Thomas Krey1709160326 Posted November 2, 2018 Share Posted November 2, 2018 Dear all, after upgrading our NetScaler to version 12.1-49.23 we weren't any longer able to access our extranet with Google Chrome 70 and Mozilla Firefox 62. We are using the recommended cipher suites and settings to achieve an A+ at SSL Labs. We enabled the following cipher suites on our web frontend: # TLS 1.2 (suites in server-preferred order): TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8) ECDH secp256r1 (eq. 3072 bits RSA) FS 256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) ECDH secp256r1 (eq. 3072 bits RSA) FS 128 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) ECDH secp256r1 (eq. 3072 bits RSA) FS 256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) ECDH secp256r1 (eq. 3072 bits RSA) FS 128 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) ECDH secp256r1 (eq. 3072 bits RSA) FS 256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH secp256r1 (eq. 3072 bits RSA) FS 128 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH secp256r1 (eq. 3072 bits RSA) FS 256 # TLS 1.1 (suites in server-preferred order): TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH secp256r1 (eq. 3072 bits RSA) FS 128 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH secp256r1 (eq. 3072 bits RSA) FS 256 # TLS 1.0 (suites in server-preferred order): TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH secp256r1 (eq. 3072 bits RSA) FS 128 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH secp256r1 (eq. 3072 bits RSA) FS 256 While Safari 12, Internet Explorer 11 and Edge are working as desired, however the other two browsers claim a handshake failure. Firefox states SSL_ERROR_NO_CYPHER_OVERLAP and Chrome states ERR_SSL_VERSION_INTERFERENCE although there are compatible ciphers in this list. SSL Labs state fatal handshake errors on these browsers: https://www.ssllabs.com/ssltest/analyze.html?d=extranet.pluradent.de Any ideas? Have a nice evening Kind regards, Thomas Link to comment Share on other sites More sharing options...
Vamsi Krishna1709162168 Posted November 4, 2018 Share Posted November 4, 2018 What does packet capture say? TLS1.3 enable? Do you have SSL profile configured? Does default cipher works? Thanks, Vamsi Link to comment Share on other sites More sharing options...
Thomas Krey1709160326 Posted November 5, 2018 Author Share Posted November 5, 2018 Hi Vamsi, sorry, I haven't done a packet capture , yet. TLS1.3 is enabled, but SSL Labs state, that TLS1.3 is disabled. Is there anything else to do, in order to enable TLSv1.3? Since this Friday, we use release NS12.1 49.37.nc. Yes, we have a SSL profile configured, the Settings can be seen in the attached screenshot. Enabling or disabling TLS1 doesn't make any difference, most handshakes use TLSv1.2 as can be seen here: https://www.ssllabs.com/ssltest/analyze.html?d=extranet.pluradent.de I have enabled two cipher groups, the self-created group called "ssllabs-smw-q2-2018" and "TLSv1.3". Here are the CLI parameters of the self-created group: set ssl parameter -denySSLReneg NONSECURE add ssl cipher ssllabs-smw-q2-2018 bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1.3-AES256-GCM-SHA384 bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1.3-CHACHA20-POLY1305-SHA256 bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1.3-AES128-GCM-SHA256 bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1.2-ECDHE-RSA-CHACHA20-POLY1305 bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1.2-ECDHE-ECDSA-AES128-GCM-SHA256 bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1.2-ECDHE-ECDSA-AES256-GCM-SHA384 bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1.2-ECDHE-ECDSA-AES128-SHA256 bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1.2-ECDHE-ECDSA-AES256-SHA384 bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1-ECDHE-ECDSA-AES128-SHA bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1-ECDHE-ECDSA-AES256-SHA bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1.2-ECDHE-RSA-AES128-GCM-SHA256 bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1.2-ECDHE-RSA-AES256-GCM-SHA384 bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1.2-ECDHE-RSA-AES-128-SHA256 bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1.2-ECDHE-RSA-AES-256-SHA384 bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1.2-DHE-RSA-AES128-GCM-SHA256 bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1.2-DHE-RSA-AES256-GCM-SHA384 bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1-ECDHE-RSA-AES128-SHA bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1-ECDHE-RSA-AES256-SHA bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1-DHE-RSA-AES-128-CBC-SHA bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1-DHE-RSA-AES-256-CBC-SHA bind ssl vserver RZ-CNS1-AG -cipherName ssllabs-smw-q2-2018 bind ssl vserver RZ-CNS1-AG -eccCurveName ALL Did I forget something? Thanks a lot! Best regards, Thomas. Link to comment Share on other sites More sharing options...
