我有一个Java webapp(ignite realtime xmpp服务器(,它使用LDAP来验证和授权用户。
最近,LDAP服务器将其密码套件升级为更安全的密码。我无法让我的应用程序与此 LDAP 服务器通信,直到我降级了/jre/lib/security/java.security 文件中允许的最小 keySize,例如
#jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 2048
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024
我添加了 JCE 8 来更新应用程序使用的 jre 中的密码,出现了新的密码(我使用了这个程序并比较了前后(
我在 Web 应用程序的管理控制台中启用了密码 - 特别是:
> * TLS_DHE_RSA_WITH_AES_256_CBC_SHA
> * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
> * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
我使用这个程序来查看LDAP服务器使用的密码:
结果如下:
Testing server - upgraded endpoint
Given this client's capabilities ([SSLv3, TLSv1, TLSv1.1, TLSv1.2]), the server prefers protocol=TLSv1.2, cipher=TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Testing server - non-upgraded endpoint
Given this client's capabilities ([SSLv3, TLSv1, TLSv1.1, TLSv1.2]), the server prefers protocol=TLSv1.2, cipher=TLS_RSA_WITH_AES_128_CBC_SHA
该应用程序可以使用以下 java.security 设置与旧的 LDAP(以及集群中未升级的端点(通信:
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 2048
当终结点升级时(它被放在 F5 负载均衡器后面(,我无法让应用程序连接,直到降级最小 keySize。LDAP(新端点与旧端点(的证书链未更改。
openssl s_client -connect newLDAP:636
显示一个 2048 公钥,就像它对 oldLDAP 所做的那样,唯一的区别是更强的密码 - 也许是 TLS 版本 1 与 1.2,具体取决于我尝试 openssl s_client的机器上的 openssl 版本。
该应用程序的 xmpp Web 应用程序 :5223 和管理控制台 :9091 也使用 SSL,并且每个应用程序也有 2048 位公钥。
应用日志文件中的错误是:
"DHPublicKey does not comply to algorithm constraints"
我相信上面提到的约束引用了jdk.tls.disabledAlgorithmsjava.security文件属性。
我很困惑为什么显然更安全的密码现在需要更小的最小密钥大小才能使应用程序和 LDAP 连接正常工作。
我一定错过了什么或做错了什么。
以下是应用日志中的一些堆栈跟踪:
2017.07.25 18:54:32 WARN [Jetty-QTP-AdminConsole-98]: org.jivesoftware.admin.LoginLimitManager - Failed admin console login attempt by <myuserid> from <myIP>
2017.07.25 18:54:33 INFO [Server SR - 881162561]: org.jivesoftware.openfire.net.SocketReadingMode - STARTTLS negotiation (with: org.jivesoftware.openfire.net.SocketConnection@1248cf94 socket: Socket[addr=/78.46.93.108,port=57984,localport=5269] session: org.jivesoftware.openfire.session.LocalIncomingServerSession@2843cab status: 1 address: <xyz>.com/5c3gn5yu6p id: 5c3gn5yu6p) failed.
javax.net.ssl.SSLHandshakeException: DHPublicKey does not comply to algorithm constraints
at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1431)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:535)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:813)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at org.jivesoftware.openfire.net.TLSStreamHandler.doHandshake(TLSStreamHandler.jav a:241)
at org.jivesoftware.openfire.net.TLSStreamHandler.start(TLSStreamHandler.java:178)
at org.jivesoftware.openfire.net.SocketConnection.startTLS(SocketConnection.java:1 95)
at org.jivesoftware.openfire.net.SocketReadingMode.negotiateTLS(SocketReadingMode. java:87)
at org.jivesoftware.openfire.net.BlockingReadingMode.readStream(BlockingReadingMod e.java:138)
at org.jivesoftware.openfire.net.BlockingReadingMode.run(BlockingReadingMode.java: 76)
at org.jivesoftware.openfire.net.SocketReader.run(SocketReader.java:145)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLHandshakeException: DHPublicKey does not comply to algorithm constraints
at sun.security.ssl.DHCrypt.checkConstraints(DHCrypt.java:237)
at sun.security.ssl.ServerHandshaker.clientKeyExchange(ServerHandshaker.java:1599)
at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:269)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:919)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:916)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1369)
at org.jivesoftware.openfire.net.TLSStreamHandler.doTasks(TLSStreamHandler.java:34 4)
at org.jivesoftware.openfire.net.TLSStreamHandler.doHandshake(TLSStreamHandler.jav a:254)
... 7 more
2017.07.25 18:54:36 INFO [Server SR - 1692736043]: org.jivesoftware.openfire.net.SocketReadingMode - STARTTLS negotiation (with: org.jivesoftware.openfire.net.SocketConnection@7b80ac6e socket: Socket[addr=/136.243.42.223,port=47704,localport=5269] session: org.jivesoftware.openfire.session.LocalIncomingServerSession@330ab9e3 status: 1 address: <xyz>.com/5rljrbkums id: 5rljrbkums) failed.
