Difference between revisions of "Disabling the use of weak DH keys in Zimbra Collaboration mailboxd"
m (→Disabling the use of ephemeral DH keys in mailboxd) |
|||
| (One intermediate revision by one other user not shown) | |||
| Line 16: | Line 16: | ||
* See also this thread: | * See also this thread: | ||
** https://groups.google.com/a/chromium.org/forum/#!topic/security-dev/WyGIpevBV1s - Increasing the minimum TLS DH group size to 1024 bits. | ** https://groups.google.com/a/chromium.org/forum/#!topic/security-dev/WyGIpevBV1s - Increasing the minimum TLS DH group size to 1024 bits. | ||
| + | |||
| + | Mozilla Thunderbird 38.1.0 and above also blocks the connections to servers using weak ephemeral Diffie-Hellman (DH) keys are blocked by default. So if you are using Zimbra Collaboration 7.x and Thunderbird like Mail Client, in the 38.1.0 or above release you can't sync your email anymore using POP3 or IMAP over SSL. The Mozilla Thunderbird error is not so helpful. | ||
| + | * [https://bugzilla.mozilla.org/show_bug.cgi?id=1184488#c7 FF Bug 1184488] Thunderbird 38.1.0+38.0.1: SMTP+IMAP with STARTTLS: no remaining auth method | ||
== Example Error == | == Example Error == | ||
| + | ===Firefox 39.0 and above=== | ||
In Firefox 39.0+, you may see the following error message when trying to connect a Zimbra Collaboration 7.x or previous versions: | In Firefox 39.0+, you may see the following error message when trying to connect a Zimbra Collaboration 7.x or previous versions: | ||
<blockquote> | <blockquote> | ||
| Line 32: | Line 36: | ||
[[File:Mozilla-error-oldzcs-001.png]] | [[File:Mozilla-error-oldzcs-001.png]] | ||
| + | ===Thunderbird 38.1.0 and above=== | ||
| + | In Thunderbird 38.1.0 and above you will not see any significant or helpful error, just that you can't connect to the server and a no remaining auth method. If you see into the Zimbra Collaboration mailbox.log, you will see the next, depends of POP3 or IMAP: | ||
| + | ====POP3 SSL error==== | ||
| + | 2015-07-21 09:45:32,158 ERROR [Pop3SSLServer-1] [ip=151.237.238.126;] ProtocolHandler - Exception occurred while handling connection | ||
| + | javax.net.ssl.SSLException: Received fatal alert: illegal_parameter | ||
| + | at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190) | ||
| + | at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136) | ||
| + | at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1822) | ||
| + | at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1004) | ||
| + | at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188) | ||
| + | at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215) | ||
| + | at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199) | ||
| + | at com.zimbra.cs.tcpserver.ProtocolHandler.startHandshake(ProtocolHandler.java:187) | ||
| + | at com.zimbra.cs.tcpserver.ProtocolHandler.run(ProtocolHandler.java:135) | ||
| + | at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895) | ||
| + | at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918) | ||
| + | at java.lang.Thread.run(Thread.java:662)</pre> | ||
| + | ====IMAP SSL error==== | ||
| + | <pre>2015-07-21 09:44:04,317 ERROR [ImapSSLServer-1] [ip=151.237.238.126;] ProtocolHandler - Exception occurred while handling connection | ||
| + | javax.net.ssl.SSLException: Received fatal alert: illegal_parameter | ||
| + | at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190) | ||
| + | at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136) | ||
| + | at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1822) | ||
| + | at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1004) | ||
| + | at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188) | ||
| + | at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215) | ||
| + | at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199) | ||
| + | at com.zimbra.cs.tcpserver.ProtocolHandler.startHandshake(ProtocolHandler.java:187) | ||
| + | at com.zimbra.cs.tcpserver.ProtocolHandler.run(ProtocolHandler.java:135) | ||
| + | at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895) | ||
| + | at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918) | ||
| + | at java.lang.Thread.run(Thread.java:662)</pre> | ||
== Resolution == | == Resolution == | ||
You have different steps to resolve the issue: | You have different steps to resolve the issue: | ||
| − | + | === Workaround for Firefox and Thunderbird: Disable DHE ciphers in the Zimbra Collaboration Server === | |
