Bug 1034984 - httpd Cannot Disable TLSv1.2
Summary: httpd Cannot Disable TLSv1.2
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: httpd
Version: 6.5
Hardware: x86_64
OS: Linux
unspecified
high
Target Milestone: rc
: ---
Assignee: Web Stack Team
QA Contact: Ondřej Pták
URL:
Whiteboard:
Keywords:
: 1038648 (view as bug list)
Depends On:
Blocks: 1038651 1056252 1070830 1035371 1090445
TreeView+ depends on / blocked
 
Reported: 2013-11-26 19:49 UTC by Jason McCormick
Modified: 2018-12-09 17:19 UTC (History)
26 users (show)

(edit)
Cause: mod_ssl did not allow using TLSv1.2 in its directives.

Consequence: It was not possible to setup mod_ssl to disable TLSv1.2.

Fix: Support for TLSv1.2 configuration options has been added.

Result: mod_ssl now TLSv1.2 in its directives and it is possible to disable TLSv1.2.
Clone Of:
: 1035371 (view as bug list)
(edit)
Last Closed: 2014-10-14 08:07:47 UTC


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2014:1386 normal SHIPPED_LIVE httpd bug fix and enhancement update 2014-10-14 01:27:20 UTC

Description Jason McCormick 2013-11-26 19:49:41 UTC
The release of Red Hat Enterprise Linux 6.5 provided openssl-1.0.1e which enables TLSv1.2. However the ability to disable TLSv1.2 was not backported into the SSLProtocol directive for httpd/mod_ssl. 

Internet Explorer 10 seems to have a bug whereby it cannot handle certificates or chain certificates/CAs using SHA512 signatures as part of the protocol initiation for TLSv1.2. Even specifying an SSLCipherSuite that doesn't permit TLSv1.2 ciphers does not disable the use of TLSv1.2. There is no way to disable TLSv1.2 which is broken for certain use cases. 

Our CA structure is a multi-tier structure that uses SHA512 as the signature algorithm. Whenever an SHA512-certificate must be passed either as the certificate for the webserver itself or is present within the ChainFile or the CA, the combination of EL6.5 openssl + httpd + Internet Explorer 10 causes an SSL session establishment error.

Apache 2.2 and 2.4 should support the use of 'SSLProtocol -TLSv1.2' (see http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslprotocol) but the version shipped with Red Hat EL6.5 does not support that directive.
 
Version-Release number of selected component (if applicable):
httpd-2.2.15-29.el6_4.x86_64
mod_ssl-2.2.15-29.el6_4.x86_64
openssl-1.0.1e-16.el6_5.x86_64

Steps to Reproduce:

1. Upgrade to openssl-1.0.1e with EL6.5

2. Configure the following in Apache:

SSLCipherSuite AES:-TLSv1.2

3. Restart httpd.

4. Connect with Firefox or Safari or Chrome or 'openssl s_client' and the SSL connection type will be some form of a TLSv1.2 connection regardless. Connect with IE and you receive an error about SSL handshaking.

5. Configure the following in Apache which should be supported when using openssl >= 1.0.1 per Apache's docs:

SSLProtocol all -SSLv2 -TLSv1.2

Actual results:

6. Restart httpd and the following error will occur:

SSLProtocol: Illegal protocol 'TLSv1.2'

Expected results:

6. Restart httpd and apache no longer uses TLSv1.2.

Comment 2 Jason McCormick 2013-11-26 20:04:34 UTC
To be clear, the version that worked properly was openssl-1.0.0-27.el6_4.2. The upgrade to 1.0.1e-16.el6_5 (and also 1.0.1e-15.el6) are the openssl packages that began the issue.

Comment 3 Joe Orton 2013-11-26 20:18:32 UTC
Ah, that's annoying.  Sorry about that.

If this is a issue for you in production can you please escalate this through Red Hat Support, and we can get you some test packages, and we can prioritize the fix appropriately.

https://www.redhat.com/support/process/production/#howto

Comment 4 Jason McCormick 2013-11-26 20:22:47 UTC
Thanks Joe, I was doing just that when you filed this comment. Red Hat support case #00988054.

Comment 5 Simon 2013-12-17 17:02:19 UTC
I've just hit this because some of my Subversion clients aren't correctly negotiating client certificates at TLSv1.2. In particular, all recent Tortoise SVN, http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=3041429 and e.g. Subversion 1.6.18 on Fedora 16 fail once OpenSSL 1.0.1 is updated on the server.

