best practice tls for ibm domino
TRANSCRIPT
Best Practice Transport Layer Security (TLS) for IBM Domino using TLS 1.2Jared Roberts | Senior Consultant
primaxis.com.au
June 11th & 12th, Melbourne, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2015
• This presentation represents my individual experiences, thoughts and opinions and do not represent of the views of my employer, Inform2016, AusLUG, IBM, IBM Business Partners or any other organisation or entity.
• This presentation may contain the following copyrighted, trademarked, and/or restricted terms:
• I (most likely) don’t know more about stuff than you do…. feel free to call me out on errors in my presentation & publicly humiliate me as you see fit.
Disclaimer
• IBM® Notes®
• IBM® Domino®
• IBM® Connections
• IBM® WebSphere®
• IBM® DB2
• IBM® AIX®
• Tivoli®
• Linux®
• Java®
• Microsoft®
• Windows®
• Red Hat®
• Skype®
• Twitter®
• Facebook®
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Speaker
Jared Roberts ● Senior Consultant – Primaxis
• From Melbourne
• 11-year rookie in IBM Collaboration Software
• Admin of many of the things we are here talking about
• I’m a fan of “The User”
• Business analysis, presales, consulting, security audits, design & delivery of Domino, Notes, Sametime, Traveler, Connections, TDI, SoftLayer and all the related bits they interact with
• Remarkably average but adequate and often completely useless developer
• Drummer in Desecrator (the best band you’ve never heard of)
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SSL/TLS - Who Cares right?
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SSL/TLS - Who Cares right?
• Encryption in not a ‘nice to have’ – it’s an absolute MUST
• Data can be intercepted while being transferred between clients and servers, or between servers ie:– Email– Payment Information– Credentials
• Now seeing the deprecation/planned deprecation of SSLv3 and SHA1 support in Browsers– IE (Jan 2017, code-signing Jan 2016)– Chrome (Jan 2017, version and cert date conditional)– FireFox (Jan 2017, phased)– Safari (same?)
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Encryption
what is encryption?• The most effective way to achieve ‘data security’
– process of encoding information so only authorised parties can read it– data is ‘unrecognisable’ or unreadable unless you have the ‘key’ to decrypt
it– does not prevent interception
what are SSL certificates?• Small digital files that that authenticate the identity of a website
and encrypt information
• Binds the ‘key’ to the organisation’s details
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SSL Certificate
• An SSL certificate holds the following info:– The certificate holder's name– The certificate's serial number and expiration date– A copy of the certificate holder's public key– The digital signature of the certificate-issuing authority
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Acronyms!!!
SSL• Secure Sockets Layer
• A cryptographic protocol designed to provide communications security over a computer network
• 3 versions (version 1.0 never publicly released) all of which are now deprecated and considered insecure– SSLv1.0– SSLv2.0– SSLv3.0
• POODLE exploit was the nail in the coffin for SSLv3– replaced by TLS
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Acronyms!!!
TLS• Transport Layer Security
• A cryptographic protocol same as SSL. It’s actually SSL’s ‘successor’– SSLv3.1 but was renamed to reflect open standard
• 3 versions – TLS1.0 (considered insecure due to ability to downgrade to SSLv3*)– TLS1.1– TLS1.2
• Updated constantly as required– version 1.3 in Draft now
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Acronyms!!!
HTTPS• Method for secure communication over HyperText Transfer
Protocol (HTTP)
• Often referred to as HTTP Secure, HTTP over TLS/SSL
• Data transferred over HTTPS provides:– bidirectional encryption of data in transit– with correct implementation can protect against MIM attacks*, and a
level of confidence that you’re connecting with who you think you are connecting to!
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Acronyms!!!
SHA1• Cryptographic hash function traditionally used in most SSL
certificates
• Widely used in many protocols (TLS and SSL, PGP, SSH, S/MIME, and IPsec)
• M$, G00gle and Mozilla have announced deprecation plans
SHA2• Family of cryptographic hash functions
• An updated version of SHA1– SHA1 found to be more insecure
• 6 hash functions (SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256)
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Acronyms!!!
