Coffee with Carol: Making the Move from SSL to TLS1.1 and TLS1.2

10/27/2016

www.helpsystems.com/professional-security-services

1

HelpSystems LLC. All rights reserved.

Moving from SSL to TLS

Carol WoodburyVP of Global Security

Services


• Why are we talking about this?

• What is SSL/TLS?

• How is it implemented / controlled on IBM i?

• Steps for migrating from SSL to TLS

• Implementation details

Agenda

10/27/2016


2


Why are we talking about this?

• SSL (Secure Sockets Layer) and TLS (Transport Layer Security)

provide end-to-end encrypted communication sessions

• SSL has proven to contain vulnerabilities, so the move to TLS

(transport layer security) is required for secure communications

• PCI DSS (Payment Card Industry’s Data Security Standard) requires

only the use of TLS 1.1 or (preferably) TLS 1.2 no later than July

2017

• Banks and other entities are requiring it


1. Client is configured to request the server for an encrypted session

2. Client contacts the server and provides it with the list of ciphers available to use to encrypt the session

3. Server responds with info on its digital certificate and which cipher it will use

4. Client verifies the server’s digital certificate

5. Client generates a session key and rest of session is encrypted using symmetric key

End-to-end encrypted communication sessions

Owner:telnet serverHelpSystems

Issuer:Verisign

Server

Client

10/27/2016


3


Protocol Invented Deprecated

SSLv2 1995 2011

SSLv3 1996 2015

TLS 1.0 1999

TLS 1.1 2006

TLS 1.2 2008

TLS 1.3 Working draft

A bit of history


• QSSLPCL – defines which protocols are enabled

– *OPSYS – (Default) actual values vary by release.

– Or to control, specify one or more of the following:

*TLSV12

*TLSV11

*TLSV1

*SSLV3

*SSLV2

• Not an ordered list

Configuring the protocols allowed

6

10/27/2016


4


OS Release

SSLv2 SSLv3 TLS1.0 TLS1.1 TLS1.2

V5R4 A X X

V6R1 A X X

V7R1 A X X

V7R1 w/TR6

A X X A A

V7R2 A A X X X

V7R3 A A X X X

Protocols available (by release)

X = Enabled by defaultA = Available but not by default


• QSSLCSLCTL – determines who controls the list specified in

QSSLCSL – the system (*OPSYS - default) or user (*USRDFN)

– To edit QSSLCSL, you must specify *USRDFN

• QSSLCSL – contains list of cipher suites to be used on an SSL/TLS

connection.

• QSSLCSL is an ordered list

Controlling the cipher suites

8

10/27/2016


5


*OPSYS List

V7R3 • ECDHE_ECDSA_AES_128_GCM_SHA256

• ECDHE_ECDSA_AES_256_GCM_SHA384

• ECDHE_RSA_AES_128_GCM_SHA256


• RSA_AES_128_GCM_SHA256


• ECDHE_ECDSA_AES_128_CBC_SHA256


• ECDHE_RSA_AES_128_CBC_SHA256


• RSA_AES_128_CBC_SHA256

• RSA_AES_128_CBC_SHA



• ECDHE_ECDSA_3DES_EDE_CBC_SHA

• ECDHE_RSA_3DES_EDE_CBC_SHA

• RSA_3DES_EDE_CBC_SHA

V7R1

• *RSA_AES_128_CBC_SHA

• *RSA_RC4_128_SHA

• *RSA_RC4_128_MD5

• *RSA_AES_256_CBC_SHA

• *RSA_3DES_EDE_CBC_SHA

• *RSA_DES_CBC_SHA

• *RSA_EXPORT_RC4_40_MD

• *RSA_EXPORT_RC2_CBC_40

_MD5

• *RSA_NULL_SHA

• *RSA_NULL_MD5

V7R2• ECDHE_ECDSA_AES_128_CBC_SHA256














• ECDHE_ECDSA_3DES_EDE_CBC_SHA

• ECDHE_RSA_3DES_EDE_CBC_SHA

• RSA_3DES_EDE_CBC_SHA


How the cipher list is derived

10/27/2016


6


Changing the cipher list


Starting the Analysis

10/27/2016


7


OS Release

SSLv2 SSLv3 TLS1.0 TLS1.1 TLS1.2

V5R4 A X X

V6R1 A X X

V7R1 A X X

V7R1 w/TR6

A X X A A

V7R2 A A X X X

V7R3 A A X X X

Protocols by release

X = Enabled by defaultA = Available but not by default


• Document shows the PTFs required to be able to eliminate SSL at

the OS level as well as Java, WebServer, Lotus products as well as

Client Access and Access Client Solutions

– http://www-01.ibm.com/support/docview.wss?uid=nas8N1020451

Required Versions and Fixes

http://www-01.ibm.com/support/docview.wss?uid=nas8N1020451

10/27/2016


8


Determining what protocols are in useEnabling counters

Start System Service Tools - STRSST

• Option 1 - Start a service tool

• Option 4 - Display/Alter/Dump

• Option 1 - Display/Alter storage

• Option 2 - Licensed Internal Code (LIC) data

• Option 14 - Advanced analysis. (Page down to see this option)

• Page down until you find the SSLCONFIG option, select it to get to the

Specify Advanced Analysis Options window. The command shows as

SSLCONFIG

• Type the following in the Options parameter and press Enter.

