I'm trying to upgrade our Confluence install from 6.6 to 7.4. This generally works, and the HTTP site starts without any issue, but after the upgrade we can't connect to Confluence over HTTPS anymore. If we try, we get an SSL cypher error. In Firefox that is SSL_ERROR_NO_CYPHER_OVERLAP, but Chrome and IE11 display similar errors about not allowing the connection because of insufficient SSL settings.
If I query the HTTPS server with nmap I get the following list of offered cyphers:
| ssl-enum-ciphers:
| TLSv1.2:
| ciphers:
| TLS_DHE_DSS_WITH_AES_128_CBC_SHA (dh 1024) - A
| TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (dh 1024) - A
| TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 (dh 1024) - A
| TLS_DHE_DSS_WITH_AES_256_CBC_SHA (dh 1024) - A
| TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 (dh 1024) - A
| TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 (dh 1024) - A
| compressors:
| NULL
| cipher preference: client
| warnings:
| Key exchange (dh 1024) of lower strength than certificate key
|_ least strength: A
Which really seems woefully inadequate. If I query one of our IIS Webservers that is using the same certificate I get a lot more results including modern cyphers like:
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp384r1) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (ecdh_x25519) - A
| TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
I have tried a few solutions that come up when searching for this issue, such as converting the keystore between PKCS12 and JKS, adding a "ciphers" parameter to the HTTPS connector and adding a keystoreType parameter to the connector. But none of them help.
Hi Peter
welcome to the Atlassian community.
So i would assume you are reusing the cert that you had in place for confluence 6.6. - right?
Could you by chance share your ssl config.
https://confluence.atlassian.com/kb/security-tools-report-the-default-ssl-ciphers-are-too-weak-755140945.html?_ga=2.64455471.1662637765.1589745316-2005217296.1589745316 has some information around the ciphers, might be helpful
Cheers
Kurt
Yes, we use the same cert that we used for Confluence 6.6.0. My SSL connector currently is this:
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25"
protocol="org.apache.coyote.http11.Http11Nio2Protocol"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLSv1.2" sslEnabledProtocols="TLSv1.2" SSLEnabled="true"
URIEncoding="UTF-8" keystorePass="a" keystoreFile="C:\ProgramData\jkskeystore" useCipherSuitesOrder="true"
ciphers="TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,
TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,
TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,
TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
TLS_SRP_SHA_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
TLS_SRP_SHA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,TLS_RSA_WITH_CAMELLIA_128_CBC_SHA" />
I have since restored 6.6.0 to a different server and have checked the offered cyphers with nmap and additionally to the six I get with 7.4.0 I get these three too:
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A
When I check the connection settings in Firefox I see that it chooses the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cypher on Confluence 6.6.0
I have tried adding the "ciphers" value in the linked article but that didn't change anything.
I'm currently trying another install with Confluence 6.15.10 to see if that works better and if it's an issue with version 7 in general.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I checked some more versions. In 6.6.17 this still works. Ironically, it exposes even more cyphers than 6.6.0
| TLSv1.2:
| ciphers:
| TLS_DHE_DSS_WITH_AES_128_CBC_SHA (dh 1024) - A
| TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (dh 1024) - A
| TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 (dh 1024) - A
| TLS_DHE_DSS_WITH_AES_256_CBC_SHA (dh 1024) - A
| TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 (dh 1024) - A
| TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 (dh 1024) - A
| TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A
| TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (dh 1024) - A
| TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (dh 1024) - A
| TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A
| TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 1024) - A
| TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 1024) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A
But in 6.13.0 it doesn't work anymore, then I only get the six insecure cyphers.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.