AES• Advanced Encryption Standard
• Based on “Rijndael” cipher family - widely used as government standard
• Supersedes DES (Data Encryption Standard) which is now vulnerable to brute force attack
Ciphers• Algorithm for performing encryption and decryption
• Work on blocks of symbols usually of a fixed size (block ciphers), or on a continuous stream of symbols (stream ciphers)
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
What happened and keeps happening…
Man In The Middle Attack (MIM, MITM)
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
What happened and keeps happening…
Man In The Middle Attack (MIM, MITM)• A type of attack where the attacker secretly intercepts, relays and
possibly alters communication between two parties who believe they are directly communicating with each other
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
What happened and keeps happening…
POODLE• “Padding Oracle On Downgraded Legacy Encryption”
• An exploit that allowed attackers to trick a session to use SSL rather than TLS then during that session use a design flaw in SSL 3.0 to snoop on the session
What it did• It allowed attackers to perform a man in the middle attack
How it was stopped• We all turned off SSLv3 on the servers (then users screamed at us and
the browser war escalated)
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
What happened and keeps happening…
SLOTH• “Security Loss due to the use of Obsolete and Truncated Hash
constructions”
• SLOTH relies on the ability to exploit older hash techniques
• If the hash technique isn’t sophisticated enough a “collision” of a hash for two different messages can be generated
• OpenSSL 1.0.1.e and earlier are affected
• Any servers using TLS 1.2 and MD5 encryption are affected
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
What happened and keeps happening…
FREAK• “Factoring RSA Export Keys”
• A vulnerability cased by the growth of cheap computing power
• A "512-bit export-grade key“ now be broken with a bit of math's called the "Number Field Sieve algorithm"* and about ~ $150 of cloud computing
What it did• Allowed the attacker to perform a man in the middle attack
How it was stopped• Disabled "TLS export cipher suites" either by updating browsers,
disabling the feature in servers or updating libraries that used them
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
What happened and keeps happening…
HEARTBLEEDA "buffer over-read" vulnerability in the TLS heartbeat extension of OpenSSL caused by a missing input validation check
What it did• Allowed an attacker to read up to 64 kilobytes of the servers active
memory for each attack, memory that was very likely to contain secure information
How it was stopped• Updated all clients/servers to a patched version of OpenSSL
• Reissued all certificates where there was any chance they could have been compromised
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
What happened and keeps happening…
• BEAST
• LOGJAM
• CRIME
• BREACH
• DROWN
• BERSERK
• KOMODIA
• …......more
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Creating a Certificate
CERTIFICATE STRUCTURE• Certificate Authority (CA)
• Private Key
• Trusted Roots (root and intermediate certificates)
• To generate a certificate and key store– key file– certificate request with the details of your certificate– trusted roots and intermediates (or your CA)– signed certificate from your CA
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
The key – creating the identity
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
TLS Handshake - validation
• How validation works (the TLS handshake)
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
TLS Handshake - validation
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Structure of Certificates
• Personal Information Exchange Format (PKCS#12)– .pfx– .p12
• Cryptographic Message Syntax Standard (PKCS#7)– .p7b– .p7r
• Base64-encoded X.509– .cer– .crt
• DER-encoded binary X.509– .cer– .crt– .der
• Privacy-enhanced Electronic Mail– .pem
• Certificate Signing Request– .csr
• OpenSSL can convert most certificate forms to most other forms
Certificate formats
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
What you need:
• OpenSSL– An open source library of SSL and TLS cryptography– Available for most platforms– Developed and managed by https://www.openssl.org– Create, convert & extract certificates and keystores
• Domino KYR Tool– Tool to create SHA2 key stores for Domino
• Certificate Signing Authority
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
Creating a SHA2 Certificate in Domino
• SHA2 Support introduced in 2015
• Domino must be 9.0.1 FP3 or higher
• Notes must be 9.0.1 FP3 or higher
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Installing OpenSSL
• Shining Light Productions download– https://slproweb.com/download/Win64OpenSSL_Light-1_0_2g.exe
• Available for most platforms
• Only need the Lite version for this application
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Installing OpenSSL
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
• Firstly decide on the key size– May be decided by business or legal requirements– Larger the better – harder to decrypt– Not all systems support larger key sizes
• Set the OPEN_SSL_Conf environment variable (Windows only)– Set OpenSSL_Conf=c:\openssl\openssl.cfg
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
• Verify the file has been created
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
• Create a key of length 4096*– openssl genrsa –out pmxsrver.key 4096
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
• Create a Certificate Signing Request (CSR)
• You send this to your Certificate Authority (CA)– either on-premise or purchase
• The CSR is checked and verified the the CA.
