Configuring Jetty SSL Ciphers

Configuring Jetty SSL Ciphers

The SSL Ciphers that Jetty is allowed to use is defined in installation.properties located in the {InstallDir}\jetty\base\etc directory.  

By default we restrict the ciphers we use to a modern level.  However any cipher from the intermediate group can be added to the perc.ssl.includeCiphers entry in installation.properties for Percussion to use.

Modern Ciphers

If you want the least amount of security vulnerabilities, then Percussion recommends using only the modern ciphers and only using the TLSv1.2 protocol.  Please not that TLS and SSL ciphers is a constantly changing environment from a security perspective.   Supported ciphers and TLS protocols change between Open JDK updates.  We defer to the latest OpenJDK documentation on support ciphers in the JRE. 

 

Modern ciphers
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

 

These ciphers protect against the following vulnerabilities and attacks:

Vulnerabilities and attacks
 Heartbleed (CVE-2014-0160)                not vulnerable (OK), no heartbeat extension
 CCS (CVE-2014-0224)                       not vulnerable (OK)
 Secure Renegotiation (CVE-2009-3555)      not vulnerable (OK)
 Secure Client-Initiated Renegotiation     VULNERABLE (NOT ok), DoS threat (Note: In order to prevent this you would need to provide a proxy in front of Percussion such as Apache)
 CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
 BREACH (CVE-2013-3587)                    no HTTP compression (OK) 
 POODLE, SSL (CVE-2014-3566)               not vulnerable (OK)
 TLS_FALLBACK_SCSV (RFC 7507),             No fallback possible, TLS 1.2 is the only protocol (OK)
 FREAK (CVE-2015-0204)                     not vulnerable (OK)
 DROWN (2016-0800, CVE-2016-0703)          not vulnerable (OK)
 LOGJAM (CVE-2015-4000), experimental      not vulnerable (OK)
 BEAST (CVE-2011-3389)                     no SSL3 or TLS1 (OK)
 RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)

These ciphers are compatible with the following browsers:

Compatible browsers
 Android 2.3.7                 No connection
 Android 4.0.4                 No connection
 Android 4.1.1                 No connection
 Android 4.2.2                 No connection
 Android 4.3                   No connection
 Android 4.4.2                 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Android 5.0.0                 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Baidu Jan 2015                No connection
 BingPreview Jan 2015          TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Chrome 47 / OSX               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Firefox 31.3.0ESR / Win7      TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Firefox 42 OS X               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 GoogleBot Feb 2015            TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 IE 6 XP                       No connection
 IE 7 Vista                    No connection
 IE 8 XP                       No connection
 IE 8-10 Win 7                 No connection
 IE 11 Win 7                   TLSv1.2 ECDHE-RSA-AES128-SHA256
 IE 11 Win 8.1                 TLSv1.2 ECDHE-RSA-AES128-SHA256
 IE 10 Win Phone 8.0           No connection
 IE 11 Win Phone 8.1           TLSv1.2 ECDHE-RSA-AES128-SHA256
 IE 11 Win Phone 8.1 Update TLSv1.2 ECDHE-RSA-AES128-SHA256
 IE 11 Win 10                      TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Edge 13 Win 10                   TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Edge 13 Win Phone 10          TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Java 6u45                 No connection
 Java 7u25                 No connection
 Java 8u31                 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 OpenSSL 0.9.8y            No connection
 OpenSSL 1.0.1l            TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 OpenSSL 1.0.2e            TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Safari 5.1.9 OS X 10.6.8    No connection
 Safari 6 iOS 6.0.1             TLSv1.2 ECDHE-RSA-AES128-SHA256
 Safari 6.0.4 OS X 10.8.4    No connection
 Safari 7 iOS 7.1                TLSv1.2 ECDHE-RSA-AES128-SHA256
 Safari 7 OS X 10.9             TLSv1.2 ECDHE-RSA-AES128-SHA256
 Safari 8 iOS 8.4                TLSv1.2 ECDHE-RSA-AES128-SHA256
 Safari 8 OS X 10.10           TLSv1.2 ECDHE-RSA-AES128-SHA256
 Safari 9 iOS 9                  TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Safari 9 OS X 10.11          TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Apple ATS 9 iOS 9             TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256

Intermediate Ciphers

These ciphers are all available ciphers that can be enabled in Percussion.  If you find that the modern ciphers do not cover the browser you wish to support, then you can enable the below ciphers as well as the protocols TLSv1.1 and TLSv1.

