1. Sharath Gabbeta Principal Software Engineer PSC Kumar Navneet Principal Software Engineer PSC SSL/TLS configuration in OpenEdge

2. 2 Agenda  Challenges for Data in Transit followed by Lab 1  SSL/TLS communication followed by Lab 2  Digital certificates followed by Lab 3  SSL/TLS configuration followed by Lab 4  Client Authentication followed by Lab 5  Trouble shooting tips followed by 6

3. Challenges for Data in transit

4. 4 Bob, Alice, their friends and foes Message Stealer Je t’aime Copy of original Je t’aime Je te deteste The key (a.k.a symmetric key) can be stolen Alice doesn’t know if she’s talking to Bob or an imposter AES, RC4 are some examples of such keys Use smaller key – faster encryption/decryption

5. 5 Crypto Nerds advice Grrr.. Je t’aime Public padlock and private key Alice’s public padlock symmetric Key Asymmetric key a.k.a PKI (RSA, DH w/RSA, ECDHE) Bigger key size – slower encryption/decryption

6. 6 I've discovered a way to get computer scientists to listen to any boring story. Courtesy: https://xkcd.com/1323/

7. Reference slides

8. 8 Jokes apart… Data in transit needs to be secured Challenges  Confidentiality  Message Integrity  End Point authentication & Non- repudiation Solution  Encryption & Decryption  Hashing  Digital Certificate & Certificate authority

9. 9 Encryption/Decryption and Hashing Symmetric Key  One key to encrypt  Same key to decrypt  Smaller key size  Faster  Compromise of key breaks message integrity  Used for encryption/decryption after SSL Handshake  E.g.: AES, RC4 Asymmetric Key a.k.a PKI  One key to encrypt (public padlock)  Another mathematically related key to decrypt (private key)  Bigger size keys  Slower  Private key never gets transported. Thus safe.  Forward secrecy accounts for protection even after private key compromise  Used to transport symmetric key during SSL Handshake  E.g. : RSA, DH w/RSA, ECDHE Hashing  Produces one way hash. Can’t recover original text from hash  Used as message authentication code (MAC) for data integrity  E.g.: MD5, SHA

10. LAB 1: Is your Private conversation PRIVATE?

11. SSL/TLS communication

12. 12 SSL/TLS – A brief history lesson SSL 1.0 (Never released) SSL 2.0 (1995) Security Flaws SSL 3.0 (1996) Obsolete TLS 1.0 (1999) (slight upgrade of SSL 3.0) TLS 1.1 (2006) TLS 1.2 (2008) TLS 1.3 (currently in draft) Secure Socket Layer (SSL) – Originated in Netscape Web browser Transport Layer Security(TLS) – Standardized by IETF

13. 13 SSL Handshake (Client) (Server) Non Secure Transport connection 1. Client Hello – Alice sends supported SSL version, ciphers suites etc. 2. Server Hello – Bob sends compatible SSL protocol & cipher, & his (server) certificate containing its public key (NOT private!) 4. Key Exchange - Alice creates a pre-master secret for the session, encrypts it with Bob’s public key & send the encrypted pre-master secret to Bob 6. SSL Session Established Messages encrypted with shared secret key are exchanged between client & server. 3. Client Validation: Client checks crypto parameters & validates server public key (checking signature from trusted CA from its certificate store), and successfully authenticates server. OE client uses DLC/certs as certificate store. 5. Session Key Exchange Server generate session keys* from pre-master secret. 5. Session Key Exchange Client generate session keys* from pre-master secret.

14. LAB 2: Demonstrate SSL Handshake

15. Digital Certificates

16. 16 Is Alice talking to Bob or an imposter? CA Trust Public key = any one can encrypt data with this Peer can’t be trusted Request to vouch identity Background check and issue an ID Bob’s public cert Private key = Only this can decrypt data encrypted by public key

17. 17  Issued by a Certificate Authority  Clients must be able validate server certificate using chain of trust  ROOT CA certificates are self signed  Self signed end user certificates are EVIL! Digital Certificate – your ID on a network My server’s certificateIntermediate CA 1’s certificate Intermediate CA 2’s certificate ROOT certificate Issued by intermediate CA 1 Issued by intermediate CA 2 Issued by ROOT CA Issued by ROOT CA to ROOT CA (self signed)

18. 18 Obtaining Digital Server certificate Generate public and private key pair PKIUTIL –newreq Creates pk1 & pk10 in DLC/keys/request pk1 = private key.pk10 = public key + user identity in PKCS10 format Get a CA signed digital certificate CA Signs.pk10 (Certificate Sign Request ) with its private key Generates a digital certificate Combine private key with digital signature to get server certificate Use PKIUTIL –import to combine.pk1 and.cer into alias.pem OE Servers need to be configured with alias.pem Import the CA’s digital certificate in the client’s cert store. For OE clients use CERTUTIL – import The CA’s public certificate goes as.0 in $DLC/certs (Client) (Server) CA Admin

19. LAB 3: Creating Digital Certificate

20. SSL/TLS Configuration

21. 21  SSL Protocol SSLv3, TLSv1, TLSv1.0, TLSv1.2  SSL Cipher Suites collection of symmetric & asymmetric encryption algorithms used to establish a secure communication. cipher suites are classified based on encryption algorithm strength, key length, key exchange and authentication mechanisms  Install CA signed Server Certificate on Server  Import ROOT CA’s certificate in Client’s cert store  Optionally - Logging Configure What?

