Details
-
Improvement
-
Resolution: Fixed
-
Major
-
3.16.0, 3.16.1, 3.16.2, 3.17.0, 3.28.1, 2.14.21
-
Yes
-
n/a
Description
If NXRM is configured with Jetty HTTPS connector, by default the set of allowed ciphers ( and then implicitly the allowed TLS protocols ) will include weaker than recommended versions.
NXRM 3.15.2 uses Jetty Server 9.4.11
NXRM 3.16.0-3.16.2 uses Jetty Server 9.4.14 ( NEXUS-18952 )
NXRM 3.17.0 uses Jetty Server 9.4.18 ( NEXUS-19860 )
NXRM 3.26.0 uses Jetty Server 9.4.30 (NEXUS-24327 )
NXRM 3.29.0 uses Jetty Server 9.4.33 ( NEXUS-25774 )
At startup of NXRM 3.16.0 and newer, when HTTPS is configured, there are many WARN level messages in the logs complaining about weak cipher suites:
2019-06-18 15:17:10,674-0300 INFO [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory - x509=X509@17179ede(jetty,h=[gromit.local, 192.168.2.73],w=[]) for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,756-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_RSA_WITH_AES_256_CBC_SHA256 enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,756-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,756-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,756-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_RSA_WITH_AES_256_CBC_SHA enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,756-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_RSA_WITH_AES_256_CBC_SHA enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,757-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,757-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_ECDH_RSA_WITH_AES_256_CBC_SHA enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,757-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_DHE_RSA_WITH_AES_256_CBC_SHA enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,757-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_DHE_DSS_WITH_AES_256_CBC_SHA enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,757-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_RSA_WITH_AES_128_CBC_SHA256 enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,757-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,757-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,757-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_RSA_WITH_AES_128_CBC_SHA enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,758-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_RSA_WITH_AES_128_CBC_SHA enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,758-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,758-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_ECDH_RSA_WITH_AES_128_CBC_SHA enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,758-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_DHE_RSA_WITH_AES_128_CBC_SHA enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,758-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_DHE_DSS_WITH_AES_128_CBC_SHA enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,758-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_RSA_WITH_AES_256_GCM_SHA384 enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,758-0300 WARN [jetty-main-1] *SYSTEM org.eclipse.jetty.util.ssl.SslContextFactory.config - Weak cipher suite TLS_RSA_WITH_AES_128_GCM_SHA256 enabled for SslContextFactory@173f271b[provider=null,keyStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks,trustStore=file:///app/nexus-testing/3.17.0-SNAPSHOT/nexus-installer-3.17.0-20190614.175715-121-mac-archive/sonatype-work/nexus3/etc/ssl/keystore.jks]
2019-06-18 15:17:10,760-0300 INFO [jetty-main-1] *SYSTEM org.eclipse.jetty.server.AbstractConnector - Started ServerConnector@2854d641{SSL,[ssl, http/1.1]}{0.0.0.0:8443}
In addition, it will appear using SSL security scanning tools that the Jetty HTTPS connection has ciphers that can be used with less secure TLSv1.0, TLSv1.1
$ sslscan localhost:8443 Version: 2.0.6-static OpenSSL 1.1.1h 22 Sep 2020 Connected to 127.0.0.1 Testing SSL server localhost on port 8443 using SNI name localhost SSL/TLS Protocols: SSLv2 disabled SSLv3 disabled TLSv1.0 enabled TLSv1.1 enabled TLSv1.2 enabled TLSv1.3 disabled
Diagnosis
In Jetty version 9.4.12, the Jetty project implemented and changed what ciphers were excluded for HTTPS connectors by default. See https://github.com/eclipse/jetty.project/issues/2807
The old excluded cipher expression was:
// Exclude weak / insecure ciphers
setExcludeCipherSuites("^.*_(MD5|SHA|SHA1)$");
The new excluded cipher expressions are:
// Exclude weak / insecure ciphers
setExcludeCipherSuites("^.*_(MD5|SHA|SHA1)$");
// Exclude ciphers that don't support forward secrecy
addExcludeCipherSuites("^TLS_RSA_.*$");
// The following exclusions are present to cleanup known bad cipher
// suites that may be accidentally included via include patterns.
// The default enabled cipher list in Java will not include these
// (but they are available in the supported list).
addExcludeCipherSuites("^SSL_.*$");
addExcludeCipherSuites("^.*_NULL_.*$");
addExcludeCipherSuites("^.*_anon_.*$");
Further, it is important to realize that depending on the JRE used to run NXRM, certain unsafe cipher suites are excluded by the JRE itself. The document https://java.com/en/jre-jdk-cryptoroadmap.html should be consulted.
