Why does Chrome complain about "obsolete cryptography"?

https ssl ssl-certificate windows-server-2008-r2 iis

Solution 1:

It's not SHA causing the problem, it's TLS 1.0.

The SSL Labs report for your domain gives the full story. Your server only supports TLS 1.0, not 1.1 or 1.2. In addition, it still supports obsolete ciphers like RC4, and doesnt support perfect forward secrecy.

Tuning IIS to get better security is quite possible, but a pain to do by hand. This wonderful script, written by Alexander Hass, will set a variety of registry settings to disable old insecure encryption methods for IIS7.5 and IIS8.

After running the script, reboot the server, and you should get an A rating on SSLLabs, and stop getting the warnings in chrome.

Solution 2:

I'm testing this on a fresh 2012 R2 server, when applying the Alexander Hass script (AH-Script), I still get the obsolete cryptography:

Chrome obsolete cryptography

My Chrome 43 supports the following Cipher suites:

[C02B]  TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
[C02F]  TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[009E]  TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
[CC14]  TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
[CC13]  TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
[CC15]  TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
[C00A]  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
[C014]  TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA
[0039]  TLS_DHE_RSA_WITH_AES_256_SHA
[C009]  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
[C013]  TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA
[0033]  TLS_DHE_RSA_WITH_AES_128_SHA
[009C]  TLS_RSA_WITH_AES_128_GCM_SHA256
[0035]  TLS_RSA_AES_256_SHA
[002F]  TLS_RSA_AES_128_SHA
[000A]  SSL_RSA_WITH_3DES_EDE_SHA
[00FF]  TLS_EMPTY_RENEGOTIATION_INFO_SCSV

so the one used is: [C013], quite far down. It seems Chrome prefers SHA256 and GCM over CBC.

I took the AH-Script and added [009E] (3rd from the top) to the cipher suite list, after rebooting I'm now getting:

Chrome Modern cryptography

I tried to get the top two [C08B] and [C02F] to work, but couldn't.

So by fixing the script and running it I got a modern cryptography.

I removed one of the existing ciphers because the length of that string is limited, the beginning of my string now looks like this:

$cipherSuitesOrder = @(
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P521',
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384',
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256',
'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256',
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384',
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256',

Edit: I just tested this on sslLabs.com and using TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 gives me a B, down from an A I had before.

This server supports weak Diffie-Hellman (DH) key exchange parameters. Grade capped to B.

So you may not want to use it. Why Chrome rates it so high, I don't know?

Related

Is it possible combine remote results to local a register in Ansible?
How to reset glusterd configuration?
Is "Peering" in networking, always exchanged directly?
NTP: How to establish redundant solution for NTP servers?
During a cutover migration from Exchange 2010 to 365, how to handle desktop clients?
Store GPO Scripts in Netlogon or Policy Folder?
Powershell: Executing Base64 commands returns error?
virsh command that displays the cpu and memory consumption?
Load average 3.00 on mostly idle server
How to export private key? (GnuPG) [closed]
Does it make sense to only log 64 bit of IPv6 addresses for abuse purposes?
rsync output file sizes in human-readable format