| − | === Workaround: Disable DHE ciphers in the Zimbra Collaboration Server === | ||
Disabling the insecure ciphers, will make Firefox happy again: | Disabling the insecure ciphers, will make Firefox happy again: | ||
zmprov mcf +zimbraSSLExcludeCipherSuites TLS_DHE_RSA_WITH_AES_128_CBC_SHA | zmprov mcf +zimbraSSLExcludeCipherSuites TLS_DHE_RSA_WITH_AES_128_CBC_SHA | ||
zmprov mcf +zimbraSSLExcludeCipherSuites TLS_DHE_RSA_WITH_AES_256_CBC_SHA | zmprov mcf +zimbraSSLExcludeCipherSuites TLS_DHE_RSA_WITH_AES_256_CBC_SHA | ||
| + | zmprov mcf +zimbraSSLExcludeCipherSuites SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA | ||
zmmailboxdctl restart | zmmailboxdctl restart | ||
| Line 45: | Line 81: | ||
[[File:Mozilla-error-oldzcs-004.png]] | [[File:Mozilla-error-oldzcs-004.png]] | ||
| − | === | + | === Recommendeded Workaround: Upgrade ZCS === |
The '''recommended''' step is upgrade to the latest supported Zimbra Collaboration version, as Zimbra Collaboration 7.x was [https://www.zimbra.com/support/support-offerings/product-lifecycle '''EOL'd in March 2015''']. | The '''recommended''' step is upgrade to the latest supported Zimbra Collaboration version, as Zimbra Collaboration 7.x was [https://www.zimbra.com/support/support-offerings/product-lifecycle '''EOL'd in March 2015''']. | ||
| Line 61: | Line 97: | ||
security.ssl3.dhe_rsa_aes_256_sha=false | security.ssl3.dhe_rsa_aes_256_sha=false | ||
| − | === Not recommended: enable HTTP & HTTPS === | + | === Not Recommended: Mozilla Thunderbird fix per each client === |
| + | '''Not recommended''': To disable the new introduced option in Mozilla Thunderbird, you need to do it in each Client that uses your Zimbra Collaboration Server: | ||
| + | * [https://bugzilla.mozilla.org/show_bug.cgi?id=1184488#c7 Please read the steps in the Firefox Bugzilla] | ||
| + | |||
| + | === Not recommended: enable HTTP & HTTPS=== | ||
'''Not recommended''': You can set the zmtlsctl to both, to enable HTTP traffic to your server, users will be able to connect using Firefox 39, previous or above versions using HTTP. | '''Not recommended''': You can set the zmtlsctl to both, to enable HTTP traffic to your server, users will be able to connect using Firefox 39, previous or above versions using HTTP. | ||
Like zimbra user: | Like zimbra user: | ||
| Line 72: | Line 112: | ||
* Mozilla Firefox Release Notes for the version 39 - https://www.mozilla.org/en-US/firefox/39.0/releasenotes/ | * Mozilla Firefox Release Notes for the version 39 - https://www.mozilla.org/en-US/firefox/39.0/releasenotes/ | ||
* Mozilla Firefox Bugzilla 587407 about the change - https://bugzilla.mozilla.org/show_bug.cgi?id=587407 | * Mozilla Firefox Bugzilla 587407 about the change - https://bugzilla.mozilla.org/show_bug.cgi?id=587407 | ||
| + | * Mozilla Thunderbird Bugzilla 1184488 - https://bugzilla.mozilla.org/show_bug.cgi?id=1184488#c7 | ||
{{Article Footer|Zimbra Collaboration 7.x and previous |07/06/2015}} | {{Article Footer|Zimbra Collaboration 7.x and previous |07/06/2015}} | ||
| − | {{NeedSME|Jorge| | + | {{NeedSME|Jorge|Phil|Phil}} |
[[Category: Security]] | [[Category: Security]] | ||
Latest revision as of 17:37, 23 July 2015
Contents
- 1 Disabling the use of ephemeral DH keys in mailboxd
- 1.1 Background
- 1.2 Example Error
- 1.3 Resolution
- 1.3.1 Workaround for Firefox and Thunderbird: Disable DHE ciphers in the Zimbra Collaboration Server
- 1.3.2 Recommendeded Workaround: Upgrade ZCS
- 1.3.3 Not Recommended: Mozilla Firefox fix per each client
- 1.3.4 Not Recommended: Mozilla Thunderbird fix per each client
- 1.3.5 Not recommended: enable HTTP & HTTPS
- 1.4 Additional Content
Disabling the use of ephemeral DH keys in mailboxd
- This article is a Work in Progress, and may be unfinished or missing sections.
Background
Mozilla Firefox 39.0 was released on June 30, 2015. With this release, connections to servers using weak ephemeral Diffie-Hellman (DH) keys are blocked by default. See the Mozilla Release Notes and detailed accompanying change list for details. Here are some specific related bugs/enhancements/changes for those interested:
- FF Bug 1138554 (CVE-2015-4000) NSS accepts export-length DHE keys with regular DHE cipher suites
- FF Bug 1106470 Drop SSLv3 support entirely
- FF Bug 1153964 allow unrestricted RC4 fallback in beta and release
- NOTE: a future release is expected to disallow RC4 ciphers, or possibly enable RC4 for a temporarily set of whitelisted hosts.