Related Reference:
https://github.com/eclipse/jetty.project/issues/2807
https://github.com/eclipse/jetty.project/pull/2855/files
https://java.com/en/jre-jdk-cryptoroadmap.html
https://github.com/eclipse/jetty.project/issues/2889
https://www.eclipse.org/jetty/documentation/current/configuring-ssl.html#configuring-sslcontextfactory-cipherSuites
https://github.com/eclipse/jetty.project/issues/2921#issuecomment-422747678
NXRM currently ships with a default install-dir/etc/jetty/jetty-https.xml file that has the following set excluded cipher suites:
<New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory"> <Set name="KeyStorePath"><Property name="ssl.etc"/>/keystore.jks</Set> <Set name="KeyStorePassword">password</Set> <Set name="KeyManagerPassword">password</Set> <Set name="TrustStorePath"><Property name="ssl.etc"/>/keystore.jks</Set> <Set name="TrustStorePassword">password</Set> <Set name="EndpointIdentificationAlgorithm"></Set> <Set name="NeedClientAuth"><Property name="jetty.ssl.needClientAuth" default="false"/></Set> <Set name="WantClientAuth"><Property name="jetty.ssl.wantClientAuth" default="false"/></Set> <Set name="ExcludeCipherSuites"> <Array type="String"> <Item>SSL_RSA_WITH_DES_CBC_SHA</Item> <Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item> <Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item> <Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item> <Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item> <Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item> <Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item> </Array> </Set> </New>
Workaround
To rely on a more secure set of default ciphers and exclude implicit support for TLSv1.0 and TLSv1.1, and prefer only TLSv1.2 then
1. edit install-dir/etc/jetty/jetty-https.xml and remove the following lines from the file:
<Set name="ExcludeCipherSuites">
<Array type="String">
<Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
<Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item>
<Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item>
<Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item>
<Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
</Array>
</Set>
2. Ensure that NXRM is using a current release of Java ( which will also include a default configuration of disabled insecure ciphers and TLS protocols ).
Restart NXRM for the changes to take effect.
From https://github.com/eclipse/jetty.project/issues/860#issuecomment-241413231 and https://github.com/eclipse/jetty.project/issues/860#issuecomment-241462795
The reason TLS/1.1 and TLS/1.0 are not available to you, is because there's no ciphers that support TLS/1.1 and TLS/1.0 available on your system.
Those protocols are not disabled, and on some system configurations you can still use TLS/1.1 as there are some Cipher Suites left in the TLS/1.1 camp still available.
While its true that on an unconfigured Oracle OpenJDK, there will be no ciphers available to service TLS/1.1, there are reports that alternative cryptographic configurations (unlimited strength JCE, Bouncy Castle, etc) do allow TLS/1.1 and TLS/1.0 to function without altering the JVM level security.properties.
...
There's no cipher suites in common between Java and openssl.
You'll have to address the java side to make TLS/1.1 function for you.
Option 1: Configure Jetty's SslContextFactory to expose the vulnerable ciphers you are needing
This requires you to redefine the .setExcludedCiphers() to the set that applies to you.
Option 2: Configure the Java JVM to not exclude the specific TLS/1.1 ciphers suites you need
Option 3: Configure the Java Runtime for more Cipher suites
This can sometimes be as simple as installing the unlimited strength JCE, or using alternative crypto providers like Bouncy Castle.
Note: The use of these vulnerable cipher suites is to be considered a short term solution, as they are highly likely to be removed everywhere once the TLS/1.3 spec and implementations are deployed. This is because the current iteration of the (unfinished) TLS/1.3 spec is going to ban those cipher suites from existing for any TLS support level, with no option to enable them (as they wont exist on the systems anymore).
Expected
Change the jetty-https.xml cipher suites excluded by default to match those followed by Jetty and security best practices of JRE and the security industry.
If a user needs to change the default allowed ciphers, they can customize the jetty-https.xml themselves to add the insecure ciphers that are compatible with what their client must use, or augment using a technique described here.
It should be clearly mentioned in release notes that the default allowed ciphers are changed and how to customize them to previous settings, in case someone upgrades and encounters an issue with SSL that was working fine before upgrade.
Attachments
Issue Links
- causes
-
-
- Closed
-
- relates
-
-
- Closed
-