文档详细内容(约529页)
Using a Custom OCSP Responder Configuring Ephemeral DH Key Exchange TLS Session Management Standalone session cache Standalone Session Ticket Distributed Session Caching Distributed Sssion Tickets Disabling Session Tickets Client authentication Mitigating Protocol Issues Insecure Renegotiation BEAST CRIME Deploying HTTP Strict Transport Security Monitoring Session Cache Status Logging Negotiated TLS Parameter 46 Advanced Logging with mod_sslhat 14.Configuring Java and Tomcat Java cryptography components Strong and Unlimited Encryptior Provider Configuration Features Overview Protocol Vulnerabilities 初2 eroperability ssues Tuning via properties Common Error Messages Securing Java web Applications Common Keystore Operations Tomcat 44 Configuring TLS Handling SSE Configuration APR and OpenSSL Configuration 444 Schannel Features Overview Protocol Vulnerabilities nteroperability ssues Microsoft Root Certificate Program Managing System Trust Stores 458
Using a Custom OCSP Responder 404 Conguring Ephemeral DH Key Exchange 404 TLS Session Management 405 Standalone Session Cache 405 Standalone Session Tickets 406 Distributed Session Caching 407 Distributed Session Tickets 409 Disabling Session Tickets 409 Client Authentication 411 Mitigating Protocol Issues 412 Insecure Renegotiation 412 BEAST 413 CRIME 413 Deploying HTTP Strict Transport Security 413 Monitoring Session Cache Status 414 Logging Negotiated TLS Parameters 415 Advanced Logging with mod_sslhaf 416 14. Conguring Java and Tomcat . 419 Java Cryptography Components 419 Strong and Unlimited Encryption 420 Provider Conguration 421 Features Overview 421 Protocol Vulnerabilities 422 Interoperability Issues 423 Tuning via Properties 424 Common Error Messages 427 Securing Java Web Applications 430 Common Keystore Operations 435 Tomcat 440 Conguring TLS Handling 444 JSSE Conguration 446 APR and OpenSSL Conguration 449 15. Conguring Microsoft Windows and IIS . 453 Schannel 453 Features Overview 453 Protocol Vulnerabilities 455 Interoperability Issues 456 Microsoft Root Certicate Program 458 Managing System Trust Stores 458 xii
Importing a Trusted Certificate 459 Blacklisting Trusted Certificate Disabling the Auto-Update of Root Certificates Configuration Schannel Configuration Cipher Suite Configuratior Key and Signature Restrictions Configuring Renegotiation Configuring Session Caching Monitoring session caching FIPS 140-2 Third-Party Utilities Securing ASP.NET Web Applications Enforcing SSL Usage Securing Cookies Securing Session Cookies and Forms Authentication Deploying HTTP Strict Transport Security Internet Information Server Managing Keys and Certificates 16.Configuring Nginx. Installing Nginx with Static OpenSSL Enabling TLS Configuring TLS Protocol Configuring Keys and Certificates Configuring Multiple Keys Wildcard and Multisite Certificates Virtual Secure Hosting Reserving Default Sitesfor Error Messages Forward Secrecy OCSP Stapling Configuring OCSP Stapling Using a Custom OCSP Responde Manual Configuration of OCSP Responses Configuring Ephemeral DH Key Exchange Configuring Ephemeral ECDH Key Exchange TLS Session Management Standalone Session Cache Standalone Session Tickets Distributed Session Cache 486
Importing a Trusted Certicate 459 Blacklisting Trusted Certicates 459 Disabling the Auto-Update of Root Certicates 459 Conguration 460 Schannel Conguration 460 Cipher Suite Conguration 462 Key and Signature Restrictions 464 Conguring Renegotiation 470 Conguring Session Caching 471 Monitoring Session Caching 472 FIPS 140-2 473 Third-Party Utilities 475 Securing ASP.NET Web Applications 476 Enforcing SSL Usage 476 Securing Cookies 477 Securing Session Cookies and Forms Authentication 477 Deploying HTTP Strict Transport Security 478 Internet Information Server 479 Managing Keys and Certicates 480 16. Conguring Nginx . 487 Installing Nginx with Static OpenSSL 488 Enabling TLS 488 Conguring TLS Protocol 489 Conguring Keys and Certicates 489 Conguring Multiple Keys 490 Wildcard and Multisite Certicates 490 Virtual Secure Hosting 491 Reserving Default Sites for Error Messages 492 Forward Secrecy 493 OCSP Stapling 493 Conguring OCSP Stapling 494 Using a Custom OCSP Responder 495 Manual Conguration of OCSP Responses 495 Conguring Ephemeral DH Key Exchange 496 Conguring Ephemeral ECDH Key Exchange 497 TLS Session Management 497 Standalone Session Cache 497 Standalone Session Tickets 498 Distributed Session Cache 499 xiii
Distributed Session Tickets 499 Disabling session tickets Mitigating Protocol Issues Insecure Renegotiation BEAST CRIME Deploying HTTP Strict Transport Security Tuning TLS Buffers Logging 测 17.Summary. 507 ndgg . 509
Distributed Session Tickets 499 Disabling Session Tickets 500 Client Authentication 501 Mitigating Protocol Issues 502 Insecure Renegotiation 502 BEAST 502 CRIME 503 Deploying HTTP Strict Transport Security 503 Tuning TLS Buffers 504 Logging 504 17. Summary . 507 Index . 509 xiv