• Any errors – you can recreate the request
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
• openssl req -new -sha256 –key pmxserver.key –out pmxserver.csr
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
• Verify the file has been created
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
• Send to the signing fairies– Company CA– Third Party CA (VeriSign, Symantec, GeoTrust, RapidSSL)
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
• Domino KYR Files– Traditionally used the Server Certificate Admin application (certsrv.nsf)– Certsrv.nsf not used any more– Domino KYR Tool (must be 9.0.1 FP2 IF1 and above)– Creates a SHA2 keystore that is recognised by Domino
• Download the KYR Tool from Fix Central– http://ibm.co/1SAYX5E
• Unpack & place kyrtool.exe in Notes/Domino Program directory
• **opinion**Please don’t run the kyrtool on your Domino server – use a Notes client !
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
• Create the KYR keystore– kyrtool create -k c:\IBM\Notes\data\pmxwildserver.kyr -p somethingstrongplease
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
• This will create 2 files– Domino KYR key store (.kyr)– Key store password stash file (.sth)
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
• Collect your files– Server Private Key– Server Certificate Request– Server Certificate (signed and returned to you by CA)– Root and Intermediate certificates– Key store file and stash file
• Root and Intermediate certs – order matters
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
• Now need to install all of the root, intermediate, server and keys into the key store.
• 2 options– Use OpenSSL to merge the roots, inters, server certs and keys into
one text file before importing into the KYR file– Import the certificates individually
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
Import using combined file
• concatenate all certificates to a text file– type pmxserver.key pmxserver.crt intermediate1.crt intermediate2.crt root.crt >
pmxallcerts.txt
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
Import using combined file
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
Import using combined file
• Verify the certificate chain– kyrtool verify C:\TLS\pmxallcerts.txt
Successfully read 4096 bit RSA private keyINFO: Successfully read 4 certificatesINFO: Private key matches leaf certificateINFO: IssuerName of cert 0 matches the SubjectName of cert 1INFO: IssuerName of cert 1 matches the SubjectName of cert 2INFO: IssuerName of cert 2 matches the SubjectName of cert 3
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
Import using combined file
• Import the text file to the KYR– kyrtool import all -k C:\TLS\pmxwildserver.kyr -i C:\TLS\pmxallcerts.txt
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
Import individually
• Issue series of import commands to merge the root, intermediates, server cert and server key into the key ring file
– kyrtool import roots -i C:\TLS\GeoTrust_Global_CA.cer -k C:\TLS\pmxwildserver.kyr – kyrtool import roots -i C:\TLS\intermediate1.txt -k C:\TLS\pmxwildserver.kyr – kyrtool import roots -i C:\TLS\intermediate2.txt -k C:\TLS\pmxwildserver.kyr – kyrtool import keys -i C:\TLS\pmxserver.key -k C:\TLS\pmxwildserver.kyr – kyrtool import certs -i C:\TLS\pmxcert.crt -k C:\TLS\pmxwildserver.kyr
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Getting it done in Domino
• Verify! Verify!– kyrtool show keys -k C:\TLS\pmxwildserver.kyr– kyrtool show certs -k C:\TLS\pmxwildserver.kyr
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Using it in Domino
• Install to servers & configure internet site documents
• Can be used in the following:– ANY web site (iNotes, apps, etc)– Traveler– S/MIME (encrypted mail)– Mail Protocols (SMTP, IMAP, POP3)– LDAP– DIIOP (must have 9.0.1 FP5)
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Using it in Domino
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Using it in Domino
Best Practice
• Disable SSLv3– Notes.ini - DISABLE_SSLV3=1
• Disable TLS1.0 (if required)– Notes.ini - SSL_DISABLE_TLS_10
• Cipher configuration...
