TLS1.3 on older linux distro

Posted under tech On By xpk

TLS1.3 is not commonly supported on older distro due to slow adaptation of new version of openssl. To get around that, we can compile openssl from source. Here is how I did it on AmazonLinux2.

Initially, I tried to compile openssl and apache. It didn’t work out. The next best thing is to compile haproxy with new version of openssl.

Install openssl 3.0.1 from source

The following will install openssl 3.0.1 under /opt/openssl

$ yum -y install perl-IPC-Cmd apr-devel apr-util-devel
$ wget2 https://www.openssl.org/source/openssl-3.0.1.tar.gz
$ cd openssl-3.0.1
$ ./Configure --prefix=/opt/openssl; make -j2; make install
echo /opt/openssl/lib > /etc/ld.so.conf.d/openssl.conf
ldconfig

Install HA Proxy 2.5.0 from source

The following installs haproxy under /usr/local/sbin

$ yum -y install pcre2-devel systemd-devel
$ git clone -b v2.5.0 https://github.com/haproxy/haproxy.git
$ cd haproxy
$ make TARGET=linux-glibc USE_PCRE2=1 USE_PCRE2_JIT=1 USE_OPENSSL=1 SSL_LIB=/opt/openssl/lib SSL_INC=/opt/openssl/include USE_ZLIB=1 USE_SYSTEMD=1

Create environment for haproxy

$ groupadd haproxy
$ useradd -g haproxy haproxy
$ mkdir /var/lib/haproxy
$ chown haproxy /var/lib/haproxy

Create a config file for haproxy

Create /etc/haproxy.conf. This is the bare minimum config. SSL certificate is terminated on haproxy, and requests are forwarded to apache in plaintext.

global
    log         127.0.0.1 local2
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy

    tune.ssl.default-dh-param  2048
    ssl-default-bind-ciphers TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:EECDH+AESGCM:EECDH+CHACHA20
    ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 no-tlsv12

    stats socket /var/lib/haproxy/stats

defaults
    mode http
    log global
    option dontlognull
    option http-server-close
    option redispatch
    retries 3
    timeout http-request 10s
    timeout queue 1m
    timeout connect 10s
    timeout client 1m
    timeout server 1m
    timeout http-keep-alive 10s
    timeout check 10s
    maxconn 2000

backend apache
    http-request set-header X-Forwarded-Proto https
    mode http
    balance roundrobin
    fullconn 2000
    option  httpchk
    server local01 127.0.0.1:80 proto h2

frontend web
    # the pem file is contains the server cert, intermediate cert, and the private key
    # the order of these 3 components is important
    bind *:443 ssl crt /etc/letsencrypt/live/your-domain.com/combined.pem alpn h2,http/1.1
    mode http
    use_backend apache
    default_backend apache 

Create a systemd service

Create /etc/systemd/system/haproxy.service with the following content.

[Unit]
Description=HAProxy service
After=syslog.target network.target 

[Service]
PIDFile=/run/haproxy.pid
ExecStart=/usr/local/sbin/haproxy -f /etc/haproxy.conf -p /run/haproxy.pid
Restart=on-abort

[Install]
WantedBy=multi-user.target

Then run these to start up haproxy: systemctl daemon-reload; systemctl start haproxy

Update apache https redirect

If you previously redirects http traffic to https, you will need to update the RewriteCond to look for a http header instead of checking the request protocol

RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*) https://%{SERVER_NAME}$1 [R,L]

Scan the web site

With your favorite ssl scanner, now check what protocols are supported. Here, I use sslscan

$ sslscan your.domain.com
Version: 2.0.7
OpenSSL 1.1.1l  24 Aug 2021

Connected to 18.136.38.30

Testing SSL server your.domain.com on port 443 using SNI name your.domain.com

  SSL/TLS Protocols:
TLSv1.0   disabled
TLSv1.1   disabled
TLSv1.2   disabled
TLSv1.3   enabled

  TLS Fallback SCSV:
Server supports TLS Fallback SCSV

  TLS renegotiation:
Session renegotiation not supported

  Supported Server Cipher(s):
Preferred TLSv1.3  256 bits  TLS_AES_256_GCM_SHA384        Curve 25519 DHE 253
Accepted  TLSv1.3  256 bits  TLS_CHACHA20_POLY1305_SHA256  Curve 25519 DHE 253
Accepted  TLSv1.3  128 bits  TLS_AES_128_GCM_SHA256        Curve 25519 DHE 253

  Server Key Exchange Group(s):
TLSv1.3  128 bits  secp256r1 (NIST P-256)
TLSv1.3  192 bits  secp384r1 (NIST P-384)
TLSv1.3  260 bits  secp521r1 (NIST P-521)
TLSv1.3  128 bits  x25519
TLSv1.3  224 bits  x448
TLSv1.3  112 bits  ffdhe2048
TLSv1.3  128 bits  ffdhe3072
TLSv1.3  150 bits  ffdhe4096
TLSv1.3  175 bits  ffdhe6144
TLSv1.3  192 bits  ffdhe8192

  SSL Certificate:
Signature Algorithm: sha256WithRSAEncryption
RSA Key Strength:    2048

Subject:  your.domain.com
Altnames: DNS:your.domain.com
Issuer:   R3

Not valid before: Dec 20 01:47:08 2021 GMT
Not valid after:  Mar 20 01:47:07 2022 GMT

Wrapping up

Openssl is the core component of all web services, even the OS themselves. I wish the distro vendor can keep up so we don’t need these workarounds.

 48 total views,  4 views today

Leave a comment

Your email address will not be published. Required fields are marked *