NGINX is a multi-faceted tool, and if you’re just getting your feet wet--or need a buffer--you’ll want to check this presentation out first. One popular use for NGINX is as a HTTPS reverse proxy--enabling services to support encrypted protocols that don’t normally do so. Why should you be an expert on this? Putting NGINX in front of HTTP-based websites and services allows them to be fully HTTPS compliant, taking advantage of NGINX’s state-of-the-art encryption technology.
This session will start by introducing the basics of HTTPS and web encryption. Attendees will learn how to get a proper HTTPS certificate from a certificate authority (“CA”) for browser-facing services, and an internal CA for internal services. The session will also cover the ngx_http_ssl_module, and what it takes to configure it to the industry standard. This is your spark notes session for getting that A+ in security.
4. HTTPS = HTTP + Security
• Security: SSL or TLS
• Provides data encryption and server authentication
• Negotiation of keys happens in the “handshake”
4
6. Why set up HTTPS?
• User privacy
• SEO bump
• Put in front of HTTPS-incapable services
• General good practice
6
😀
😯
7. What are the downsides?
• Operational complexity
• Extra latency (two round-trips for first connection)
• CPU cost
7
8. What you need to set up HTTPS
• A set of protocols you support
• A set of ciphers you support in order of preference
• A certificate and a private key signed by a trusted Certificate Authority
8
10. A bit of history
• SSL v2.0 released in 1995 by Netscape
• SSL v3.0 released in 1996 fixes major issues with v2
• TLS v1.0 released in 1999 by IETF: minor tweaks to SSLv3
• TLS v1.1 released in 2006 with minor tweaks
• TLS v1.2 released in 2008 with improved hashes and AEAD mode
10
11. A bit of history
• SSL v2.0 released in 1995 - Broken by design
• SSL v3.0 released in 1996 - Broken by POODLE (Nov 2014)
• TLS v1.0 released in 1999 - Weakened by BEAST (2011) and Lucky 13 (2013)
• TLS v1.1 released in 2006 - Weakened by Lucky 13 (2013) and RC4 (2013, 2015)
• TLS v1.2 released in 2008 - Only safe with AEAD mode ciphers
11
16. Cipher Suites
• Complicated string describing the type of crypto used
• Defined by openssl (check your ciphers with $ openssl ciphers)
Example:
ECDHE-RSA-AES128-GCM-SHA256:
ECDHE-ECDSA-AES128-GCM-SHA256:
ECDHE-RSA-AES256-GCM-SHA384:
ECDHE-ECDSA-AES256-GCM-SHA384:
DHE-RSA-AES128-GCM-SHA256:
16
18. Server Cipher Suites
• Client lists supported cipher suites in order of preference
• Server takes intersection of client list and server supported cipher list
• Server selects preferred cipher of remaining
18
20. Recommended Cipher Suites
CloudFlare’s suggestions:
github.com/cloudflare/sslconfig
EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA
+AES256:EECDH+3DES:RSA+3DES:!MD5
• Mozilla has their own suggestions:
https://mozilla.github.io/server-side-tls/ssl-config-generator/
20
24. What is a trusted certificate?
• When certificate is issued by a Certificate Authority (CA) that browsers trust
24
25. How do I get a certificate?
• Create a key pair
• A private key
• A certificate signing request (contains your public key)
• Get a CA to create a certificate from the CSR
• Usually costs $$$
25
26. How do create a CSR and private key?
• Using CFSSL
$ cfssl print-defaults csr > csr.json
$ cfssl genkey csr.json | cfssljson -bare
• Using OpenSSL
$ openssl genrsa -out key.pem 2048
$ openssl req -new -sha256 -key key.pem -out key.csr
26
27. How to get a free certificate
• StartSSL.com: follow the instructions, get a headache
27
28. Certificate chain
• Need to include all certificates in trust
chain up to the root
• If CA did not provide, try `cfssl bundle`
28
31. NGINX configurations parameters
• Before you start: Find out the version of OpenSSL you are using
• Recommend at least 1.0.1p
$ openssl version
OpenSSL 0.9.8zd 8 Jan 2015
31
40. • Internal CA
• You can create your own certificates for the services behind nginx
• Requires managing your own public key infrastructure
• Public CA
• Need certificate from publicly trusted CA
• Root store already present on machine (e.g. Ubuntu: /etc/ssl/certs/ca-certificates.crt)
Options for trusted CAs
40
45. • HTTP header cached by browser
• Browser always attempts HTTPS
• Maximum age defined in seconds
• Preload list for Chrome and Firefox
• Requires 6 month HSTS
• Requires includeSubdomains
What is HSTS?
45
50. • Certificates can not only expire, they can be revoked
• OCSP (Online Certificate Status Protocol) can be queried to check status
• Can slow down requests since it requires another connection
• OCSP Stapling: server pre-fetches OSCP response
• Saves a round-trip by the client
What is OCSP Stapling?
50
51. How much faster?
DNS (1334ms)
TCP handshake (240ms)
SSL handshake (376ms)
Follow certificate chain (1011ms)
DNS to CA (300ms)
TCP to CA (407ms)
OCSP to CA #1 (598ms)
TCP to CA #2 (317ms)
OCSP to CA #2 (444ms)
Finish SSL handshake (1270ms)
51
~30%
52. server {
listen 443 ssl;
ssl_certificate /path/to/signed_cert_plus_intermediates;
ssl_certificate_key /path/to/private_key;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
# intermediate configuration. tweak to your needs.
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000;
# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;
}
52
Get this file
from your CA