Hi,
We've had a security/compliance auditor request that we prove that we've completely disabled TLS 1.0 and 1.1 for client VPN connections. I believe we've done so, as we've gone through all the available configuration options and connections indicate that TLS 1.2 is being used for the session (and a TLS 1.2-only cipher suite is in use), however, the log outputs the following info:
"Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384"
The auditor was asking, and I could not provide a good answer for, why what seems to be a TLS 1.2 session had log information that reflected TLS1/SSL3.
My assumption is that this was merely an old construct of how the logs were generated and does not reflect that the session is somehow a TLSv1 or SSLv3 session, especially given that cipher suite.
Does anyone know for sure?
Question about TLS session information in logs
-
aKeller
- OpenVpn Newbie
- Posts: 1
- Joined: Tue Jul 24, 2018 8:11 pm
-
novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: Question about TLS session information in logs
This is from the OpenVPN core developers, I'm just relaying it for them to you.
When you see this:
> Control Channel: TLSv1.2
You can be assured that the connection is indeed using TLSv1.2, there is no doubt possible here.
I understand the confusion on this part though:
> cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384
This is reported by the OpenSSL library we use for the encryption and decryption. What this information means is that the cipher ECDHE-RSA-AES256-GCM-SHA384 is being used, and that the minimum SSL/TLS version for this cipher is TLSv1/SSLv3.
This is not really helpful information and it is confusing. On top of that, we also believe it is an old bug because reporting TLSv1/SSLv3 for this ciphersuite seems to be wrong. When we use a development build of OpenVPN with the OpenSSL 1.1 library (a newer version) we see it properly reported as:
> Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
So for this moment you can be assured that when you see this:
> Control Channel: TLSv1.2
...that it is really using TLSv1.2.
And in the future, the message will be more correct, when using an OpenVPN build with OpenSSL 1.1, which will eventually be released and become generally available.
When you see this:
> Control Channel: TLSv1.2
You can be assured that the connection is indeed using TLSv1.2, there is no doubt possible here.
I understand the confusion on this part though:
> cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384
This is reported by the OpenSSL library we use for the encryption and decryption. What this information means is that the cipher ECDHE-RSA-AES256-GCM-SHA384 is being used, and that the minimum SSL/TLS version for this cipher is TLSv1/SSLv3.
This is not really helpful information and it is confusing. On top of that, we also believe it is an old bug because reporting TLSv1/SSLv3 for this ciphersuite seems to be wrong. When we use a development build of OpenVPN with the OpenSSL 1.1 library (a newer version) we see it properly reported as:
> Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
So for this moment you can be assured that when you see this:
> Control Channel: TLSv1.2
...that it is really using TLSv1.2.
And in the future, the message will be more correct, when using an OpenVPN build with OpenSSL 1.1, which will eventually be released and become generally available.
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.