Chrome 45 (in the "dev channel" since early June 2015) is slated to present users with a ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY error:
- https://www.chromium.org/administrators/err_ssl_weak_server_ephemeral_dh_key
- See also this thread:
- https://groups.google.com/a/chromium.org/forum/#!topic/security-dev/WyGIpevBV1s - Increasing the minimum TLS DH group size to 1024 bits.
Mozilla Thunderbird 38.1.0 and above also blocks the connections to servers using weak ephemeral Diffie-Hellman (DH) keys are blocked by default. So if you are using Zimbra Collaboration 7.x and Thunderbird like Mail Client, in the 38.1.0 or above release you can't sync your email anymore using POP3 or IMAP over SSL. The Mozilla Thunderbird error is not so helpful.
- FF Bug 1184488 Thunderbird 38.1.0+38.0.1: SMTP+IMAP with STARTTLS: no remaining auth method
Example Error
Firefox 39.0 and above
In Firefox 39.0+, you may see the following error message when trying to connect a Zimbra Collaboration 7.x or previous versions:
Secure Connection Failed
An error occurred during a connection to YOUR IP. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)
- The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
- Please contact the website owners to inform them of this problem.
Thunderbird 38.1.0 and above
In Thunderbird 38.1.0 and above you will not see any significant or helpful error, just that you can't connect to the server and a no remaining auth method. If you see into the Zimbra Collaboration mailbox.log, you will see the next, depends of POP3 or IMAP:
POP3 SSL error
2015-07-21 09:45:32,158 ERROR [Pop3SSLServer-1] [ip=151.237.238.126;] ProtocolHandler - Exception occurred while handling connection javax.net.ssl.SSLException: Received fatal alert: illegal_parameter
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1822)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1004)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199)
at com.zimbra.cs.tcpserver.ProtocolHandler.startHandshake(ProtocolHandler.java:187)
at com.zimbra.cs.tcpserver.ProtocolHandler.run(ProtocolHandler.java:135)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
at java.lang.Thread.run(Thread.java:662)</pre>
IMAP SSL error
2015-07-21 09:44:04,317 ERROR [ImapSSLServer-1] [ip=151.237.238.126;] ProtocolHandler - Exception occurred while handling connection
javax.net.ssl.SSLException: Received fatal alert: illegal_parameter
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1822)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1004)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199)
at com.zimbra.cs.tcpserver.ProtocolHandler.startHandshake(ProtocolHandler.java:187)
at com.zimbra.cs.tcpserver.ProtocolHandler.run(ProtocolHandler.java:135)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
at java.lang.Thread.run(Thread.java:662)
Resolution
You have different steps to resolve the issue:
Workaround for Firefox and Thunderbird: Disable DHE ciphers in the Zimbra Collaboration Server
Disabling the insecure ciphers, will make Firefox happy again:
zmprov mcf +zimbraSSLExcludeCipherSuites TLS_DHE_RSA_WITH_AES_128_CBC_SHA zmprov mcf +zimbraSSLExcludeCipherSuites TLS_DHE_RSA_WITH_AES_256_CBC_SHA zmprov mcf +zimbraSSLExcludeCipherSuites SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA zmmailboxdctl restart
You will see the Web Client again:
Recommendeded Workaround: Upgrade ZCS
The recommended step is upgrade to the latest supported Zimbra Collaboration version, as Zimbra Collaboration 7.x was EOL'd in March 2015.
If you want to upgrade, we had an special Webinar that will help you with the process:
Not Recommended: Mozilla Firefox fix per each client
Not recommended: To disable the new introduced option in Mozilla Firefox, you need to do it in each Web Browser that uses your Zimbra Collaboration Server:
Type about:config in your Firefox web browser, in the address bar. Be careful as you can break your Firefox Configuration easier. Change the next settings with the next values:
security.ssl3.dhe_rsa_aes_128_sha=false security.ssl3.dhe_rsa_aes_256_sha=false
Not Recommended: Mozilla Thunderbird fix per each client
Not recommended: To disable the new introduced option in Mozilla Thunderbird, you need to do it in each Client that uses your Zimbra Collaboration Server:
Not recommended: enable HTTP & HTTPS
Not recommended: You can set the zmtlsctl to both, to enable HTTP traffic to your server, users will be able to connect using Firefox 39, previous or above versions using HTTP. Like zimbra user:
zmtlsctl both zmcontrol restart
The use of HTTPS only is recommended.
Additional Content
- Mozilla Firefox Release Notes for the version 39 - https://www.mozilla.org/en-US/firefox/39.0/releasenotes/
- Mozilla Firefox Bugzilla 587407 about the change - https://bugzilla.mozilla.org/show_bug.cgi?id=587407
- Mozilla Thunderbird Bugzilla 1184488 - https://bugzilla.mozilla.org/show_bug.cgi?id=1184488#c7
