coffee with carol: making the move from ssl to tls1.1 and tls1.2
TRANSCRIPT
10/27/2016
www.helpsystems.com/professional-security-services
1
HelpSystems LLC. All rights reserved.
Moving from SSL to TLS
Carol WoodburyVP of Global Security
Services
HelpSystems LLC. All rights reserved.
• Why are we talking about this?
• What is SSL/TLS?
• How is it implemented / controlled on IBM i?
• Steps for migrating from SSL to TLS
• Implementation details
Agenda
10/27/2016
www.helpsystems.com/professional-security-services
2
HelpSystems LLC. All rights reserved.
Why are we talking about this?
• SSL (Secure Sockets Layer) and TLS (Transport Layer Security)
provide end-to-end encrypted communication sessions
• SSL has proven to contain vulnerabilities, so the move to TLS
(transport layer security) is required for secure communications
• PCI DSS (Payment Card Industry’s Data Security Standard) requires
only the use of TLS 1.1 or (preferably) TLS 1.2 no later than July
2017
• Banks and other entities are requiring it
HelpSystems LLC. All rights reserved.
1. Client is configured to request the server for an encrypted session
2. Client contacts the server and provides it with the list of ciphers available to use to encrypt the session
3. Server responds with info on its digital certificate and which cipher it will use
4. Client verifies the server’s digital certificate
5. Client generates a session key and rest of session is encrypted using symmetric key
End-to-end encrypted communication sessions
Owner:telnet serverHelpSystems
Issuer:Verisign
Server
Client
10/27/2016
www.helpsystems.com/professional-security-services
3
HelpSystems LLC. All rights reserved.
Protocol Invented Deprecated
SSLv2 1995 2011
SSLv3 1996 2015
TLS 1.0 1999
TLS 1.1 2006
TLS 1.2 2008
TLS 1.3 Working draft
A bit of history
HelpSystems LLC. All rights reserved.
• QSSLPCL – defines which protocols are enabled
– *OPSYS – (Default) actual values vary by release.
– Or to control, specify one or more of the following:
*TLSV12
*TLSV11
*TLSV1
*SSLV3
*SSLV2
• Not an ordered list
Configuring the protocols allowed
6
10/27/2016
www.helpsystems.com/professional-security-services
4
HelpSystems LLC. All rights reserved.
OS Release
SSLv2 SSLv3 TLS1.0 TLS1.1 TLS1.2
V5R4 A X X
V6R1 A X X
V7R1 A X X
V7R1 w/TR6
A X X A A
V7R2 A A X X X
V7R3 A A X X X
Protocols available (by release)
X = Enabled by defaultA = Available but not by default
HelpSystems LLC. All rights reserved.
• QSSLCSLCTL – determines who controls the list specified in
QSSLCSL – the system (*OPSYS - default) or user (*USRDFN)
– To edit QSSLCSL, you must specify *USRDFN
• QSSLCSL – contains list of cipher suites to be used on an SSL/TLS
connection.
• QSSLCSL is an ordered list
Controlling the cipher suites
8
10/27/2016
www.helpsystems.com/professional-security-services
5
HelpSystems LLC. All rights reserved.
*OPSYS List
V7R3 • ECDHE_ECDSA_AES_128_GCM_SHA256
• ECDHE_ECDSA_AES_256_GCM_SHA384
• ECDHE_RSA_AES_128_GCM_SHA256
• ECDHE_RSA_AES_256_GCM_SHA384
• RSA_AES_128_GCM_SHA256
• RSA_AES_256_GCM_SHA384
• ECDHE_ECDSA_AES_128_CBC_SHA256
• ECDHE_ECDSA_AES_256_CBC_SHA384
• ECDHE_RSA_AES_128_CBC_SHA256
• ECDHE_RSA_AES_256_CBC_SHA384
• RSA_AES_128_CBC_SHA256
• RSA_AES_128_CBC_SHA
• RSA_AES_256_CBC_SHA256
• RSA_AES_256_CBC_SHA
• ECDHE_ECDSA_3DES_EDE_CBC_SHA
• ECDHE_RSA_3DES_EDE_CBC_SHA
• RSA_3DES_EDE_CBC_SHA
V7R1
• *RSA_AES_128_CBC_SHA
• *RSA_RC4_128_SHA
• *RSA_RC4_128_MD5
• *RSA_AES_256_CBC_SHA
• *RSA_3DES_EDE_CBC_SHA
• *RSA_DES_CBC_SHA
• *RSA_EXPORT_RC4_40_MD
• *RSA_EXPORT_RC2_CBC_40
_MD5
• *RSA_NULL_SHA
• *RSA_NULL_MD5
V7R2• ECDHE_ECDSA_AES_128_CBC_SHA256
• ECDHE_ECDSA_AES_256_CBC_SHA384
• ECDHE_ECDSA_AES_128_GCM_SHA256
• ECDHE_ECDSA_AES_256_GCM_SHA384
• RSA_AES_128_CBC_SHA256
• RSA_AES_128_CBC_SHA
• RSA_AES_256_CBC_SHA256
• RSA_AES_256_CBC_SHA
• RSA_AES_128_GCM_SHA256
• RSA_AES_256_GCM_SHA384
• ECDHE_RSA_AES_128_CBC_SHA256
• ECDHE_RSA_AES_256_CBC_SHA384
• ECDHE_RSA_AES_128_GCM_SHA256
• ECDHE_RSA_AES_256_GCM_SHA384
• ECDHE_ECDSA_3DES_EDE_CBC_SHA
• ECDHE_RSA_3DES_EDE_CBC_SHA
• RSA_3DES_EDE_CBC_SHA
HelpSystems LLC. All rights reserved.
