7.6 Ensure Insecure SSL Renegotiation Is Not Enabled

Information

A man-in-the-middle renegotiation attack was discovered in SSLv3 and TLSv1 in Nov 2009 [CVE-2009-3555](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2009-3555). [http://www.phonefactor.com/sslgap/ssl-tls-authentication-patches](http://www.phonefactor.com/sslgap/ssl-tls-authentication-patches) A fix was approved as an Internet Standard as RFC 574, Feb 2010. The workaround which removes the renegotiation is available from OpenSSL as of version 0.9.8l and newer versions. For details: [http://www.openssl.org/news/secadv_20091111.txt](http://www.openssl.org/news/secadv_20091111.txt)
The 'SSLInsecureRenegotiation' directive was added in Apache 2.2.15 for web servers linked with OpenSSL version 0.9.8m or later, to allow the insecure renegotiation to provide backward compatibility to clients with the older unpatched SSL implementations. While providing backward compatibility, enabling the 'SSLInsecureRenegotiation' directive also leaves the server vulnerable to man-in-the-middle renegotiation attack CVE-2009-3555. Therefore, the 'SSLInsecureRenegotiation' directive should not be enabled.

Rationale:

The seriousness and ramification of this attack warrants that servers and clients be upgraded to support the improved SSL/TLS protocols. Therefore, the recommendation is to not enable the insecure renegotiation.

Solution

Perform the following to implement the recommended state:

Search the Apache configuration files for the 'SSLInsecureRenegotiation' directive. If the directive is present, modify the value to be off. If the directive is not present, no action is required.

SSLInsecureRenegotiation off

See Also

https://workbench.cisecurity.org/files/2378

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-8, CSCv6|14.2, CSCv7|14.4

Plugin: Unix

Control ID: 5d063b4c724927868663f5d49cefcd95793d8a97e16cb4772d915674850c6408