How to configure 'TLS1.2 only' in OpenSSL 1.0.2 config file?
Question:
I would like to update the configuration of OpenSSL 1.0.2 (specifically 1.0.2k-fips as found on AWS’s Amazon Linux 2 AMIs), so that any client using OpenSSL refuses TLSv1.1, TLSv1, or anything lower that is not TLSv1.2.
I have learned that for OpenSSL 1.1+ the OpenSSL config file (e.g., /etc/pki/tls/openssl.cnf on Amazon Linux 2, or /usr/lib/ssl/openssl.cnf on Debian derivatives, or whatever $OPENSSL_CONF points to), one can specify openssl_conf -> a section with ssl_conf -> a section with system_default -> a section with MinProtocol=TLSv1.2.
However, that ssl_conf syntax is unknown in OpenSSL 1.0.2k, and instead it tries to load libssl_conf.so which fails because that shared library does not exist.
So my question: Is it possible to configure OpenSSL 1.0.2 to fail if one tries to use TLSv1.1 or below? At least via the openssl binary, or via any Python code using the ssl module for Python 3.9 or lower?
Additional information: At least on Amazon Linux 2 with OpenSSL 1.0.2k-fips, using grep I cannot even find the string MinProtocol in any OpenSSL 1.0.2 related binary or shared library. (But it does occur in an OpenSSL 1.1.1s libssl.so.1.1 that is shipped with an agent I happened to have on that same AL2 system.)
So that confirms my suspicion that the answer to my question is: No, this is not possible.
Answers:
There are no specific rules for the named sections in config file as mentioned in:
https://www.openssl.org/docs/man1.1.1/man5/config.html
"The first section of a configuration file is special and is referred to as the default section. This section is usually unnamed and spans from the start of file until the first named section. When a name is being looked up it is first looked up in a named section (if any) and then the default section."
So same MinProtocol field used in other version must work here as well. Maybe its just not mentioned on the man page.
Right, MinProtocol is not yet supported by your version of openssl.
Instead, you can configure a list of ciphers you want to allow. When selecting only those which implement TLS 1.2 you get what you want to achieve.
First, produce a list of all ciphers supported by your version of openssl which implement TLS 1.2:
openssl ciphers 'TLSv1.2'
Output will be a colon (“:”) separated list of those ciphers.
In your configuration file add the following line to your system_default section:
CipherString = <colon (“:”) separated list of ciphers copied from the command above>
CipherString limits the ciphers of V.1.2 and below to the specified list. This parameter is not related to TLS V.1.3 and above. With this config you support all TLS 1.2 ciphers and above. If you want V.1.2 only (no TLS V.1.3), than you would need to clear the list of TLS V.1.3 ciphers, which is specified by parameter Ciphersuites:
Ciphersuites =
Sample (I randomly shortened the list here):
openssl_conf = default_conf
[default_conf]
ssl_conf = ssl_section
[ssl_section]
system_default = system_default_section
[system_default_section]
CipherString = TLS_AES_128_GCM_SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384
Ciphersuites =
Now you can go ahead and be even more picky in your selection of ciphers.
To check the success of your configuration, issue the following command before and after your configuration change:
openssl ciphers -v
For the record, as a self-answer (to replace an answer that was deleted for looking ChatGPT-generated): OpenSSL 1.0.2 does not support configuring allowed SSL/TLS protocol versions or cipher suites through its configuration file.
Evidence:
- OpenSSL 1.0.2 binaries (at least OpenSSL 1.0.2k-fips as shipped with Amazon Linux 2 AMIs from AWS) don’t contain the string
MinProtocol.
- The
ssl_conf configuration seems to have been added OpenSSL 1.1.0, per e.g. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918727. And the system_default configuration inside of ssl_conf is automatically applied since OpenSSL 1.1.1, per commit 8a5ed9dc "Apply system_default configuration on SSL_CTX_new()." It is those features, apparently, that make it possible to put TLS configurations in the OpenSSL config file ($OPENSSL_CONF with a distro-specific default), in addition to calling some OpenSSL API.
- None of the procedures seen in comments on this question or in other answers, actually work. They either ignore the configuration file change, or fail to load the configuration, for example with
could not load the shared library:dso_dlfcn.c:187:filename(libssl_conf.so): libssl_conf.so: cannot open shared object file: No such file or directory.
(As ChatGPT pointed out, there are various ways where a cooperating client can give OpenSSL such settings, e.g., via its API, via the openssl command line, or via Python’s ssl default SSL context; but that was not the point of this question.)