How the cipher list is derived
10/27/2016
www.helpsystems.com/professional-security-services
6
HelpSystems LLC. All rights reserved.
Changing the cipher list
HelpSystems LLC. All rights reserved.
Starting the Analysis
10/27/2016
www.helpsystems.com/professional-security-services
7
HelpSystems LLC. All rights reserved.
OS Release
SSLv2 SSLv3 TLS1.0 TLS1.1 TLS1.2
V5R4 A X X
V6R1 A X X
V7R1 A X X
V7R1 w/TR6
A X X A A
V7R2 A A X X X
V7R3 A A X X X
Protocols by release
X = Enabled by defaultA = Available but not by default
HelpSystems LLC. All rights reserved.
• Document shows the PTFs required to be able to eliminate SSL at
the OS level as well as Java, WebServer, Lotus products as well as
Client Access and Access Client Solutions
– http://www-01.ibm.com/support/docview.wss?uid=nas8N1020451
Required Versions and Fixes
10/27/2016
www.helpsystems.com/professional-security-services
8
HelpSystems LLC. All rights reserved.
Determining what protocols are in useEnabling counters
Start System Service Tools - STRSST
• Option 1 - Start a service tool
• Option 4 - Display/Alter/Dump
• Option 1 - Display/Alter storage
• Option 2 - Licensed Internal Code (LIC) data
• Option 14 - Advanced analysis. (Page down to see this option)
• Page down until you find the SSLCONFIG option, select it to get to the
Specify Advanced Analysis Options window. The command shows as
SSLCONFIG
• Type the following in the Options parameter and press Enter.
-sslConnectionCounts:enable
• Hint: -h provides a help screen describing the input strings
HelpSystems LLC. All rights reserved.
Enabling counters via SST
10/27/2016
www.helpsystems.com/professional-security-services
9
HelpSystems LLC. All rights reserved.
• -sslConnectionCounts:display
Displaying the counter
HelpSystems LLC. All rights reserved.
• Provides detailed instructions on enabling and reading
communication traces to determine which protocols and ciphers are
in use
– http://www-01.ibm.com/support/docview.wss?uid=nas8N1020594
• Notes:
– PTFs only available starting in V6R1
– Will likely need to work with trading partners, banks, etc to determine
whether they support later protocols / stronger ciphers
Running a trace to determine the protocols in use
10/27/2016
www.helpsystems.com/professional-security-services
10
HelpSystems LLC. All rights reserved.
OS Release SSLv2 SSLv3 TLS1.0 TLS1.1 TLS1.2
V5R4 A *OPSYS *OPSYS
V6R1 A *OPSYS *OPSYS
V7R1 A *OPSYS *OPSYS
V7R1 w/TR6 A *OPSYS *OPSYS A A
V7R2 A A *OPSYS *OPSYS *OPSYS
V7R3 A A *OPSYS *OPSYS *OPSYS
When QSSLPCL is set to *OPSYS
A = Available but not by default
Note: Cannot specify both SSLv2 and TLS1.2 – they are mutually exclusive
HelpSystems LLC. All rights reserved.
• Based on your requirements, you may need to add/remove
protocols/ciphers to QSSLPCL and QSSLCSL.
– If you a a more recent protocol / stronger ciphers, you may want to add
those to SSLCONFIG to have those included in the Default set.
– If you are adding a older protocol / weaker cipher, you may purposefully
leave those out of SSLCONFIG so that they are not included in the Default
set.
Determine if SSLCONFIG needs to be modified
10/27/2016
www.helpsystems.com/professional-security-services
11
HelpSystems LLC. All rights reserved.
