QID-38863 | Weak SSL/TLS Key Exchange - can't find a way to specify strong TLS/SSL exchange key - ECC curves

[nsthakur7]

Description

Our vulnerability management tool - Qualys Scan reports a vulnerability > QID-38863 | Weak SSL/TLS Key Exchange. For the remediation, it suggests changing the SSL/TLS server configuration to only allow strong key exchanges.

Key exchanges used on the server should provide at least 112 bits of security, so the minimum key size to not flag this QID should be: 2048 bit key size for Diffie Hellman (DH) or RSA key exchanges 224 bit key size for Elliptic Curve Diffie Hellman (EDCH) key exchanges.

Issue

The problem is that the CouchDB config file (local.ini) only allows the specification of the cipher suites but does not have a config setting to specify ECC curves. We have specified strong TLS/SSL exchange keys at Windows Server Registry SChannel, but CouchDB doesn't load those ECC curves.

Here is the output of "SSLSCAN.exe 127.0.0.1:5984 (The weak TLS/SSL exchange keys are highlighted in RED)

Steps to Reproduce

The sslscan tool list the cipher and exchange key loaded by couchdb.

sslscan.exe --tls12 127.0.0.1:5984

Expected Behaviour

• Need a config setting in the [SSL] section, which allows to specify the Elliptic curve (ECC) keys to use. We want to specify strong key exchanges like secp224k1, secp224r1, secp256k1, secp256r1.
• We cannot upgrade to TLS1.3 due to infrastructure limitations at the moment.
• We want to disable the ECC curves highlighted in RED in the attached file
  

Kindly suggests how we can remediate this security vulnerability.

Your Environment

UAT environment

https://localhost:5984

• CouchDB version used: 3.2.2
• Browser name and version: Edge and Version 128.0.2739.54 (Official Build) (64-bit)
• Operating system and version: Microsoft Windows Server 2016 Datacenter

Additional Context

[rnewson]

This will need a code enhancement. In the meantime consider using haproxy for the TLS instead.

Also make sure you've added;

[ssl]
tls_versions = ['tlvs1.2']

to your local.ini, or you might find tls 1.0 and 1.1 are also available (depending on erlang version)

[big-r81]

Linking a discussion with the same question: #5207

[nsthakur7]

Thank you, Robert for such a quick turnaround. Appreciate it.

Yes, we have configured the ini file to use TLS1. 2.

As I mentioned, we are using Windows Server 2016 Data Center, setting up HAProxy will require extra efforts.

Instead, thinking of using IIS to act as proxy for https request.

It is possible for you to share the steps involved to configure couchdb and IIS in a proxy setup, such each incoming https request goes through IIS first and then to couchdb?

[rnewson]

Hi, sorry, I don't use Windows and have never used IIS. Our general guide on a reverse proxy in front covers a few options, perhaps that might include the hints you need: https://docs.couchdb.org/en/stable/best-practices/reverse-proxies.html

[nsthakur7]

Thank you, Robert for actioning the fix so quickly. Any clue, when this fix will be released and which version(s) of couchDB have this fix?

[rnewson]

It could be a while tbh, we're just about to release 3.4.0 which is a bigger release (and has taken an age...). so it'll be after than (3.4.1 seems likely). You can obviously build a custom thing, checkout 3.3.3 and cherry-pick this single commit. the package building scripts are also OSS. Probably easier to wait though