The new Poodle vulnerability lead me to disable SSLv3 on my Ubuntu server. I have TLS/SSL enabled on three services: apache2, exim4, and dovecot2. Each service required a different method to disable SSLv3. While SSLv3 is mostly history, the techniques I used can be applied to other TLS versions.
Ubuntu uses configuration files split into small pieces. The method should apply to other distributions, although the configuration files may be arranged differently.
This was the simplest to disable. It only required a simple edit to /etc/apache2/mods-available/ssl.conf. It simply needs the addition of -SSLv3 to the existing SSLProtocol option.
SSLProtocol all -SSLv3
If the version in /etc/apache2/mods-enabled is not a symlink to this file you will have to edit /etc/apache2/mods-enabled/ssl.conf or convert it to a symlink. Check the configuration to ensure you haven’t overridden it in another file.
This took a little trying. The configuration file has two options that control the relevant SSL behavior. The old ssl_cipher_list option still works, but I found it disabled TLS versions before TLS1.2. The newer ssl_protocols option worked. It appears that they default to the “all” option that is specified for apache2.
I keep editing local copies of the files so that distribution updates don’t break my configuration. The ssl.conf file is located in /etc/dovecot/conf.d. I copied this as ssl-local.conf and edited the copy. I specified the ssl_protocols option with both SSLv3 and SSLv2 disabled. This is a space-separated list.
ssl_protocols = !SSLv3 !SSLv2
The Ubuntu implementation uses GnuTLS rather than OpenSSL. The configuration options required are different than those for OpenSSL. The tls_require_ciphers option controls TLS/SSL. I configure this in the main section ahead of the rest of the configuration.
I use a split configuration with the main section broken out into the /etc/exim/conf.d/main directory. My local options are specified in 00_local_config. If you use a single configuration file add the line before the first begin statement. Disabling SSLv3 was done by adding a new line.
tls_require_ciphers = SECURE128:-VERS-SSL3.0
If you use OpenSSL, this statement may work but may only enable TLS1.2.
tls_require_ciphers = ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-SSLv3:-EXP
I used the OpenSSL s_connect utility to run my tests. I tested using versions ssl3, tls1, tls1_1, and tls1_2. The ssl2 version is documented but no longer supported. The simplest tests were for the protocols HTTPS, SSMTP, and IMAPS. (I have SSMTP enabled for testing.) The “-quiet” option shortens the output as failures are obvious. I used commands in the form.
echo | openssl s_client -quiet -connect : -<tls_flavor>
This results in commands like:
echo | openssl s_client -quiet \ -connect localhost:https -ssl3
To test “-starttls” connections (not applicable to HTTP), use commands in this form. I tested both SMTP and IMAP.
echo | openssl s_client -quiet -connect : -starttls
This results in commands like:
echo | openssl s_client -quiet \ -connect localhost:smtp -starttls smtp -ssl3
This test method should be applicable to all SSL/TLS connections. The “-starttls” option is documented to work with SMTP, POP3, IMAP, FTP, and XMPP.
I redirected an empty echo command to the command to cause the connection to close immediately. For SMTP, I used echo quit to close the connection cleanly.