javax.net.ssl.SSLHandshakeException: DHPublicKey does not comply to algorithm constraints
at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1431)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:535)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:813)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at org.jivesoftware.openfire.net.TLSStreamHandler.doHandshake(TLSStreamHandler.jav a:241)
at org.jivesoftware.openfire.net.TLSStreamHandler.start(TLSStreamHandler.java:178)
at org.jivesoftware.openfire.net.SocketConnection.startTLS(SocketConnection.java:1 95)
at org.jivesoftware.openfire.net.SocketReadingMode.negotiateTLS(SocketReadingMode. java:87)
at org.jivesoftware.openfire.net.BlockingReadingMode.readStream(BlockingReadingMod e.java:138)
at org.jivesoftware.openfire.net.BlockingReadingMode.run(BlockingReadingMode.java: 76)
at org.jivesoftware.openfire.net.SocketReader.run(SocketReader.java:145)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLHandshakeException: DHPublicKey does not comply to algorithm constraints
at sun.security.ssl.DHCrypt.checkConstraints(DHCrypt.java:237)
at sun.security.ssl.ServerHandshaker.clientKeyExchange(ServerHandshaker.java:1599)
at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:269)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:919)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:916)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1369)
at org.jivesoftware.openfire.net.TLSStreamHandler.doTasks(TLSStreamHandler.java:34 4)
at org.jivesoftware.openfire.net.TLSStreamHandler.doHandshake(TLSStreamHandler.jav a:254)
... 7 more
2017.07.25 19:03:00 ERROR [Jetty-QTP-AdminConsole-56]: org.jivesoftware.openfire.ldap.LdapAuthProvider - Error connecting to LDAP server
javax.naming.CommunicationException: <myLDAP>:636 [Root exception is javax.net.ssl.SSLHandshakeException: DHPublicKey does not comply to algorithm constraints]
at com.sun.jndi.ldap.Connection.<init>(Connection.java:226)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137)
at com.sun.jndi.ldap.LdapClientFactory.createPooledConnection(LdapClientFactory.ja va:64)
at com.sun.jndi.ldap.pool.Connections.<init>(Connections.java:115)
at com.sun.jndi.ldap.pool.Pool.getPooledConnection(Pool.java:132)
at com.sun.jndi.ldap.LdapPoolManager.getLdapClient(LdapPoolManager.java:329)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1606)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2746)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
at javax.naming.InitialContext.init(InitialContext.java:244)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
at org.jivesoftware.util.JiveInitialLdapContext.<init>(JiveInitialLdapContext.java :43)
at org.jivesoftware.openfire.ldap.LdapManager.getContext(LdapManager.java:568)
at org.jivesoftware.openfire.ldap.LdapManager.findUserDN(LdapManager.java:975)
at org.jivesoftware.openfire.ldap.LdapManager.findUserDN(LdapManager.java:928)
at org.jivesoftware.openfire.ldap.LdapAuthProvider.authenticate(LdapAuthProvider.j ava:126)
at org.jivesoftware.openfire.auth.AuthFactory.authenticate(AuthFactory.java:217)
at org.jivesoftware.openfire.admin.login_jsp._jspService(login_jsp.java:175)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1669)
at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:39)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1652)
at org.jivesoftware.util.LocaleFilter.doFilter(LocaleFilter.java:76)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1652)
at org.jivesoftware.util.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingF ilter.java:53)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1652)
at org.jivesoftware.admin.PluginFilter.doFilter(PluginFilter.java:80)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1652)
at org.jivesoftware.admin.AuthCheckFilter.doFilter(AuthCheckFilter.java:162)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1652)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:22 3)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:11 27)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185 )