Default protocols and ciphers
Default Protocols and Ciphers:
Intersection of what is specified in QSSLPCL and SSLCONFIG macro
QSSLPCL
SSLCONFIGmacro in SST
- TLS1.2- TLS1.1
- SSLv3
Default set –(For IBM i applications in DCM = *PGM)
HelpSystems LLC. All rights reserved.
• If you a a more recent protocol / stronger ciphers, you may want to add
those to SSLCONFIG to have those included in the Default set.
– System is V7R1, >= TR6 and you want to migrate to use TLS1.2
• If you are adding a older protocol / weaker cipher, you may purposefully
leave those out of SSLCONFIG so that they are not included in the Default
set.
– System is at V7R2. You discover that you have clients connecting with an old version
of Client Access that doesn’t support TLS1.2. You will have to add SSLv3 to the
QSSLPCL system value to allow those telnet connections but you want all other
encrypted sessions to use only TLS 1.1 and TLS 1.2
• If you want to leave the system values alone but only use TLS1.1 and TLS
1.2 by default
Modifying SSLCONFIG - scenarios
10/27/2016
www.helpsystems.com/professional-security-services
12
HelpSystems LLC. All rights reserved.
Start System Service Tools - STRSST
• Option 1 - Start a service tool
• Option 4 - Display/Alter/Dump
• Option 1 - Display/Alter storage
• Option 2 - Licensed Internal Code (LIC) data
• Option 14 - Advanced analysis. (Page down to see this option)
• Page down until you find the SSLCONFIG option, select it to get to the
Specify Advanced Analysis Options window. The command shows as
SSLCONFIG
• Type the following in the Options parameter and press Enter.
-eligibleDefaultProtocols:nn,nn,nn
• Hint: -h provides a help screen describing the input strings
Modifying SSLCONFIG
HelpSystems LLC. All rights reserved.
Configuring Servers to use TLS
10/27/2016
www.helpsystems.com/professional-security-services
13
HelpSystems LLC. All rights reserved.
• For encrypted sessions (telnet, database server, etc) you assign a
digital certificate to these ‘application’s in DCM.
• Once the certificate has been assigned, you can further configure
which protocols and which ciphers are used for each application
(server)
• To access DCM, open a browser and go to:
http://<IBM i name or IP address>:2001/QIBM/ICSS/Cert/Admin/qycucm1.ndm/main0
DCM – Digital Certificate Manager
HelpSystems LLC. All rights reserved.
DCM
• Open Manage Applications• Click on Update application definition• On the next display, select Server
and click Continue
10/27/2016
www.helpsystems.com/professional-security-services
14
HelpSystems LLC. All rights reserved.
DCM
Scroll to the bottom of the page and click Update Application Definition
HelpSystems LLC. All rights reserved.
DCM – Updating an Application
Notes:• Can’t select a protocol or
cipher that’s not supported • Must stop/restart servers
for protocol changes to take effect
10/27/2016
www.helpsystems.com/professional-security-services
15
HelpSystems LLC. All rights reserved.
Document walks through modifying QSSLPCL, adding ciphers to
QSSLCSL and configuring the server configuration in DCM
– http://www-01.ibm.com/support/docview.wss?uid=nas8N1020017
Enabling Client Access or ACS for TLS 1.2 at V7R1
HelpSystems LLC. All rights reserved.
• FTP looks at the values specified in SSLCONFIG macro OR in V7* can
configure specific protocols / ciphers in DCM
Protocols / Ciphers used by FTP
10/27/2016
www.helpsystems.com/professional-security-services
16
HelpSystems LLC. All rights reserved.
Enable SSL/TLS in web application configurations
HelpSystems LLC. All rights reserved.
Configuring Protocols for Web Applications
10/27/2016
www.helpsystems.com/professional-security-services
17
HelpSystems LLC. All rights reserved.
• OWASP -
https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet
• Wikipedia - https://en.wikipedia.org/wiki/Transport_Layer_Security
• PCI DSS - https://www.pcisecuritystandards.org/pci_security/
• IBM i Information Center -http://www.ibm.com/support/knowledgecenter/ssw_ibm_i_73/rzain/rzainsystemssl.htm
• Security Bulletins
– https://www.ibm.com/support/knowledgecenter/ssw_ibm_i_73/rzain/rzain
securitybulletins.htm
References
HelpSystems LLC. All rights reserved.
Huge thanks to team members Steve Sisk and Amy Williams
for their contributions to this presentation!
Thank you
10/27/2016
www.helpsystems.com/professional-security-services
18
HelpSystems LLC. All rights reserved.
Questions?
www.helpsystems.com/professional-security-services
www.helpsystems.com
800-328-1000 | [email protected]