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Ciphers – what are they again?
• Algorithm for performing encryption and decryption
• Combination of authentication, encryption, message authentication code (MAC) and key exchange algorithms used to negotiate the security settings for a network connection
SHA2 - Using it in Domino
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Using it in Domino
Ciphers• TLS delivered as IF prevented updates to Admin client
• Cipher configuration via UI no longer used
• Notes.ini parameter SSLCipherSpec to control ciphers– example: SSLCipherSpec=C030009F009D
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SHA2 - Using it in Domino
RSA_WITH_AES_256_GCM_SHA384 (009D)
RSA_WITH_AES_128_GCM_SHA256 (009C)
RSA_WITH_AES_256_CBC_SHA256 (003D)
RSA_WITH_AES_256_CBC_SHA (0035)
RSA_WITH_AES_128_CBC_SHA256 (003C)
RSA_WITH_AES_128_CBC_SHA (002F)
RSA_WITH_3DES_EDE_CBC_SHA (000A)
RSA_WITH_RC4_128_SHA (0005)
ECDHE_RSA_WITH_AES_256_GCM_SHA384 (C030)
DHE_RSA_WITH_AES_256_GCM_SHA384 (009F)
ECDHE_RSA_WITH_AES_128_GCM_SHA256 (C02F)
DHE_RSA_WITH_AES_128_GCM_SHA256 (009E)
ECDHE_RSA_WITH_AES_256_CBC_SHA384 (C028)
DHE_RSA_WITH_AES_256_CBC_SHA256 (006B)
ECDHE_RSA_WITH_AES_256_CBC_SHA (C014)
DHE_RSA_WITH_AES_256_CBC_SHA (0039)
ECDHE_RSA_WITH_AES_128_CBC_SHA256 (C027)
DHE_RSA_WITH_AES_128_CBC_SHA256 (0067)
ECDHE_RSA_WITH_AES_128_CBC_SHA (C013)
Cipher List – TLS1.2
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Transferrable to WebSphere?
• A 4096 certificate can generate an error when attempting to add to WebSphere
• “RSA premaster secret” error
• You need to add the unrestricted policy files to WebSphere for the 4096 certificate length to be imported- ibm.co/1JZGs3z
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Transferrable to WebSphere?
• OpenSSL– use to create p12/jks keystore and import cert & private key
• IBM HTTP Server– open existing kdb key store and import from p12
• Make sure your roots and intermediate certs are up to date!
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Transferrable to WebSphere?
• Mail, Traveler, Connections, Sametime all using same certificate
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Development
• Where possible – try and implement production certificates into the development environment
• If not possible – create a self-signed certificate with the same parameters
• Keep documentation up to date!
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
SSL Labs test
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Summary
• Hackers across the internet are working around the clock to bust encryption
• Every week there are vulnerabilities discovered
• You need to understand where the vulnerabilities are, how to watch for them and how to protect against them
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
THANK YOU !!
http://auslug.org/survey2016
March 10th & 11th, Sydney, AustraliaMeet.Share.Learn.Connect @AusLUG #@Inform2016
Resources
• https://www-10.lotus.com/ldd/dominowiki.nsf/dx/3rd_Party_SHA-2_with_OpenSSL_and_kyrtool
• https://www-10.lotus.com/ldd/dominowiki.nsf/dx/TLS_1.2
• http://www.slideshare.net/gabturtle/1086-the-ssl-problem-and-how-to-deploy-sha2-certificates-with-mark-myers?ref=http://turtleblog.info/
• http://www-10.lotus.com/ldd/dominowiki.nsf
• http://wikipedia.org/