Operational Defect Database
BugZero updated this defect 48 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
VMware | 86426
Disabling static ciphers for TLS in the vCenter Server appliance
Last update date:
4/10/2024
Affected products:
vCenter Server
Affected releases:
7.0
Fixed releases:
No fixed releases provided.
Description:
Symptoms
A security scan reports "static TLS ciphers" or "non-ephemeral TLS ciphers" as an area of concern.This includes, but not limited to, ciphers such as TLS_RSA_WITH_AES_128_CBC_SHA or TLS_RSA_WITH_AES_128_GCM_SHA256.3rd party security scans or audits request that VMware Administrators disable specific ciphers that are deemed "weak" and "not secure", often having deadlines to complete this request.
Cause
This issue occurs as the TLS protocol uses an RSA key within the TLS handshake to affirm identity, and with a "static TLS cipher" the same RSA key is used to encrypt a premaster secret used for further encrypted communication. If the RSA private key were compromised, all previous communication could be decrypted. Newer TLS ciphers use Diffie-Hellman with ephemeral keys (DHE, ECDHE) to negotiate a one-time key so that previous communication cannot be decrypted in the event of key compromise. vSphere products have supported ephemeral key exchange since at least version 6.0.
Resolution
To resolve this issue, disable weak cipher algorithms.Note: VMware presently does not consider static TLS ciphers as insecure, in alignment with current industry standards. Additionally, many older (legacy) software products in the enterprise Datacenter (For example, Java7) lack support for ephemeral key exchange and interoperability with such products would break if static TLS ciphers were to be disabled. As such, VMware does not recommend disabling static TLS ciphers.However, VMware will support users who wish to configure a different set of TLS ciphers to comply with their own security policies. It is recommended that backups are taken prior to disabling any ciphers as VMware cannot guarantee full interoperability across all products that interact with vCenter Server after disablement. Prior to performing the below instructions, it is important backups have been taken for the vCenter Server appliance. At minimum, ensure you have a backup of the following file to restore to - /etc/vmware-rhttpproxy/config.xmlCiphers to enable/disable are located in the following file: /etc/vmware-rhttpproxy/config.xmlThe 'cipherList' tag is not populated by default, and would need to insert the following tags <cipherList></cipherList> within the .xml as below:Example layout: <config> ... <vmacore> ... <ssl> ... <cipherList>list of cipher strings</cipherList> ... </ssl> ... </vmacore> ... </config>The ciphers are populated in one line, with the format defined as:<cipherList>{operator}{cipher string}:{operator}{cipher string}:{operator}{cipher string}</cipherList> Operator "!" used to disable a cipher ":" must separate each definition Note: There are additional operators, but for the purpose of this KB article you will be using strictly "!" or noneExample: <cipherList>!aNULL:ECDH+AES:!ECDHE-RSA-AES128-SHA256:!ECDHE-RSA-AES128-SHA:!ECDHE-RSA-AES256-SHA384:!ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-CHAC</cipherList>Use the "!" operator infront of any cipher you wish to disable. Once complete, save changes to /etc/vmware-rhttpproxy/config.xmlRestart rhttpproxy for the changes to apply: vmon-cli -r rhttpproxyValidating via OpenSSL========================Testing if the Cipher is enabled:Command: openssl s_client -cipher <cipher> -connect <vCenter_IP>:443Output to expect: New, TLSv1/SSLv3, Cipher is <cipher specificed in command above> Server public key is 2048 bit Secure Renegotiation IS supported.... Start Time: 1630678292 Timeout : 300 (sec) Verify return code: 0 (ok)If the cipher is disabled, the following output would likely show:CONNECTED(00000003)140521094973088:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177:---no peer certificate available---No client certificate CA names sent---SSL handshake has read 0 bytes and written 99 bytes---New, (NONE), Cipher is (NONE)Secure Renegotiation IS NOT supportedCompression: NONEExpansion: NONE
Related Information
An example of the ciphers to add to the configuration file can be referred to below:<cipherList>ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK</cipherList>