-sslConnectionCounts:enable

• Hint: -h provides a help screen describing the input strings


Enabling counters via SST

10/27/2016


9


• -sslConnectionCounts:display

Displaying the counter


• Provides detailed instructions on enabling and reading

communication traces to determine which protocols and ciphers are

in use


• Notes:

– PTFs only available starting in V6R1

– Will likely need to work with trading partners, banks, etc to determine

whether they support later protocols / stronger ciphers

Running a trace to determine the protocols in use


10/27/2016


10


OS Release SSLv2 SSLv3 TLS1.0 TLS1.1 TLS1.2

V5R4 A *OPSYS *OPSYS



V7R1 w/TR6 A *OPSYS *OPSYS A A

V7R2 A A *OPSYS *OPSYS *OPSYS

V7R3 A A *OPSYS *OPSYS *OPSYS

When QSSLPCL is set to *OPSYS

A = Available but not by default

Note: Cannot specify both SSLv2 and TLS1.2 – they are mutually exclusive


• Based on your requirements, you may need to add/remove

protocols/ciphers to QSSLPCL and QSSLCSL.

– If you a a more recent protocol / stronger ciphers, you may want to add

those to SSLCONFIG to have those included in the Default set.

– If you are adding a older protocol / weaker cipher, you may purposefully

leave those out of SSLCONFIG so that they are not included in the Default

set.

Determine if SSLCONFIG needs to be modified

10/27/2016


11


Default protocols and ciphers

Default Protocols and Ciphers:

Intersection of what is specified in QSSLPCL and SSLCONFIG macro

QSSLPCL

SSLCONFIGmacro in SST

- TLS1.2- TLS1.1

- SSLv3

Default set –(For IBM i applications in DCM = *PGM)


• If you a a more recent protocol / stronger ciphers, you may want to add

those to SSLCONFIG to have those included in the Default set.

– System is V7R1, >= TR6 and you want to migrate to use TLS1.2

• If you are adding a older protocol / weaker cipher, you may purposefully

leave those out of SSLCONFIG so that they are not included in the Default

set.

– System is at V7R2. You discover that you have clients connecting with an old version

of Client Access that doesn’t support TLS1.2. You will have to add SSLv3 to the

QSSLPCL system value to allow those telnet connections but you want all other

encrypted sessions to use only TLS 1.1 and TLS 1.2

• If you want to leave the system values alone but only use TLS1.1 and TLS

1.2 by default

Modifying SSLCONFIG - scenarios

10/27/2016


12


Start System Service Tools - STRSST

• Option 1 - Start a service tool

• Option 4 - Display/Alter/Dump

• Option 1 - Display/Alter storage

• Option 2 - Licensed Internal Code (LIC) data

• Option 14 - Advanced analysis. (Page down to see this option)

• Page down until you find the SSLCONFIG option, select it to get to the

Specify Advanced Analysis Options window. The command shows as

SSLCONFIG

• Type the following in the Options parameter and press Enter.

-eligibleDefaultProtocols:nn,nn,nn

• Hint: -h provides a help screen describing the input strings

Modifying SSLCONFIG


Configuring Servers to use TLS

10/27/2016


13


• For encrypted sessions (telnet, database server, etc) you assign a

digital certificate to these ‘application’s in DCM.

• Once the certificate has been assigned, you can further configure

which protocols and which ciphers are used for each application

(server)

• To access DCM, open a browser and go to:

http://<IBM i name or IP address>:2001/QIBM/ICSS/Cert/Admin/qycucm1.ndm/main0

DCM – Digital Certificate Manager


DCM

• Open Manage Applications• Click on Update application definition• On the next display, select Server

and click Continue

10/27/2016


14


DCM

Scroll to the bottom of the page and click Update Application Definition


DCM – Updating an Application

Notes:• Can’t select a protocol or

cipher that’s not supported • Must stop/restart servers

for protocol changes to take effect

10/27/2016


15


Document walks through modifying QSSLPCL, adding ciphers to

QSSLCSL and configuring the server configuration in DCM


Enabling Client Access or ACS for TLS 1.2 at V7R1


• FTP looks at the values specified in SSLCONFIG macro OR in V7* can

configure specific protocols / ciphers in DCM

Protocols / Ciphers used by FTP


10/27/2016


16


Enable SSL/TLS in web application configurations


Configuring Protocols for Web Applications

10/27/2016


17


• OWASP -

https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet

• Wikipedia - https://en.wikipedia.org/wiki/Transport_Layer_Security

• PCI DSS - https://www.pcisecuritystandards.org/pci_security/

• IBM i Information Center -http://www.ibm.com/support/knowledgecenter/ssw_ibm_i_73/rzain/rzainsystemssl.htm

• Security Bulletins

– https://www.ibm.com/support/knowledgecenter/ssw_ibm_i_73/rzain/rzain

securitybulletins.htm

References


Huge thanks to team members Steve Sisk and Amy Williams

for their contributions to this presentation!

Thank you

https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet

https://en.wikipedia.org/wiki/Transport_Layer_Security

https://www.pcisecuritystandards.org/pci_security/

http://www.ibm.com/support/knowledgecenter/ssw_ibm_i_73/rzain/rzainsystemssl.htm

https://www.ibm.com/support/knowledgecenter/ssw_ibm_i_73/rzain/rzainsecuritybulletins.htm

10/27/2016


18


Questions?


www.helpsystems.com

800-328-1000 | [email protected]

http://www.helpsystems.com/professional-security-services

Software

Coffee with Carol: Making the Move from SSL to TLS1.1 and TLS1.2