Adding Strong Diffie Hellman Groups to Apache 2.2
Written by Geoff Mottram (geoff at minaret dot biz).
Placed in the public domain on May 31, 2015 by the author.
Last updated: June 1, 2015.
This document and all associated software is provided "as is", without warranty of any kind, express or implied, including but not limited to the warranties of merchantability, fitness for a particular purpose and noninfringement. In no event shall the author be liable for any claim, damages or other liability, whether in an action of contract, tort or otherwise, arising from, out of or in connection with this document and associated software or the use or other dealings in same.
Contents
Introduction
Installing the Fixes
Introduction
This page was written to help other administrators who run Apache 2.2 instead of Apache 2.4 but want to prevent Logjam attacks. At the time this was written, Apache 2.2 did not support user generated Diffie Hellman Groups. This left admins with the default configuration of 1024 bit DH groups which are considered "weak" by testing systems provided by companies like Entrust.I found a lot of good advice at weakdh.org, including Apache configuration options, etc.
My solution was to apply the patch for Apache 2.2.14 that adds support for the
SSLDHParametersFileconfiguration option to Apache 2.2.29. I have provided a TGZ file for the "before" and "after" versions of the files that are affected by the patch for Apache 2.2.29. There is also a patch file for those who prefer that. The resulting Apache web server received a grade of "A" from Entrust.UPDATE: Apache 2.2.30 will contain a number of significant Diffie Hellman improvements that will render this patch unnecessary.
Installing the Fixes
The download file contains the patched source code files for the SSL module of Apache 2.2.29. If you are running a different version of Apache, you will have to determine the best way to incorporate these changes into your source code. As the original and modified source files are provided, one option would be to create a patch file you could apply to your own source code.
- Download the patched files in
apache-2.2.29_dhparams.tgz. [Alternately, download the patch itself inapache-2.2.29_dhparams.patchand apply it as required.]- Unpack the contents of the tar file into a temporary directory:
tar xzvf apache-2.2.29_dhparams.tgz- There are seven modified files and an
origdirectory containing the unmodified versions of those same seven files.- Copy the modified files into your Apache source code directory. This will be something like
httpd-2.2.29/modules/ssl.- Change to the top-level httpd source code directory (i.e.
httpd-2.2.29).- make clean
- make
- make install
- Generate a unique 2048 bit DH Group for your server:
openssl dhparam -out dhparams.pem 2048- Install the resulting
dhparams.pemfile with your other private server key files using the same permissions and protections as your other certificates.- Configure Apache with settings akin to these in the SSL section of your conf files:
SSLDHParametersFile "/PATH/TO/YOUR/CERTIFICATE/FILES/dhparams.pem" SSLEngine on SSLProtocol all -SSLv2 -SSLv3 SSLHonorCipherOrder on SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA SSLCompression Off- Start Apache and use the Entrust tool to test your site.
Technical Tips