You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by karl karloff <ka...@hotmail.com> on 2015/05/22 23:08:29 UTC

[users@httpd] SSLOpenSSLConfCmd DHParameters and 2048-bit groups in Apache httpd 2.2.29 (current)

In light of the recent publicity of the "logjam attack" (e.g. https://weakdh.org/) Diffie-Hellman key exchange has come under some scrutiny.

Industry wisdom seems to suggest that to prevent possible nation-state decryption an httpd server should generate a 2048-bit group of parameters (for Diffie-Hellman key exchange).

This is a trivial task to complete using OpenSSL using a command such as the following:

        openssl dhparam -out dhparams.pem 2048

Apache httpd 2.4.8+ (including 2.4.12 -- current) appear to have support for this using the a configuration entry similar to this one:

        SSLOpenSSLConfCmd DHParameters "/PATH/dhparams.pem"

It has also been reported that Apache httpd 2.4.7+ can support this by appending the DH PARAMETERS to the end of the ssl certificate file, e.g.:

        -----BEGIN CERTIFICATE-----
        CERTIFICATE_DATA_HERE
        -----END CERTIFICATE-----
        -----BEGIN DH PARAMETERS-----
        GENERATED_DH_PARAMETERS_HERE
        -----END DH PARAMETERS-----

This has been noted in the httpd SSL FAQ documentation (https://httpd.apache.org/docs/current/ssl/ssl_faq.html#javadh)


I am unable to find any documentation on this feature set for anything in the httpd 2.2.x branch including the 2.2.29 (current) release.

I have attempted to use both of these methods in httpd 2.2.29, but have been unable to do so successfully.

Are 2048-bit Diffie-Hellman groups supported in the Apache httpd 2.2.x branch?  Is it possible that this feature will be ported to the 2.2.x branch?  Has anyone already done so?

Thanks,
Karl
 		 	   		  
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] SSLOpenSSLConfCmd DHParameters and 2048-bit groups in Apache httpd 2.2.29 (current)

Posted by Yann Ylavic <yl...@gmail.com>.

On Fri, May 22, 2015 at 11:08 PM, karl karloff <ka...@hotmail.com> wrote:
>
> Apache httpd 2.4.8+ (including 2.4.12 -- current) appear to have support for this using the a configuration entry similar to this one:
>
>         SSLOpenSSLConfCmd DHParameters "/PATH/dhparams.pem"
>
> It has also been reported that Apache httpd 2.4.7+ can support this by appending the DH PARAMETERS to the end of the ssl certificate file, e.g.:
>
>         -----BEGIN CERTIFICATE-----
>         CERTIFICATE_DATA_HERE
>         -----END CERTIFICATE-----
>         -----BEGIN DH PARAMETERS-----
>         GENERATED_DH_PARAMETERS_HERE
>         -----END DH PARAMETERS-----

Unless you are using static DH certificates (not RSA nor DSS, quite
rare), you don't really need the above in Apache httpd 2.4.7 and
earlier.
The ephemeral/anonymous DH ([EC]DHE, those providing perfect forward
secrecy) will be computed automatically from standardized DH primes
(parameters) whose size is based on the server certificate's modulus
(namely 2048/3072/4096/6144/8192, or still 1024 if the certificates is
a -not recommended- 1024 bits one).

>
> This has been noted in the httpd SSL FAQ documentation (https://httpd.apache.org/docs/current/ssl/ssl_faq.html#javadh)

This doc is hence only about (still) using 1024 bits DH even when the
certificate is 2048 bits (to address old JRE limits and preserve
compatibility).

>
>
> I am unable to find any documentation on this feature set for anything in the httpd 2.2.x branch including the 2.2.29 (current) release.
>
> I have attempted to use both of these methods in httpd 2.2.29, but have been unable to do so successfully.
>
> Are 2048-bit Diffie-Hellman groups supported in the Apache httpd 2.2.x branch?  Is it possible that this feature will be ported to the 2.2.x branch?  Has anyone already done so?

The good news is that this has been backported in the upcoming 2.2.30 (soon).
Not SSLOpenSSLConfCmd though, but you probably don't need it for this
purpose as explained above, 2048 bits or more [EC]DHE should work out
of the box.

Regards,
Yann.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org