I would like to update the configuration of OpenSSL 1.0.2 (specifically 1.0.2k-fips as found on AWS’s Amazon Linux 2 AMIs), so that any client using OpenSSL refuses TLSv1.1, TLSv1, or anything lower that is not TLSv1.2.
I have learned that for OpenSSL 1.1+ the OpenSSL config file (e.g., /etc/pki/tls/openssl.cnf on Amazon Linux 2, or /usr/lib/ssl/openssl.cnf on Debian derivatives, or whatever $OPENSSL_CONF points to), one can specify openssl_conf -> a section with ssl_conf -> a section with system_default -> a section with MinProtocol=TLSv1.2.
However, that ssl_conf syntax is unknown in OpenSSL 1.0.2k, and instead it tries to load libssl_conf.so which fails because that shared library does not exist.
So my question: Is it possible to configure OpenSSL 1.0.2 to fail if one tries to use TLSv1.1 or below? At least via the openssl binary, or via any Python code using the ssl module for Python 3.9 or lower?
Additional information: At least on Amazon Linux 2 with OpenSSL 1.0.2k-fips, using grep I cannot even find the string MinProtocol in any OpenSSL 1.0.2 related binary or shared library. (But it does occur in an OpenSSL 1.1.1s libssl.so.1.1 that is shipped with an agent I happened to have on that same AL2 system.)
So that confirms my suspicion that the answer to my question is: No, this is not possible.
There are no specific rules for the named sections in config file as mentioned in:
https://www.openssl.org/docs/man1.1.1/man5/config.html
"The first section of a configuration file is special and is referred to as the default section. This section is usually unnamed and spans from the start of file until the first named section. When a name is being looked up it is first looked up in a named section (if any) and then the default section."
So same MinProtocol field used in other version must work here as well. Maybe its just not mentioned on the man page.
Right, MinProtocol is not yet supported by your version of openssl.
Instead, you can configure a list of ciphers you want to allow. When selecting only those which implement TLS 1.2 you get what you want to achieve.
First, produce a list of all ciphers supported by your version of openssl which implement TLS 1.2:
openssl ciphers 'TLSv1.2'
Output will be a colon (“:”) separated list of those ciphers.
In your configuration file add the following line to your system_default section:
CipherString = <colon (“:”) separated list of ciphers copied from the command above>
CipherString limits the ciphers of V.1.2 and below to the specified list. This parameter is not related to TLS V.1.3 and above. With this config you support all TLS 1.2 ciphers and above. If you want V.1.2 only (no TLS V.1.3), than you would need to clear the list of TLS V.1.3 ciphers, which is specified by parameter Ciphersuites:
Ciphersuites =
Sample (I randomly shortened the list here):
openssl_conf = default_conf
[default_conf]
ssl_conf = ssl_section
[ssl_section]
system_default = system_default_section
[system_default_section]
CipherString = TLS_AES_128_GCM_SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384
Ciphersuites =
Now you can go ahead and be even more picky in your selection of ciphers.
To check the success of your configuration, issue the following command before and after your configuration change:
openssl ciphers -v
For the record, as a self-answer (to replace an answer that was deleted for looking ChatGPT-generated): OpenSSL 1.0.2 does not support configuring allowed SSL/TLS protocol versions or cipher suites through its configuration file.
Evidence:
- OpenSSL 1.0.2 binaries (at least OpenSSL 1.0.2k-fips as shipped with Amazon Linux 2 AMIs from AWS) don’t contain the string
MinProtocol. - The
ssl_confconfiguration seems to have been added OpenSSL 1.1.0, per e.g. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918727. And thesystem_defaultconfiguration inside ofssl_confis automatically applied since OpenSSL 1.1.1, per commit 8a5ed9dc "Apply system_default configuration on SSL_CTX_new()." It is those features, apparently, that make it possible to put TLS configurations in the OpenSSL config file ($OPENSSL_CONFwith a distro-specific default), in addition to calling some OpenSSL API. - None of the procedures seen in comments on this question or in other answers, actually work. They either ignore the configuration file change, or fail to load the configuration, for example with
could not load the shared library:dso_dlfcn.c:187:filename(libssl_conf.so): libssl_conf.so: cannot open shared object file: No such file or directory.
(As ChatGPT pointed out, there are various ways where a cooperating client can give OpenSSL such settings, e.g., via its API, via the openssl command line, or via Python’s ssl default SSL context; but that was not the point of this question.)