红帽全球峰会3.6. 弃用 TLS 1.0
需要 FedRAMP-authorized 系统才能离开 TLS 1.0。推荐的级别是 1.2,只有需要广泛的兼容性时才可以接受 1.1。如需更多信息,请参阅 https://www.fedramp.gov/assets/resources/documents/CSP_TLS_Requirements.pdf。
对于 Red Hat OpenStack Platform 13 部署,HAProxy 不接受 TLS 1.0 连接,该连接处理 TLS 启用 API 的 TLS 连接。这通过 no-tlsv10 选项实现。对于启用了 InternalTLS 的 HA 部署,控制器平面上的跨节点流量也会加密。这包括 RabbitMQ、MariaDB 和 Redis 等等。MariaDB 和 Redis 已被弃用 TLS1.0,对 RabbitMQ 的相同弃用应该被上游向后移植。
3.6.1. 检查是否使用了 TLS 1.0
您可以使用 cipherscan 来决定部署是否提供 TLS 1.0。Cipherscan 可以从 https://github.com/mozilla/cipherscan 克隆。这个示例输出显示从 horizon 收到的结果:
从非生产环境系统运行 cipherscan,因为它可能会在首次运行时安装额外的依赖项。
$ ./cipherscan https://openstack.lab.local
..............................
Target: openstack.lab.local:443
prio ciphersuite protocols pfs curves
1 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1
2 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1
3 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 DH,1024bits None
4 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 DH,1024bits None
5 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1
6 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1
7 ECDHE-RSA-AES128-SHA TLSv1.2 ECDH,P-256,256bits prime256v1
8 ECDHE-RSA-AES256-SHA TLSv1.2 ECDH,P-256,256bits prime256v1
9 DHE-RSA-AES128-SHA256 TLSv1.2 DH,1024bits None
10 DHE-RSA-AES128-SHA TLSv1.2 DH,1024bits None
11 DHE-RSA-AES256-SHA256 TLSv1.2 DH,1024bits None
12 DHE-RSA-AES256-SHA TLSv1.2 DH,1024bits None
13 ECDHE-RSA-DES-CBC3-SHA TLSv1.2 ECDH,P-256,256bits prime256v1
14 EDH-RSA-DES-CBC3-SHA TLSv1.2 DH,1024bits None
15 AES128-GCM-SHA256 TLSv1.2 None None
16 AES256-GCM-SHA384 TLSv1.2 None None
17 AES128-SHA256 TLSv1.2 None None
18 AES256-SHA256 TLSv1.2 None None
19 AES128-SHA TLSv1.2 None None
20 AES256-SHA TLSv1.2 None None
21 DES-CBC3-SHA TLSv1.2 None None
Certificate: trusted, 2048 bits, sha256WithRSAEncryption signature
TLS ticket lifetime hint: None
NPN protocols: None
OCSP stapling: not supported
Cipher ordering: server
Curves ordering: server - fallback: no
Server supports secure renegotiation
Server supported compression methods: NONE
TLS Tolerance: yes
Intolerance to:
SSL 3.254 : absent
TLS 1.0 : PRESENT
TLS 1.1 : PRESENT
TLS 1.2 : absent
TLS 1.3 : absent
TLS 1.4 : absent在扫描服务器时,Cipherscan 公告对特定 TLS 版本的支持,这是它将协商的最高 TLS 版本。如果目标服务器正确跟随 TLS 协议,它将响应相互支持的最高版本,这可能低于最初公告的 Cipherscan。如果服务器继续使用该特定版本与客户端建立连接,则不能接受到该协议版本。如果没有建立连接(通过指定版本或任何较低版本),那么该版本的协议将被视为存在。例如:
Intolerance to:
SSL 3.254 : absent
TLS 1.0 : PRESENT
TLS 1.1 : PRESENT
TLS 1.2 : absent
TLS 1.3 : absent
TLS 1.4 : absent
在这个输出中,TLS 1.0 和 TLS 1.1 的容错性报告为 PRESENT,这意味着无法建立连接,并且 Cipherscan 无法连接,同时公告这些 TLS 版本的支持。因此,最好在扫描的服务器上不启用这些协议(以及任何较低)版本。
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}