22. 22  There are more than 200 known cipher suites  Format : Protocol_Kx_[Au]_WITH_Enc_[Bits]_Mac  Kx = Key Exchange Algo. E.g. RSA & Diffie-Hellman (DH/DHE), Kerberos (KRB5), Pre- Shared Key (PSK) etc  Au = Authentication algorithm. RSA is commonly used for key authentication.  Enc = Symmetric encryption algorithm (e.g. DES, 3DES, AES, RC4, etc.)  Bits = Effective symmetric encryption key size in bits. Export for export outside US are limited to 40-56 bits.  MAC = Hashing algorithm used for TLS/SSL data packets integrity and authentication checks. (Common hashing algorithms are SHA, MD5) Understanding Cipher Suites

23. 23 Cipher-idNameProtocolKey Exchange (Kx) Authentication (Au) Encryption (Enc) BitsMac 0x000000TLS_NULL_WITH_NULL _NULL TLSNULL 0x00001ATLS_DH_Anon_WITH_DE S_CBC _SHA TLSDHAnonDES_CBC56SHA 0x000067TLS_DHE_RSA_WITH_A ES_128 _CBC_SHA256 TLSDHERSAAES_128_CBC128SHA256 Anon = Anonymous cipher w/ no key authentication. Vulnerable to MITMA Null = cipher suites don’t provide data encryption and/or data integrity. Export = Intentionally crippled cipher suite to conform to US export laws (quite strict before 2000 AD). Understanding Cipher Suites - Examples

24. 24 OpenEdge Uses different SSL Vendors OpenEdge ABL applications (GUI,Char,AppServe r,WebSpeed) OpenEdge ABL applications (GUI,WebClient) Java Open Clients OpenEdge ABL applications (GUI,WebClient ) Web browser clients AppServer (Broker) OpenEdge RDBMS (SQL or ABL database server) OpenEdge Generic JMS Adapter JDBC Internet HTTPS Sonic MQ WS MQ Active MQ OpenEdge Adapter for Sonic ESB Sonic ESB (SSL Server) AppServer Internet Adapter (AIA) Web Service Adapter (WSA) WebSpeed Messenger OpenEdgeR EST Adapter WebServer (SSL Server) AppServer (Broker) OpenEdge Generic JMS Adapter MQ Broker WebSpeed (Broker) PAS for OpenEdge HTTP APSV(AIA) SOAP REST/Mobile Session Manager Dot Net Open Client Java Open Clients Dot Net Open Client OEM PDSOE Multi-Session Agent AppServer (Agent) WebSpeed (Agent) AppServer (Agent) ODBC

25. 25 Hence,  OpenEdge uses abbreviated names, not the vendor specific cipher names OE Cipher Suite NameDescription AES256-SHA256TLS_RSA_WITH_AES_128_CBC_SHA256 DHE-RSA-AES128-GCM-SHA256TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 AES128-GCM-SHA256TLS_RSA_WITH_AES_128_GCM_SHA256 DHE-RSA-AES128-SHA256TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 ADH-AES128-GCM-SHA256TLS_DH_anon_WITH_AES_128_GCM_SHA256 RC4-MD5SSL_RSA_WITH_RC4_128_MD5

