TLS 1.2: Weak Ciphers – Fix Guide

TL;DR

Yes, weak cipher suites in TLS 1.2 are a real concern. They can allow attackers to decrypt your website traffic or impersonate your server. This guide shows you how to identify and fix them.

Identifying Weak Cipher Suites

1. Understand the Problem: Older cipher suites (like those using RC4, DES, 3DES, or MD5) are vulnerable to known attacks. Modern browsers are dropping support for these, but older systems might still be negotiating them if not configured correctly.
2. Use an Online Scanner: Several free tools can check your server’s TLS configuration.
   • SSL Labs SSL Server Test is a popular and thorough option. It provides a detailed report with recommendations.
   • TestSSL.sh offers more granular control via command-line testing.
3. Command Line Testing (OpenSSL): You can use OpenSSL to manually check the cipher suites your server supports.

   openssl s_client -connect yourdomain.com:443

   Look for lines starting with “Cipher Suite:”. Pay attention to any suites that are considered weak (see list below).

4. Weak Cipher Suites to Watch Out For:
   • RC4 (all variants)
   • DES, 3DES
   • MD5-based ciphers
   • Export ciphers (often with “EXPORT” in the name)
   • Any cipher suite using SHA1 for key exchange or signatures.

Fixing Weak Cipher Suites

1. Identify Your Web Server: Common servers include Apache, Nginx, and IIS.
2. Apache Configuration: Edit your Apache configuration file (usually httpd.conf or a site-specific config in sites-available/).

   SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4

   Restart Apache after making changes:

   sudo systemctl restart apache2

3. Nginx Configuration: Edit your Nginx configuration file (usually in /etc/nginx/conf.d/ or /etc/nginx/sites-available/).

   ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256;

   Restart Nginx after making changes:

   sudo systemctl restart nginx

4. IIS Configuration (Windows Server): Use the IIS Manager.
   1. Open IIS Manager.
   2. Select your server in the Connections pane.
   3. Double-click “SSL Settings”.
   4. In the “Cipher Suites” section, uncheck any weak or outdated ciphers. Ensure strong suites like TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 are enabled.

   Restart IIS after making changes.

5. Prioritize Strong Ciphers: Place the strongest ciphers at the beginning of your cipher suite list. This encourages clients to negotiate the most secure options first.
6. Disable TLS 1.0 and 1.1: These older protocols have known vulnerabilities. Focus on TLS 1.2 and, ideally, TLS 1.3.
   • Apache: Use the SSLProtocol directive (e.g., SSLProtocol all -TLSv1 -TLSv1.1).
   • Nginx: Use the ssl_protocols directive (e.g., ssl_protocols TLSv1.2 TLSv1.3).
7. Re-test: After making changes, re-run your SSL Labs test or OpenSSL command to verify that weak ciphers are no longer supported and that strong ciphers are prioritized.

Further Considerations

• Regular Updates: Keep your web server software up to date. Security patches often address cipher suite vulnerabilities.
• Certificate Authority (CA): Use a reputable CA for your SSL/TLS certificates.
• Forward Secrecy: Enable Perfect Forward Secrecy (PFS) by using ciphers like ECDHE and DHE. This protects past sessions even if your private key is compromised.