How to disable vulnerable SSL 3.0 protocol in proxmox

MicJB

New Member
Feb 27, 2015
12
0
1
London
I've succesfully installed my SSL certificates from StartCom following http://pve.proxmox.com/wiki/HTTPSCertificateConfiguration everything works flawlessly and I'm very happy :D

However testing with https://www.digicert.com/help/ tells me that:

Protocol Supported: TLS 1.2, TLS 1.1, TLS 1.0, SSL 3.0
SSL 3.0 is an outdated protocol version with known vulnerabilities.

So I've disabled it succesfully everywhere, Apache, NGINX etc. however I don't find a config file to disable SSL v3 for proxmox when connecting directly to port 8006 (it's correctly disabled on NGINX reverse proxy on port 443).

Where can I disable SSL 3.0 altogether in proxmox?
Thank you.
Mic
 

wolfgang

Proxmox Retired Staff
Retired Staff
Oct 1, 2014
6,496
496
103
Hi,
SSLv3 is if you have the current version disabled.
We use tlsv1.
TLSv1_1 and TLSv1_2 will come with next release.
 

MicJB

New Member
Feb 27, 2015
12
0
1
London
I see, I'm using 3.3-1, I guess it's been disabled only in 3.4, however it would be nice to not having to reinstall all proxmox installations just to disable SSL 3.0.
Thank you,
Mic
 

Ovidiu

Active Member
Apr 27, 2014
311
10
38
Same situation here, just added my certificates from starttls.com and CHrome is telling me:

Your connection to myhost is encrypted using an obsolete cipher suite.

The connection uses TLS 1.0.


The connection is encrypted using AES_256_CBC, with HMAC-SHA1 for message authentication and DHE_RSA as the key exchange mechanism.

Using Proxmox 4.0-57
 

vkhera

Member
Feb 24, 2015
192
13
18
Maryland, USA
Is starttls issuing certificates signed using SHA1? Not quite sure what is going on because my RapidSSL cert (from GeoTrust) works great with chrome (and any other browser) with zero complaints as installed into PVE 4.

Code:
Your connection to pve1.int.kcilink.com is encrypted using an obsolete cipher suite.

The connection uses TLS 1.0.


The connection is encrypted using AES_256_CBC, with HMAC-SHA1 for message authentication and DHE_RSA as the key exchange mechanism.

So that's the same with yours.

The certificate info shows this for me:

Code:
The identity of this website has been verified by RapidSSL SHA256 CA - G3. No Certificate Transparency information was supplied by the server.

If you run
Code:
openssl x509 -text -in MYCERTFILE.crt -noout
on your certificate, look for the line that specifies "Signature Algorithm". For me it says sha256WithRSAEncryption. The Public Key Algorithm says rsaEncryption.
 

Ovidiu

Active Member
Apr 27, 2014
311
10
38
nope, mine is the same, I think its not the certificate but the protocol the webserver is presenting to the browser.
As the first poster said:

Protocol Supported: TLS 1.2, TLS 1.1, TLS 1.0, SSL 3.0
SSL 3.0 is an outdated protocol version with known vulnerabilities.

So I've disabled it succesfully everywhere, Apache, NGINX etc. however I don't find a config file to disable SSL v3 for proxmox when connecting directly to port 8006 (it's correctly disabled on NGINX reverse proxy on port 443).

Where can I disable SSL 3.0 altogether in proxmox?

So I'm asking how do I disable SSL 3.0 everywhere including in the proxmox GUI?
 

vkhera

Member
Feb 24, 2015
192
13
18
Maryland, USA
My PVE 4 is not showing SSLv3

Code:
% nmap --script +ssl-enum-ciphers -p 8006 pve1


Starting Nmap 6.49BETA6 ( https://nmap.org ) at 2015-11-17 11:06 EST
Nmap scan report for pve1 (192.168.7.16)
Host is up (0.00033s latency).
rDNS record for 192.168.7.16: pve1.int.kcilink.com
PORT     STATE SERVICE
8006/tcp open  unknown
| ssl-enum-ciphers:
|   TLSv1.0:
|     ciphers:
|       TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (dh 1544) - D
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1544) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1544) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 1544) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 1544) - A
|       TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 1544) - A
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - A
|       TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A
|     compressors:
|       NULL
|     cipher preference: client
|     warnings:
|       Key exchange parameters of lower strength than certificate key
|_  least strength: D


Nmap done: 1 IP address (1 host up) scanned in 0.31 seconds

compare that command to www.google.com which will show "SSLv3 ciphers". So as far as I see PVE 4.0 GUI is not supporting SSLv3 other than some ciphers between TLSv1 and SSLv3 that may overlap. Perhaps your scanning tool is confusing the support of those cipers as support for SSLv3.
 

Ovidiu

Active Member
Apr 27, 2014
311
10
38
Didn't quite work and I waited long enough if this was cached somewhere.
2015-12-02_1631.png
my /etc/default/pveproxy contains:

Code:
CIPHERS="ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA"

this should have fixed it I assumed.

can someone who successfully managed to not get a warning with his SSL certificate post his settings please?
 

pascal

Member
Dec 21, 2015
15
4
23
41
I am also interested in this. I just did a fresh install of 4.1 (coming from 3.4?) and now Firefox just refuses to load the page while Chrome simply gives the same warning as Ovidiu mentioned above (obsolete cipher suite).
I have tried to put various combinations of the output from '$ openssl ciphers' in my /etc/default/pveproxy' (I had to create this file as it didn't exist before, which is correct I hope?). Trying 'stronger' ciphers makes the whole page inaccessible even in Chrome.
 

pascal

Member
Dec 21, 2015
15
4
23
41
I tried disabling the following ciphers from being used in firefox's about:config one by one as they were being utilized according to chrome:
security.ssl3.dhe_rsa_aes_128_sha
security.ssl3.dhe_rsa_aes_256_sha
security.ssl3.rsa_aes_128_sha
security.ssl3.rsa_aes_256_sha
security.ssl3.rsa_des_ede3_sha

None of which got the page to load in firefox. After disabling the last one it seemingly ran out of ciphers to use and was marked as unsecured/unencrypted connection by firefox.

Edit: Disregard. WebUI is accessilble again after I followed the advice in this thread and cleaned all related cookies which were left from before the upgrade. Chrome is still complaining about obsolete ciphers.
 
Last edited:

Teleonomy

New Member
Jun 30, 2016
2
0
1
48
Your setting works :

Don't forget to restart pveproxy after:

/etc/init.d/pveproxy restart

Then nmap should show clean stuff.

nmap --script +ssl-enum-ciphers -p 8006
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!