I realise this is a client-side problem, but there's currently no way to configure httpd to workaround such troublesome clients....

Comment 17 Joe Orton 2014-01-24 15:52:48 UTC
*** Bug 1038648 has been marked as a duplicate of this bug. ***

Comment 19 JQ 2014-02-13 20:25:13 UTC
This missing backport functionality also affects RHEL 6.4, and we are experiencing similar issues with attempting to disable TLS for our Subversion hosting.  Disabling ciphers, as noted in #1 and #5, doesn't solve the issue because certain clients (and the tools which leverage their SSL stacks) don't recognize that the protocol is not allowed.

One thing to note is that the Apache configuration change being requested for backport is supported by OpenSSL 1.0.1e but was not added to Apache's mod_ssl until 2.2.24 and 2.4.0.

Comment 21 Egon Kastelijn 2014-03-06 15:37:21 UTC
Is there any progress on this issue?

Comment 25 Jason McCormick 2014-05-15 13:33:17 UTC
Is this going to be released as a update for EL 6.6 or before that?

Comment 26 Joe Orton 2014-05-15 13:41:09 UTC
Jason, this fix is currently scheduled for inclusion in 6.6.  We will get a test build for customers interested in trying out the fix soon.

Comment 27 JQ 2014-05-15 19:01:44 UTC
As one of those customers, will this package also be usable on a 6.5 build?

Comment 32 JQ 2014-08-01 20:21:44 UTC
Note: This parsing option is not fixed in httpd-2.2.15-31.el6 .  Attempting to turn off TLSv1.1 in SSLProtocol resulted in a 'unknown protocol' error.

Comment 33 Ondřej Pták 2014-08-28 12:00:38 UTC
httpd-2.2.15-31.el6_5, openssl-1.0.1e-28.el6

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: Default settings
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Connecting to https server with tls1 (Expected 0, got 0)
:: [   PASS   ] :: Connecting to https server with tls1.1 (Expected 0, got 0)
:: [   PASS   ] :: Connecting to https server with tls1.2 (Expected 0, got 0)
:: [   LOG    ] :: Duration: 3m 1s
:: [   LOG    ] :: Assertions: 3 good, 0 bad
:: [   PASS   ] :: RESULT: Default settings

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: Disabled TLSv1.2
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Command 'echo 'SSLProtocol all -TLSv1.2' > /etc/httpd/conf.d/tls_version.conf' (Expected 0, got 0)
:: [   FAIL   ] :: Command 'service httpd restart' (Expected 0, got 1)
:: [   FAIL   ] :: Connecting to https server with tls1 (Expected 0, got 1)
:: [   FAIL   ] :: Connecting to https server with tls1.1 (Expected 0, got 1)
:: [   PASS   ] :: Connecting to https server with tls1.2 (Expected 1, got 1)
:: [   LOG    ] :: Duration: 1s
:: [   LOG    ] :: Assertions: 2 good, 3 bad
:: [   FAIL   ] :: RESULT: Disabled TLSv1.2

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: Disabled TLSv1.2 and TLSv1.1
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Command 'echo 'SSLProtocol all -TLSv1.2 -TLSv1.1' > /etc/httpd/conf.d/tls_version.conf' (Expected 0, got 0)
:: [   FAIL   ] :: Command 'service httpd restart' (Expected 0, got 1)
:: [   FAIL   ] :: Connecting to https server with tls1 (Expected 0, got 1)
:: [   PASS   ] :: Connecting to https server with tls1.1 (Expected 1, got 1)
:: [   PASS   ] :: Connecting to https server with tls1.2 (Expected 1, got 1)
:: [   LOG    ] :: Duration: 2s
:: [   LOG    ] :: Assertions: 3 good, 2 bad
:: [   FAIL   ] :: RESULT: Disabled TLSv1.2 and TLSv1.1

^^^ restarting httpd caused this error:
Starting httpd: Syntax error on line 1 of /etc/httpd/conf.d/tls_version.conf:
SSLProtocol: Illegal protocol 'TLSv1.2'



httpd-2.2.15-38.el6, openssl-1.0.1e-28.el6
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: Default settings
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Connecting to https server with tls1 (Expected 0, got 0)
:: [   PASS   ] :: Connecting to https server with tls1.1 (Expected 0, got 0)
:: [   PASS   ] :: Connecting to https server with tls1.2 (Expected 0, got 0)
:: [   LOG    ] :: Duration: 3m 2s
:: [   LOG    ] :: Assertions: 3 good, 0 bad
:: [   PASS   ] :: RESULT: Default settings

