Last update: 07/02/2015

The configuration of SSL and TLS is critical. Use of weak ciphers or a non-optimised SSL setup may reduce the security level of your website. With the last revelations from NSA's spy programs, we need to tune our configurations and choose the right setup to secure our communications. This page is dedicated to SSL and TLS configuration for Apache and nginx, the most used web servers.

I use the following sources to keep my SSL and TLS configurations update-to-date.

Keep in mind that security is always a concession between the most secure configuration and opening your server/services to the world.

After each change of your configuration, you can use the famous SSL Labs test from Qualys company to check the resistance of your setup. Also you can verify the compatibility with differents versions of the most used browsers.

Summary

Certificate best practices

  • Use a minimum 2048-bits private key
  • Renew your certificates every year, change your private key every year
  • Use strong certificate signature algorithms. SHA1 is weak, use SHA2 signature.

SSL and TLS best practices

  • Disable SSLv2. SSLv2 is deprecated since many years. Most of the library on GNU/Linux are compiled with the SSLv2 support
  • Disable SSLv3. The recent (2014, POODLE) security issues with SSLv3 create a massive understanding about the weakness of this protocol
  • TLS v1.0 still secure for the moment but you have to restrict chipers used
  • TLS v1.1 et TLS v1.2 are secure
  • Disable TLS compression (CRIME attack)
  • Disable RC4 ciphers
  • Disable DES ciphers
  • Use forward secrecy
  • Always use the latest version of OpenSSL !
  • Encrypt 100% of your website
  • Use HTTP Strict Transport Security

Apache2 configuration

This configuration, with a minimum SHA256 certificate give you the famous A+ grade on SSL Labs.

SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCompression off
SSLCipherSuite 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA'
Header add Strict-Transport-Security: "max-age=15768000 ; includeSubDomains"

nginx configuration

This configuration, with a minimum SHA256 certificate give you the famous A+ grade on SSL Labs.

ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA';
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";