TLS, or Transport Layer Security, is a cryptographic protocol used all over the internet to secure communication between different parties. It’s an advanced encryption standard that provides the necessary level of protection for secure online exchanges.
How security TLS is configured is paramount to organizations’ and individuals’ overall cyber security framework.
Based on the specific cipher suite, the values can differ from one to another. For the exact value of each cipher suite, see the table below.
What Is a TLS Certificate?
The Transport Layer Security certificate is the most ubiquitous security protocol today. Its purpose is to provide a solid layer of security for online exchanges between two parties, including between a client and a web server.
While in the past, using a protocol was not obligatory, nowadays, it is central to the security of digital communications. For example, search engines determine whether a website uses a security protocol in their search engine rankings (SEO). Browsers also indicate when a website is not secure, warning users to avoid it.
Security Protocols over the Years
Previously, it was the Secure Sockets Layer (SSL) protocol, but it is now considered as not providing sufficient security. That’s why it is not in use anymore.
The Transport Layer Security protocol itself has had different versions over the years. Earlier versions 1.0 and 1.1 are not deemed secure enough, so they should be avoided. The general recommendation is to use Transport Layer Security versions 1.3 or 1.2 at the moment. It’s best to opt-in for TLS 1.3 since it removes old cryptography and reduces the risk of some types of cyber attacks. However, this is not always applicable to some types of organizations.
New iterations are being released regularly, so the rule of thumb is to stick to the latest security updates.
The Importance of Certificate Authorities
Certificate Authorities, or CAs, are organizations that have the legitimacy and public trust to issue certificates. This makes choosing a trustworthy CA central to ensuring your digital assets’ security and, more specifically, the protection you get through the Transport Layer Security protocol.
Some of the things to look out for include:
- The CA wants to further and support security practices
- It addresses new vulnerabilities quickly and effectively
- It provides technical support and on-time customer service
When selecting a CA, you’ll need to configure your Certificate Authority Authorization (CAA). This way, you will authorize the respective CA to issue certificates for your domain.
The Role of Private Keys and Their Security
The Transport Layer Security protocol employs two types of keys for data encryption and authentication of users who can access it. These are the public key for external distribution and the private key, which should be kept securely.
To get your X.509v3 certificate signed by your CA, you first generate your private key manually or through a tool. Then you send a Certificate Signing Request (CSR) to your CA for signing.
It’s imperative to use strong private keys. The industry standards are the 2048-bit RSA with SHA256 key or 256-bit ECDSA with SHA256 on the P-256 curve key. In addition, private keys have to be generated only by you.
It’s also a good idea to renew certificates often. They usually have a validity of 13 — 12 months plus an extra rollover month. It’s best to do the renewal even before the certificate expiry. If certificates have a shorter period of validity, it may be handy to opt-in for automated renewal to ensure accurate certificate management.
Another important tip is to revoke all certificates if you suspect a breach of your certificates. A good practice is also to monitor Certificate Transparency (CT) logs to detect in case of certificates have quickly been issued outside of your control.
Prevention Guide
Learn how to detect and prevent different kinds of SSL/TLS vulnerabilities.
What Is TLS Configuration and Why It’s Important
A correctly configured TLS encryption ensures that your users only get content from your web application. This means there is no unregulated tampering with the exchanged communication, and users cannot eavesdrop on through the Transport Layer Security protocol.
It is paramount to configure the Transport Layer Security protocol correctly to ensure the real security of your systems. If this is not done, this may create a sense of security that is not backed in reality.
One of the main aspects of TLS configuration is using suitable profiles. Internet organizations recommend profiles, and following them is a good practice.
Legacy profiles for TLS 1.1 and 1.0 have been found to have a lot of vulnerabilities. You should set up a migration plan to replace them with new versions.
How to Check Your TLS Security Settings for Optimal Security
In your TLS configuration, you should set the allowed Transport Layer Security protocol version and ciphers to the most up-to-date values, which are considered secure now.
First and foremost, it’s essential to disable all older versions of the Transport Layer Security protocol, such as TLS 1.1 and 1.0. It’s also a good idea to disable features that have proven to be insecure. More specifically, it’s best to disable insecure renegotiation, insecure protocol downgrade, record compression, export key generation, and support for SSL 2.
As for TLS 1.3, it is advised not to use the zero round trip mode or 0-RTT. If it’s enabled, clients can send data in a Transport Layer Security session before the complete TLS handshake. This can give way to replay attacks and other security vulnerabilities. So it’s best to avoid 0-RTT mode unless application protocols have specific protection for replay attacks.
You can check out the TLS configuration proposal offered by Mozilla or use the SSL Config Generator.
Secure TLS Configuration Security Assessment
Based on the specific cipher suite, the values for Transport Layer Security configuration can differ from one to another. See the table below for the exact value for different cipher suite configurations.
CVSS Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
How to Secure TLS Configuration
For secure TLS configuration, it’s crucial to use vital and trusted certificates, as described in our guide Configure Trusted Certificates.
Here are a few handy tips for server certificate configuration that we recommend you keep in mind:
- Opt-in for the latest SSL/TLS protocol. Currently, modern versions 1.3 or 1.2 of the Transport Layer Security protocol exist.
- Check if you have any intermediate certificates. If you do, install them on your server, so browsers get a full certification path.
- Ensure that your certificate applies to all of your hostnames.
- Use TLS implementations with AES cipher variants rather than older versions with weak ciphers like DES.
- Opt-in for TLS Session Resumption to skip constant session key renegotiation.
- Enable Forward Secrecy (FS), also known as Perfect Forward Secrecy (PFS), to protect past session keys in case a private key is compromised.
- Select secure cipher suites. Recommended cipher suite requirements are a minimum of 128-bit encryption.
Below are our guides for configuring the SSL/TLS encryption for your web server for Apache and Nginx.
Apache
In the case of Apache, the SSL/TLS configuration is stored in /etc/apache2/mods-enabled/ssl.conf.
If you use Let’s Encrypt, the configuration may reside in /etc/letsencrypt/options-ssl-apache.conf.
To enable only acceptable cipher suites with high encryption and current protocols set:
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256
SSLHonorCipherOrder on
SSLCompression offThen it would be best if you reloaded the Apache server configuration for the new settings to take effect.
Note that this action limits the eligible default cipher suites and protocol versions to recent Transport Layer Security versions, which might lead users with older browsers to lose access.
Nginx
For Nginx, update the configuration file which is usually located at /etc/nginx/nginx.conf, /etc/nginx/sited-enabled/yoursite.com (Ubuntu / Debian) or /etc/nginx/conf.d/nginx.conf (RHEL / CentOS).
Add the following directive to the server section:
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA38';
ssl_prefer_server_ciphers on;Then it would help if you restarted the Nginx server.
Note that this limits the cipher suites and protocol version to recent Transport Layer Security versions. Users with older browsers may lose access.
Ensuring Your All-Round Cyber Protection with Crashtest Security
Keeping all your systems under control is no easy feat — and a secure TLS configuration is just one among many other cybersecurity topics you need to keep tabs on.
Crashtest Security’s SSL/TLS Vulnerability Scanner is here to help you in that process. With its help, you can easily make a security assessment and stay protected against the growing number of cyber risks — whether it’s about issues with the Transport Layer Security protocol configuration or any other digital security risk.