Preface You are about to undertake a journey into the mysterious world of cryptography.I've just completed mine-writing this book-and it's been an amazing experience.Although I'd been a user of SSL since its beginnings,I developed a deep interest in it around 2004,when I started to work on my first book,Apache Security.About five years later,in 2009,I was look- ing for something new to do;I decided to spend more time on SSL,and I've been focusing on it ever since.The result is this book. My main reason to go back to SSL was the thought that I could improve things.I saw an important technology hampered by a lack of tools and documentation.Cryptography is a fascinating subject:it's a field in which when you know more,you actually know less.Or,in other words,the more you know,the more you discover how much you don't know.I can't count how many times I've had the experience of reaching a new level of understanding of a complex topic only to have yet another layer of complexity open up to me;that's what makes the subject amazing I spent about two years writing this book.At first,I thought I'd be able to spread the effort so that I wouldn't have to dedicate my life to it,but that wouldn't work.At some point,I moment writing to keep up. I wrote this book to save you time.I spent the large part of the last five years learning every thing I could about SSL/TLS and PKI,and I knew that only a few can afford to do the same. I thought that if I put the most important parts of what I know into a book others might be able to achieve a similar level of understanding in a fraction of the time-and here we are. This book has the word"bulletproof"in the title,but that doesn't mean that TLS is unbreak- able.It does mean that if you follow the advice from this book you'll be able to get the most out of TLS and deploy it as securely as anyone else in the world.It's not always going to be easy-especially with web applications-but if you persist,you'll have better security than 9999%of servers out there.In fact,even with little effort,you can actually have better secu- rity than 99%of the servers on the Internet
Preface You are about to undertake a journey into the mysterious world of cryptography. I’ve just completed mine—writing this book—and it’s been an amazing experience. Although I’d been a user of SSL since its beginnings, I developed a deep interest in it around 2004, when I started to work on my first book, Apache Security. About five years later, in 2009, I was looking for something new to do; I decided to spend more time on SSL, and I’ve been focusing on it ever since. e result is this book. My main reason to go back to SSL was the thought that I could improve things. I saw an important technology hampered by a lack of tools and documentation. Cryptography is a fascinating subject: it’s a field in which when you know more, you actually know less. Or, in other words, the more you know, the more you discover how much you don’t know. I can’t count how many times I’ve had the experience of reaching a new level of understanding of a complex topic only to have yet another layer of complexity open up to me; that’s what makes the subject amazing. I spent about two years writing this book. At first, I thought I’d be able to spread the effort so that I wouldn’t have to dedicate my life to it, but that wouldn’t work. At some point, I realized that things are changing so quickly that I constantly need to go back and rewrite the “finished” chapters. Towards the end, about six months ago, I started to spend every spare moment writing to keep up. I wrote this book to save you time. I spent the large part of the last five years learning everything I could about SSL/TLS and PKI, and I knew that only a few can afford to do the same. I thought that if I put the most important parts of what I know into a book others might be able to achieve a similar level of understanding in a fraction of the time—and here we are. is book has the word “bulletproof ” in the title, but that doesn’t mean that TLS is unbreakable. It does mean that if you follow the advice from this book you’ll be able to get the most out of TLS and deploy it as securely as anyone else in the world. It’s not always going to be easy—especially with web applications—but if you persist, you’ll have better security than 99.99% of servers out there. In fact, even with little effort, you can actually have better security than 99% of the servers on the Internet. xv