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:106 1)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandler Collection.java:215)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.jav a:110)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
at org.eclipse.jetty.server.Server.handle(Server.java:499)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)
at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635 )
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLHandshakeException: DHPublicKey does not comply to algorithm constraints
at sun.security.ssl.DHCrypt.checkConstraints(DHCrypt.java:237)
at sun.security.ssl.ClientHandshaker.serverKeyExchange(ClientHandshaker.java:712)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:268)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:376)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:203)
... 56 more
感谢您的任何见解, 短信
为了跟进我自己的问题,我很确定我确认这是詹姆斯 K 波尔克最初建议的新 LDAP 系统上的短暂密钥交换问题!他对SSLyze的建议也非常有帮助。
我在新的和旧的LDAP系统上运行了以下命令,我认为这表明新系统最多只支持1024位密钥交换,而旧系统甚至可能不进行密钥交换,这可能就是为什么JRE的java.security文件中更强的DH keySize设置起作用的原因(例如,它没有被使用(。
python -m sslyze --tlsv1_2 --starttls=auto myLDAP:636
AVAILABLE PLUGINS
-----------------
OpenSslCipherSuitesPlugin
HeartbleedPlugin
OpenSslCcsInjectionPlugin
CertificateInfoPlugin
SessionResumptionPlugin
CompressionPlugin
SessionRenegotiationPlugin
FallbackScsvPlugin
HttpHeadersPlugin
CHECKING HOST(S) AVAILABILITY
-----------------------------
myLDAP:636 => 0.1.2.3
SCAN RESULTS FOR myLDAP:636 - 0.1.2.3
-------------------------------------------------
* TLSV1_2 Cipher Suites:
Preferred:
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 DH-1024 bits 256 bits
Accepted:
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH-384 bits 256 bits
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ECDH-384 bits 256 bits
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDH-384 bits 256 bits
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 DH-1024 bits 256 bits
TLS_DHE_RSA_WITH_AES_256_CBC_SHA DH-1024 bits 256 bits
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 DH-1024 bits 256 bits
TLS_RSA_WITH_AES_256_GCM_SHA384 - 256 bits
TLS_RSA_WITH_AES_256_CBC_SHA - 256 bits
TLS_RSA_WITH_AES_256_CBC_SHA256 - 256 bits
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDH-384 bits 128 bits
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH-384 bits 128 bits
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ECDH-384 bits 128 bits
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 DH-1024 bits 128 bits
TLS_DHE_RSA_WITH_AES_128_CBC_SHA DH-1024 bits 128 bits
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 DH-1024 bits 128 bits
TLS_RSA_WITH_AES_128_CBC_SHA256 - 128 bits
TLS_RSA_WITH_AES_128_GCM_SHA256 - 128 bits
TLS_RSA_WITH_AES_128_CBC_SHA - 128 bits
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA ECDH-384 bits 112 bits
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA DH-1024 bits 112 bits
TLS_RSA_WITH_3DES_EDE_CBC_SHA - 112 bits
Rejected:
<snipped>
SCAN COMPLETED IN 0.16 S
------------------------
python -m sslyze --tlsv1_2 --starttls=auto oldLDAP:636
AVAILABLE PLUGINS
-----------------
CompressionPlugin
OpenSslCipherSuitesPlugin
CertificateInfoPlugin
FallbackScsvPlugin
OpenSslCcsInjectionPlugin
SessionResumptionPlugin
SessionRenegotiationPlugin
HttpHeadersPlugin
HeartbleedPlugin
CHECKING HOST(S) AVAILABILITY
-----------------------------
oldLDAP:636 => 4.5.6.7
SCAN RESULTS FOR oldLDAP:636 - 4.5.6.7
-------------------------------------------------------------
* TLSV1_2 Cipher Suites:
Preferred:
TLS_RSA_WITH_RC4_128_SHA - 128 bits
Accepted:
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDH-256 bits 256 bits
TLS_RSA_WITH_AES_256_CBC_SHA - 256 bits
TLS_RSA_WITH_AES_256_CBC_SHA256 - 256 bits
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ECDH-256 bits 128 bits
TLS_RSA_WITH_AES_128_CBC_SHA256 - 128 bits
TLS_RSA_WITH_AES_128_CBC_SHA - 128 bits
TLS_RSA_WITH_RC4_128_SHA - 128 bits
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA ECDH-256 bits 112 bits
TLS_RSA_WITH_3DES_EDE_CBC_SHA - 112 bits
Rejected:
<snipped>
SCAN COMPLETED IN 0.34 S
------------------------