Vamsi Krishna1709162168 Posted November 5, 2018 Share Posted November 5, 2018 Let's try to narrow down where is the issue. 1. Disable TLS1.3 and see if this works 2. Disable "DenySSLRenegotiation" and see if this works 3. Remove SSL profile and use default parameters with custom ciphers. And if we unbind custom ciphers and use default ciphers is this working? Thanks, Vamsi Link to comment Share on other sites More sharing options...
Thomas Krey1709160326 Posted November 5, 2018 Author Share Posted November 5, 2018 Hello Vamsi, it is already sufficient to disable TLSv1.3. With TLSv1.3 disabled, our extranet.pluradent.de works fine with Mozilla Firefox 63.0.1 and Google Chrome 70.0.3538.77. Is there any possibility to get TLSv1.3 working, or is it not compatible, yet? Many thanks! Best regards, Thomas. Link to comment Share on other sites More sharing options...
Vamsi Krishna1709162168 Posted November 5, 2018 Share Posted November 5, 2018 With default ciphers, enabling TLS1.3 is this working? All I see with TLS1.3 is below bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1.3-AES256-GCM-SHA384 bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1.3-CHACHA20-POLY1305-SHA256 bind ssl cipher ssllabs-smw-q2-2018 -cipherName TLS1.3-AES128-GCM-SHA256 Do you see chrome/Mozilla coming with these ciphers in client hello? May be a case with citrix will help to debug more :) As of now you can use work around by disabling TLS1.3 Thanks, Vamsi Link to comment Share on other sites More sharing options...
Sambhaji Banapure Posted May 26, 2020 Share Posted May 26, 2020 Hi All, I have disabled the TLS1.3 post which it start working without any issues. add ssl profile custom_ssl_profile_TLSV1.3_NON_SECURE -sessReuse ENABLED -sessTimeout 120 -tls1 DISABLED -tls11 DISABLED -denySSLReneg NONSECURE my current version NetScaler NS12.1: Build 55.18.nc, Date: Jan 20 2020, 06:37:31 (64-bit) Can someone let me know how can i achieve the same by while enabling TLS 1.3. Regards Samb Link to comment Share on other sites More sharing options...
Sambhaji Banapure Posted May 26, 2020 Share Posted May 26, 2020 Name: custom_ssl_profile_TLSV1.3_NON_SECURE (Front-End) SSLv3: DISABLED TLSv1.0: DISABLED TLSv1.1: DISABLED TLSv1.2: ENABLED TLSv1.3: DISABLED Client Auth: DISABLED Use only bound CA certificates: DISABLED Strict CA checks: NO Session Reuse: ENABLED Timeout: 120 seconds DH: DISABLED DH Private-Key Exponent Size Limit: DISABLED Ephemeral RSA: ENABLED Refresh Count: 0 Deny SSL Renegotiation NONSECURE Non FIPS Ciphers: DISABLED Cipher Redirect: DISABLED SSL Redirect: DISABLED Send Close-Notify: YES Strict Sig-Digest Check: DISABLED Zero RTT Early Data: DISABLED DHE Key Exchange With PSK: NO Tickets Per Authentication Context: 1 Push Encryption Trigger: Always PUSH encryption trigger timeout: 1 ms SNI: DISABLED OCSP Stapling: DISABLED Strict Host Header check for SNI enabled SSL sessions: NO Push flag: 0x0 (Auto) SSL quantum size: 8 kB Encryption trigger timeout 100 mS Encryption trigger packet count: 45 Subject/Issuer Name Insertion Format: Unicode SSL Interception: DISABLED SSL Interception OCSP Check: ENABLED SSL Interception End to End Renegotiation: ENABLED SSL Interception Maximum Reuse Sessions per Server: 10 Session Ticket: DISABLED HSTS: DISABLED HSTS IncludeSubDomains: NO HSTS Max-Age: 0 HSTS Preload: NO What additional changes are required in above profile to achieve Qualys A+ - currently it is B. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now