Broadly speaking,there are two paths you can take to read this book.One is to take it easy and start from the beginning.If you have time,this is going to be the more enjoyable ap- proach.But if you want answers quickly,jump straight to chapters 8 and 9.They're going to tell you everything you need to know about deploying secure servers while achieving good performance.After that,use chapters 1 through 7 as a reference and chapters 10 through 16 for practical advice as needed. Scope and Audience This book exists to document everything you need to know about SSL/TLS and PKI for practical,daily work.I aimed for just the right mix of theory,protocol detail,vulnerability and weakness information,and deployment advice to help you get your job done As I was writing the book,I imagined representatives of three diverse groups looking over my shoulder and asking me questions: System administrators Always pressed for time and forced to deal with an ever-increasing number of securi- ty issues on their systems,system administrators need reliable advice about TLS so that they can deal with its configuration quickly and efficiently.Turning to the Web for information on this subject is counterproductive,because there's so much incor- rect and obsolete documentation out there Developers Although SSL initially promised to provide security transparently for any TCP-based protocol,in reality developers play a significant part in ensuring that applications re main secure.This is particularly true for web applications,which evolved around SSL and TLS and incorporated features that can subvert them.In theory,you"just enable encryption;in practice,you enable encryption but also pay attention to a dozen or so issues,ranging from small to big,that can break your security.In this book,I made a special effort to document every single one of those issues Managers Last but not least,I wrote the book for managers who,even though not necessarily involved with the implementation,still have to understand what's going on and make decisions.The security space is getting increasingly complicated,so understanding the attacks and threats is often a job in itself.Often,there isn't any one way to deal with the situation,and the best way often depends on the context Overall,you will find very good coverage of HTTP and web applications here but little to no mention of other protocols.This is largely because HTTP is unique in the way it uses en- cryption,powered by browsers,which have become the most popular application-delivery platform we've ever had.With that power come many problems,which is why there is so much space dedicated to HTTP. Preface
Broadly speaking, there are two paths you can take to read this book. One is to take it easy and start from the beginning. If you have time, this is going to be the more enjoyable approach. But if you want answers quickly, jump straight to chapters 8 and 9. ey’re going to tell you everything you need to know about deploying secure servers while achieving good performance. After that, use chapters 1 through 7 as a reference and chapters 10 through 16 for practical advice as needed. Scope and Audience is book exists to document everything you need to know about SSL/TLS and PKI for practical, daily work. I aimed for just the right mix of theory, protocol detail, vulnerability and weakness information, and deployment advice to help you get your job done. As I was writing the book, I imagined representatives of three diverse groups looking over my shoulder and asking me questions: System administrators Always pressed for time and forced to deal with an ever-increasing number of security issues on their systems, system administrators need reliable advice about TLS so that they can deal with its configuration quickly and efficiently. Turning to the Web for information on this subject is counterproductive, because there’s so much incorrect and obsolete documentation out there. Developers Although SSL initially promised to provide security transparently for any TCP-based protocol, in reality developers play a significant part in ensuring that applications remain secure. is is particularly true for web applications, which evolved around SSL and TLS and incorporated features that can subvert them. In theory, you “just enable encryption”; in practice, you enable encryption but also pay attention to a dozen or so issues, ranging from small to big, that can break your security. In this book, I made a special effort to document every single one of those issues. Managers Last but not least, I wrote the book for managers who, even though not necessarily involved with the implementation, still have to understand what’s going on and make decisions. e security space is getting increasingly complicated, so understanding the attacks and threats is often a job in itself. Often, there isn’t any one way to deal with the situation, and the best way often depends on the context. Overall, you will find very good coverage of HTTP and web applications here but little to no mention of other protocols. is is largely because HTTP is unique in the way it uses encryption, powered by browsers, which have become the most popular application-delivery platform we’ve ever had. With that power come many problems, which is why there is so much space dedicated to HTTP. xvi Preface
