2 Configuring SSL and TLS Security
Oracle HTTP Server secures communication by using a Secure Sockets Layer (SSL) protocol.
SSL secures communication by providing message encryption, integrity, and authentication. The SSL standard allows the involved components such as browsers and HTTP servers to negotiate which encryption, authentication, and integrity mechanisms to use.
This chapter includes the following topics:
- Configuring Protocols and Ciphers
Oracle recommends that you configure Oracle HTTP Server to support only the strongest ciphers and protocols. - Using Server Certificates
Credentials such as certificates, trusted certificates, certificate requests, and private keys are stored in Oracle wallet. - Using Location Directive to Secure URIs
Themod_osslmodule'sSSLCipherSuitedirective can be configured with<Location>blocks to allow only those clients that support strong SSL parameters to access an URI. This forces a renegotiation and allows only the clients that meet the new configuration. - Enabling Perfect Forward Secrecy on Oracle HTTP Server
Perfect Forward Secrecy (PFS) is a feature of specific key agreement protocols that gives assurance that your session keys will not be compromised even if the private key of the server is compromised.
Configuring Protocols and Ciphers
Oracle recommends that you configure Oracle HTTP Server to support only the strongest ciphers and protocols.
Following are the list of preferred protocols and ciphers:
Note:
In this release, the following are the most secure list of protocols and ciphers available. For the updated list of secure ciphers, see My Oracle Support (Doc ID: 2314658.1) "SSL Configuration Required to Secure Oracle HTTP Server After Applying Security Patch Updates".- Protocols
TLSv1.2is the only recommended protocol. - Ciphers
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 SSL_RSA_WITH_AES_128_CBC_SHA SSL_RSA_WITH_AES_256_CBC_SHA
Parent topic: Configuring SSL and TLS Security
Using Server Certificates
Credentials such as certificates, trusted certificates, certificate requests, and private keys are stored in Oracle wallet.
Security best practices for keys and certificates include:
- Using Strong Keys
- Protecting the Keys
- Using Strong Cryptographic Hashing Algorithms
- Using a Certificate That Supports the Required Domain Name
- Using a CA Signed Certificate
Parent topic: Configuring SSL and TLS Security
Using Strong Keys
The private keys used to generate the cipher key must be strong for the anticipated lifetime of the private key and their corresponding certificates.
The best practice is to select a key size of minimum 2048 bits.
Parent topic: Using Server Certificates
Protecting the Keys
Ensure that the wallet containing the private key is stored in a location that is protected from unauthorized access.
Parent topic: Using Server Certificates
Using Strong Cryptographic Hashing Algorithms
Ensure that the certificates are signed using SHA-256 hashing algorithm. Certificates signed using MD5 or SHA-1 algorithms are not trusted by browsers as these algorithms are known to have cryptographic weaknesses.
Parent topic: Using Server Certificates
Using a Certificate That Supports the Required Domain Name
Ensure that the server certificates in your Oracle HTTP server support the required domain name. The domain name or subject of the certificate must match the fully qualified name of the server that presents the certificate. Subject Alternative Name (SAN)s can be used to provide a specific listing of multiple names, in valid certificates.
For example, let us consider web applications accessible at
https://abc.example.com and
https://xyz.example.com. In this case, the certificate lists the
subject's common name attribute as example.com, and lists two SANs -
abc.example.com and xyz.example.com. These
certificates are referred to as multiple domain certificates.
See Using SAN Certificates with Oracle HTTP Server in the Administering Oracle HTTP Server.
Also, ensure that the user does not see any certificate errors upon accessing the web application.
Parent topic: Using Server Certificates
Using a CA Signed Certificate
For Internet facing applications, the certificates should be signed by one of the well-known certificate authorities (CAs) which are automatically trusted by operating systems and browsers.
Parent topic: Using Server Certificates
Using Location Directive to Secure URIs
The mod_ossl module's SSLCipherSuite directive
can be configured with <Location> blocks to allow only those
clients that support strong SSL parameters to access an URI. This forces a
renegotiation and allows only the clients that meet the new
configuration.
Following is an example to configure a location directive to secure an URI:
# be liberal in general -
SSLCipherSuite ALL
<Location "/strong/area">
# but https://hostname/strong/area/ and below requires strong ciphersuites
SSLCipherSuite HIGH
</Location>Parent topic: Configuring SSL and TLS Security
Enabling Perfect Forward Secrecy on Oracle HTTP Server
Perfect Forward Secrecy (PFS) is a feature of specific key agreement protocols that gives assurance that your session keys will not be compromised even if the private key of the server is compromised.
Oracle HTTP Server out of the box configuration does not explicitly enable Perfect Forward Secrecy feature. To enable PFS, do the following configuration changes in the Oracle HTTP Server:
- Configure TLS1.2 protocol for OHS server using SSLProtocol directive. See SSLProtocol Directive in Administering Oracle HTTP Server.
- Enforce the ordering of server cipher suites by setting SSLHonorCipherOrder to
ON. See SSLHonorCipherOrder Directive in Administering Oracle HTTP Server. - Use ECC certificates in Oracle HTTP Server wallet. See Adding an ECC Certificate to Oracle Wallets with orapki in Administering Oracle Fusion Middleware.
- Configure ECDHE_ECDSA Cipher Suites in OHS. For the list of supported ECDHE_ECDSA cipher suites, see SSLCipherSuite Directive in Administering Oracle HTTP Server.
Parent topic: Configuring SSL and TLS Security