26. Reference slides on default SSL protocol and ciphers *Refer OpenEdge documentation for complete list

27. 27 Default SSL protocols & ciphers for OE Clients OEDefault SSL protocols Supported protocols Default SSL ciphersSupported SSL ciphersMitigates 11.6.XTLSv1.21.TLSv1.2 2.TLSv.1.1 3.TLSv1 4.SSLv3 1.AES128-SHA256 2.AES128-GCM-SHA256 3.AES256-SHA256 4.DHE-RSA-AES256-SHA256 5.DHE-RSA-AES128-GCM-SHA256 6.DHE-RSA-AES128-SHA256 1.AES128-SHA256, 2.AES128-GCM-SHA256 3.AES256-SHA256 4.DHE-RSA-AES256-SHA256 5.DHE-RSA-AES128-GCM-SHA256 6.DHE-RSA-AES128-SHA256 7.AES256-GCM-SHA384 8.DHE-RSA-AES256-GCM-SHA384 9.ADH-AES256-GCM-SHA384 10.AES128-SHA 11.RC4-SHA 12.RC4-MD5 11.5.1TLSv11.TLSv1 2.SSLv3 AES128-SHA1.AES128-SHA 2.RC4-SHA 3.RC4-MD5 4.DES-CBC3-SHA 5.DES-CBC-SHA 11.4.0 (Latest HF) 1.TLSv1 2.SSLv3 3.SSLv2 1.TLSv1 2.SSLv3 3.SSLv2 1.RC4-SHA 2.RC4-MD5 1.AES128-SHA 2.RC4-SHA 3.RC4-MD5 4.DES-CBC3-SHA 5.DES-CBC-SHA 11.3.3 (Latest HF) 102b08 (Latest HF) TLS POODLE SSL POODLE FREAK (no export ciphers) CRIME (No TLS compression) BREACH (No HTTP compression) RC4 attack BEAST SSL POODLE FREAK CRIME BREACH RC4 attack

28. 28 Default SSL protocols & ciphers for OpenEdge Servers OEDefault SSL protocols Supported protocols Default SSL ciphersSupported SSL ciphersMitigates 11.6.X TLSv1.21.TLSv1.2 2.TLSv1.1 3.TLSv1 4.SSLv3 1.AES128-SHA256 2.AES128-GCM-SHA256 3.AES256-SHA256 4.DHE-RSA-AES256-SHA256 5.DHE-RSA-AES128-GCM-SHA256 6.DHE-RSA-AES128-SHA256 1.AES128-SHA256 2.AES128-GCM-SHA256 3.AES256-SHA256 4.DHE-RSA-AES256-SHA256 5.DHE-RSA-AES128-GCM-SHA256 6.DHE-RSA-AES128-SHA256 7.AES256-GCM-SHA384 8.DHE-RSA-AES256-GCM-SHA384 9.ADH-AES256-GCM-SHA384 10.AES128-SHA 11.RC4-SHA 12.RC4-MD5 11.5.1 TLSv11.TLSv1 2.SSLv3 AES128-SHA1.AES128-SHA 2.RC4-SHA 3.RC4-MD5 11.4.0 (Latest HF) 1.TLSv1 2.SSLv3 3.SSLv2 1.TLSv1 2.SSLv3 3.SSLv2 1.RC4-SHA 2.RC4-MD5 1.AES128-SHA 2.RC4-SHA 3.RC4-MD5 11.3.3 (Latest HF) 102b08 ( Latest HF ) TLS POODLE SSL POODLE FREAK (no export ciphers) CRIME (No TLS compression) BREACH (No HTTP compression) RC4 attack BEAST SSL POODLE FREAK CRIME BREACH RC4 attack

29. LAB 4: Enabling & Configuring SSL

30. 30 Client Authentication (Client) (Server) Non Secure Transport connection 1. Client Hello – Alice sends supported SSL version, ciphers suites etc. 2. Server Hello – Bob sends compatible SSL protocol & cipher, & his (server) certificate containing its public key (NOT private!) 4. Key Exchange - Alice creates a pre-master secret for the session, encrypts it with Bob’s public key & send the encrypted pre-master secret to Bob 6. SSL Session Established Messages encrypted with shared secret key are exchanged between client & server. 3. Client Validation: Client checks crypto parameters & validates server public key (checking signature from trusted CA from its certificate store), and successfully authenticates server. OE client uses DLC/certs as certificate store. 5. Session Key Exchange Server generate session keys* from pre-master secret. 5. Session Key Exchange Client generate session keys* from pre-master secret. Alice’s Client Certificate Server authenticates client

31. LAB 5: PASOE Round trip with Client Authentication

32. 32 Troubleshooting tips  Check ciphers and protocol settings Protocol and ciphers set using environment variable may be overridden by component specific parameters. Check if you use SSL protocol compatible cipher suite  Certificates Server certificate validity Cert store of client has root certificate imported. Intermediate certificates are either merged in.pem file or imported in client cert store Be wary of self signed certificates  sslc = openssl s_server and s_client  External tools sslyze

33. 33 Logging  Components using OpenSSL Stack (agents, database broker, ABL clients) Environment variable SSLSYS_DEBUG_LOGGING to 1 to 5 Creates cert.client.log and cert.server.log  Components using BSAFE-RSA & JSSE stack (AppServer Broker, PASOE, Adapters, OEE/OEM) -Djavax.net.debug=ssl

34. LAB 6: Troubleshoot

35. 35 Craving for more? You might want to attend…  Integrating & Troubleshooting SSL/TLS Connections with Various OpenEdge Clients and Servers - Arun Kumar Mohapatra, Mike Jacobs, Progress  When: Tuesday, June 28 th at 3:30 PM  Where: Salon A