipher suites in JBoss application server?
- How to disable weak cipher suites such as RC4 in JBoss?
- Our security scan gave the following finding 'SSL Server Supports Weak MAC Algorithms'.
- How can I make SSL stronger?
- A security scan has found weak ciphers, how to disable it?
- Disabling weak SSL/TLS ciphers in JBossWeb, or web subsystem
Resolution
You can either disable cryptographic algorithms JVM wide as described in this knowledge solution or modify the cipher-suite attribute on the SSL configuration in the web subsystem as described in this solution.
With the JBoss CLI, you can modify the ciphers with a command similar the following replacing with the appropriate profile name (or omit the /profile=default portion for standalone server).
/profile=default/subsystem=web/connector=HTTPS/ssl=configuration/:write-attribute(name=cipher-suite, value="TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA")
The example only lists two possible ciphers, but real-world examples will likely use more.
This will update the $JBOSS_HOME/standalone/configuration/standalone.xml or $JBOSS_HOME/domain/configuration/domain.xml with the following:
<subsystem xmlns="urn:jboss:domain:web:1.4" default-virtual-server="default-host" native="false">
<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
<ssl name="https" ... cipher-suite="TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA"/>
</connector>
Additional information is available in the This content is not included.SSL Connector Reference section of the JBoss 6 Security Guide.
Things to note:
- The JDK will check the provided list against the default/supported list. As soon as it has one match, it will limit the ciphers to what you specified.
- Suppose you have a typo:
ciphers="SSL_RSA_WITH_RC4_128_OOPS", the JDK will not find a match and will use the default cipher list instead. - By default, the JDK limits the key length (currently) to 128 bit. To enable unlimited strength keys, you need to get the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files [[1](http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html)]. Download & unzip, then follow the included readme. Note that local country laws might forbid the use of these.
- The list of ciphers can also be referred from Content from docs.oracle.com is not included.this oracle JDK 7 link
Root Cause
For EAP 4 or 5 see Disable weak SSL ciphers in JBoss EAP 4.x and 5.x
Diagnostic Steps
Cipher suites are specific to JDK version and vendor, so to check the default cipher suites use the following code.
A more extensive version of the below code which also lists the supported EC curves, can be downloaded as a maven project with a pre-build "showciphers.jar" in the root directory. See the attachment "showcipherdistro.zip"
Execute (uses default SunEC provider)
# java -jar showciphers.jar
or specify a custom provider:
# java -jar showciphers.jar -p provider
import java.security.NoSuchAlgorithmException;
import javax.crypto.Cipher;
import javax.net.ssl.SSLSocketFactory;
public class ShowCiphers {
public static void main(String[] args) throws NoSuchAlgorithmException {
SSLSocketFactory fac = (SSLSocketFactory)SSLSocketFactory.getDefault();
String[] list = fac.getDefaultCipherSuites();
System.out.println("\nDefaultCipherSuites:");
for (String s : list) {
System.out.println(s);
}
list = fac.getSupportedCipherSuites();
System.out.println("\nSupportedCipherSuites:");
for (String s : list) {
System.out.println(s);
}
// as an example show the key lenght supported (or allowed)
System.out.println("\nAES max key length: " + Cipher.getMaxAllowedKeyLength("AES"));
}
}
Run the program with the same JDK used to run JBoss EAP because cipher suites are specific to JDK version and vendor.
Here is an example of the output:
DefaultCipherSuites:
SSL_RSA_WITH_RC4_128_MD5
SSL_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
SSL_RSA_WITH_DES_CBC_SHA
SSL_DHE_RSA_WITH_DES_CBC_SHA
SSL_DHE_DSS_WITH_DES_CBC_SHA
SSL_RSA_EXPORT_WITH_RC4_40_MD5
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
SupportedCipherSuites:
SSL_RSA_WITH_RC4_128_MD5
SSL_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
SSL_RSA_WITH_DES_CBC_SHA
SSL_DHE_RSA_WITH_DES_CBC_SHA
SSL_DHE_DSS_WITH_DES_CBC_SHA
SSL_RSA_EXPORT_WITH_RC4_40_MD5
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
SSL_RSA_WITH_NULL_MD5
SSL_RSA_WITH_NULL_SHA
SSL_DH_anon_WITH_RC4_128_MD5
TLS_DH_anon_WITH_AES_128_CBC_SHA
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
SSL_DH_anon_WITH_DES_CBC_SHA
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
TLS_KRB5_WITH_RC4_128_SHA
TLS_KRB5_WITH_RC4_128_MD5
TLS_KRB5_WITH_3DES_EDE_CBC_SHA
TLS_KRB5_WITH_3DES_EDE_CBC_MD5
TLS_KRB5_WITH_DES_CBC_SHA
TLS_KRB5_WITH_DES_CBC_MD5
TLS_KRB5_EXPORT_WITH_RC4_40_SHA
TLS_KRB5_EXPORT_WITH_RC4_40_MD5
TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
AES max key length: 128
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.