Which Apache2 Cipher Suite is compatible with Chrome 49 on Windows XP? [closed]

0

I need a website to be accessible in Windows XP using HTTPS, but what I get are handshake errors.

My Apache2 settings are as follows.

SSLEngine on
SSLProtocol ALL -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5
SSLCompression Off
[... caminhos dos certificados ...]

The site works correctly on newer systems, but not on Windows XP.

In the SSLLabs site I get the message:

  

Chrome 49 / XP SP3 Server sent fatal alert: handshake_failure

The test URL is accessible at this link: link

My site uses Cloudflare Full Strict SSL, and in its configuration, I did not disable legacy browsers.

In English OS I found the information that the system does not support newer algorithms, however I need to know what is supported to maintain access to systems using Chrome in Windows XP.

link

How can I make the site accessible to Chrome on Windows XP? Which cipher suite can I add to be accessible at least in Chrome?

    
asked by anonymous 25.06.2017 / 05:36

1 answer

2

Windows XP natively supports only broken protocols (or weak if you want to be optimistic) to begin with it only supports SSLv2, SSLv3 and TLS 1.0, ie TLS 1.1 and 1.2 are not supported.

The Cipher Suite lists available natively in Windows XP are:

TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
TLS_DHE_DSS_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_WITH_NULL_MD5
TLS_RSA_WITH_NULL_SHA

It only supports things that are already considered not recommended, like RC4, DES and 3DES. Of course, SHA-1 and MD5, which need not comment. Chrome no longer supports SHA-1 and MD5 in the latest versions, Chrome 54 and later, unless cheated.

For comparison, Windows 10 supports AES-GCM, SHA384, SHA256, and supports elliptic curve encryption, allowing ECDHE and ECDSA to be used.

The free / basic CloudFlare plan uses an elliptic curve certificate, which is not supported by Windows XP. They themselves say this:

  

Our SSL certificates on paid plans (Pro, Business and Enterprise) will work with all desktop browsers, so if you are worried about compatibility or have many users with old browsers upgrading to one of our paid plans is recommended

Source

This is a set below that is compatible, but not so secure . There is no "be compatible with Windows XP" and at the same time "be safe", just see the test using google.com, they use TLS_RSA_WITH_3DES_EDE_CBC_SHA (XP compatible) and SSL Labs informs "WEAK".

RSA_WITH_3DES_EDE_CBC_SHA is compatible with Windows XP, but is weak, to use it set to EDH-RSA-DES-CBC3-SHA :

SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:EDH-RSA-DES-CBC3-SHA:DES-CBC3-SHA:!aNULL:!MD5

I think that's enough.

If you want a more comprehensive use:

SSLProtocol             all -SSLv3
SSLCipherSuite          ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS

If you want something really safe forget Windows XP and Windows Vista. Simply support only TLS 1.2 (and TLS 1.3). Only allow ECDHE as a form of exchange and support only AES-GCM and CHACHA20-POLY1305:

SSLProtocol             all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite          ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256

This will support AES128-GCM, AES256-GCM and CHACHA20-POLY1305. The reason for the repetition is that you can use ECC or RSA, which will define the use of ECDSA or RSA as a signature.

Another important point is performance, ECDHE-ECDSA-CHACHA20-POLY1305 believe it to be the fastest.

    
25.06.2017 / 17:00