Intermediate Ciphers
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA



These ciphers and protocols risk the following vulnerabilities:

Vulnerabilities and attacks
Heartbleed (CVE-2014-0160)                not vulnerable (OK), no heartbeat extension
CCS (CVE-2014-0224)                       not vulnerable (OK)
Secure Renegotiation (CVE-2009-3555)      not vulnerable (OK)
Secure Client-Initiated Renegotiation     VULNERABLE (NOT ok), DoS threat
CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
BREACH (CVE-2013-3587)                    no HTTP compression (OK)
POODLE, SSL (CVE-2014-3566)               not vulnerable (OK)
TLS_FALLBACK_SCSV (RFC 7507),             Downgrade attack prevention NOT supported
FREAK (CVE-2015-0204)                     not vulnerable (OK)
DROWN (2016-0800, CVE-2016-0703)          not vulnerable (OK)
LOGJAM (CVE-2015-4000), experimental      not vulnerable (OK), common primes not checked. See below for any DH ciphers + bit size
BEAST (CVE-2011-3389)                     TLS1: AES128-SHA DHE-RSA-AES128-SHA
                                                ECDHE-RSA-AES128-SHA
                                          VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1
RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)

 

This will allow usage of the following browsers:

Compatible Browsers
 Android 2.3.7                 TLSv1.0 DHE-RSA-AES128-SHA
 Android 4.0.4                 TLSv1.0 ECDHE-RSA-AES128-SHA
 Android 4.1.1                 TLSv1.0 ECDHE-RSA-AES128-SHA
 Android 4.2.2                 TLSv1.0 ECDHE-RSA-AES128-SHA
 Android 4.3                   TLSv1.0 ECDHE-RSA-AES128-SHA
 Android 4.4.2                 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Android 5.0.0                 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Baidu Jan 2015                TLSv1.0 ECDHE-RSA-AES128-SHA
 BingPreview Jan 2015          TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Chrome 47 / OSX               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Firefox 31.3.0ESR / Win7      TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Firefox 42 OS X               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 GoogleBot Feb 2015            TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 IE 6 XP                       No connection
 IE 7 Vista                    TLSv1.0 ECDHE-RSA-AES128-SHA
 IE 8 XP                       No connection
 IE 8-10 Win 7                 TLSv1.0 ECDHE-RSA-AES128-SHA
 IE 11 Win 7                   TLSv1.2 ECDHE-RSA-AES128-SHA256
 IE 11 Win 8.1                 TLSv1.2 ECDHE-RSA-AES128-SHA256
 IE 10 Win Phone 8.0           TLSv1.0 ECDHE-RSA-AES128-SHA
 IE 11 Win Phone 8.1           TLSv1.2 ECDHE-RSA-AES128-SHA256
 IE 11 Win Phone 8.1 Update    TLSv1.2 ECDHE-RSA-AES128-SHA256
 IE 11 Win 10                  TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Edge 13 Win 10                TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Edge 13 Win Phone 10          TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Java 6u45                     No connection
 Java 7u25                     TLSv1.0 ECDHE-RSA-AES128-SHA
 Java 8u31                     TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 OpenSSL 0.9.8y                TLSv1.0 DHE-RSA-AES128-SHA
 OpenSSL 1.0.1l                TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 OpenSSL 1.0.2e                TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Safari 5.1.9 OS X 10.6.8      TLSv1.0 ECDHE-RSA-AES128-SHA
 Safari 6 iOS 6.0.1            TLSv1.2 ECDHE-RSA-AES128-SHA256
 Safari 6.0.4 OS X 10.8.4      TLSv1.0 ECDHE-RSA-AES128-SHA
 Safari 7 iOS 7.1              TLSv1.2 ECDHE-RSA-AES128-SHA256
 Safari 7 OS X 10.9            TLSv1.2 ECDHE-RSA-AES128-SHA256
 Safari 8 iOS 8.4              TLSv1.2 ECDHE-RSA-AES128-SHA256
 Safari 8 OS X 10.10           TLSv1.2 ECDHE-RSA-AES128-SHA256
 Safari 9 iOS 9                TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Safari 9 OS X 10.11           TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
 Apple ATS 9 iOS 9             TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256

All SSL Ciphers

As of Percussion 5.4, the version of Java we ship is Amazon Corretto: OpenJDK Runtime Environment Corretto-8.232.09.1

This allows the following list of ciphers to be used.  This list includes insecure ciphers, the intermediate and modern lists are obtained through this list, but are shortened so that the least secure ciphers are not usable by Percussion. 

All available Ciphers
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_EMPTY_RENEGOTIATION_INFO_SCSV
TLS_DH_anon_WITH_AES_128_GCM_SHA256
TLS_DH_anon_WITH_AES_128_CBC_SHA256
TLS_ECDH_anon_WITH_AES_128_CBC_SHA
TLS_DH_anon_WITH_AES_128_CBC_SHA
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
SSL_RSA_WITH_DES_CBC_SHA
SSL_DHE_RSA_WITH_DES_CBC_SHA
SSL_DHE_DSS_WITH_DES_CBC_SHA
SSL_DH_anon_WITH_DES_CBC_SHA
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_WITH_NULL_SHA256
TLS_ECDHE_ECDSA_WITH_NULL_SHA
TLS_ECDHE_RSA_WITH_NULL_SHA
SSL_RSA_WITH_NULL_SHA
TLS_ECDH_ECDSA_WITH_NULL_SHA
TLS_ECDH_RSA_WITH_NULL_SHA
TLS_ECDH_anon_WITH_NULL_SHA
SSL_RSA_WITH_NULL_MD5
TLS_KRB5_WITH_3DES_EDE_CBC_SHA
TLS_KRB5_WITH_3DES_EDE_CBC_MD5
TLS_KRB5_WITH_DES_CBC_SHA
TLS_KRB5_WITH_DES_CBC_MD5
TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5

Leave a comment

*
*