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: Disabled TLSv1.2
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Command 'echo 'SSLProtocol all -TLSv1.2' > /etc/httpd/conf.d/tls_version.conf' (Expected 0, got 0)
:: [   PASS   ] :: Command 'service httpd restart' (Expected 0, got 0)
:: [   PASS   ] :: Connecting to https server with tls1 (Expected 0, got 0)
:: [   PASS   ] :: Connecting to https server with tls1.1 (Expected 0, got 0)
:: [   FAIL   ] :: Connecting to https server with tls1.2 (Expected 1, got 0)
:: [   LOG    ] :: Duration: 3m 2s
:: [   LOG    ] :: Assertions: 4 good, 1 bad
:: [   FAIL   ] :: RESULT: Disabled TLSv1.2

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: Disabled TLSv1.2 and TLSv1.1
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Command 'echo 'SSLProtocol all -TLSv1.2 -TLSv1.1' > /etc/httpd/conf.d/tls_version.conf' (Expected 0, got 0)
:: [   PASS   ] :: Command 'service httpd restart' (Expected 0, got 0)
:: [   PASS   ] :: Connecting to https server with tls1 (Expected 0, got 0)
:: [   FAIL   ] :: Connecting to https server with tls1.1 (Expected 1, got 0)
:: [   FAIL   ] :: Connecting to https server with tls1.2 (Expected 1, got 0)
:: [   LOG    ] :: Duration: 3m 2s
:: [   LOG    ] :: Assertions: 3 good, 2 bad
:: [   FAIL   ] :: RESULT: Disabled TLSv1.2 and TLSv1.1

Note:
The test case can be wrong, but it passed on httpd24-httpd-2.4.6-19.el6 after fix in cloned bug 1035371

Comment 36 Jason McCormick 2014-08-28 14:18:49 UTC
Testing on httpd-2.2.15-31.el6_5 I get "SSLProtocol: Illegal protocol" for TLSv1.0, TLSv1.1, and TLSv1.2. I didn't think any fix had been published for EL6 yet in httpd-2.2, has it? Are there test patches or RPMs to test?

Comment 38 Ondřej Pták 2014-09-09 14:06:17 UTC
httpd-2.2.15-30.el6_5
=====================
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: Disabled TLSv1.2
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   FAIL   ] :: Connecting to https server with ssl3 (Expected 0, got 1)
:: [   FAIL   ] :: Connecting to https server with tls1 (Expected 0, got 1)
:: [   FAIL   ] :: Connecting to https server with tls1.1 (Expected 0, got 1)
:: [   PASS   ] :: Connecting to https server with tls1.2 (Expected 1, got 1)
:: [   FAIL   ] :: RESULT: Disabled TLSv1.2

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: Disabled TLSv1.2 and TLSv1.1
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   FAIL   ] :: Connecting to https server with ssl3 (Expected 0, got 1)
:: [   FAIL   ] :: Connecting to https server with tls1 (Expected 0, got 1)
:: [   PASS   ] :: Connecting to https server with tls1.1 (Expected 1, got 1)
:: [   PASS   ] :: Connecting to https server with tls1.2 (Expected 1, got 1)
:: [   FAIL   ] :: RESULT: Disabled TLSv1.2 and TLSv1.1


httpd-2.2.15-36.el6
===================
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: Disabled TLSv1.2
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Connecting to https server with ssl3 (Expected 0, got 0)
:: [   PASS   ] :: Connecting to https server with tls1 (Expected 0, got 0)
:: [   PASS   ] :: Connecting to https server with tls1.1 (Expected 0, got 0)
:: [   PASS   ] :: Connecting to https server with tls1.2 (Expected 1, got 1)
:: [   PASS   ] :: RESULT: Disabled TLSv1.2

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: Disabled TLSv1.2 and TLSv1.1
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Connecting to https server with ssl3 (Expected 0, got 0)
:: [   PASS   ] :: Connecting to https server with tls1 (Expected 0, got 0)
:: [   PASS   ] :: Connecting to https server with tls1.1 (Expected 1, got 1)
:: [   PASS   ] :: Connecting to https server with tls1.2 (Expected 1, got 1)
:: [   PASS   ] :: RESULT: Disabled TLSv1.2 and TLSv1.1

Comment 41 errata-xmlrpc 2014-10-14 08:07:47 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1386.html


Note You need to log in before you can comment on or make changes to this bug.