This topic includes the following sections:
Supported Cipher Suites
SSL proxy acts as an intermediary, performing SSL encryption and decryption
between the client and the server, but neither the server nor the client can
detect its presence. SSL relies on digital certificates and private-public key
exchange pairs for client and server authentication to ensure secure
communication.
Lets get familiar with all the terms we are going to refer in this section.
Digital Certificate or CA Certificate —A digital
certificate is an electronic means for verifying your identity through a
trusted third party, known as a certificate authority (CA).
Alternatively, you can use a self-signed certificate to attest to your
identity. Each certificate contains a cryptographic key to encrypt
plaintext or decrypt cyphertext.
Certificate Contents—A digital certificate
associates a public key with the identity of an individual entity to
whom it is issuing the digital certificate. A digital certificate
includes the following identification attributes:
Identification and signature of the Certificate Authority that
issued the certificate.
Validity period
Serial number
Certificate issuer details
Information about the subject includes identifying information
(the distinguished name) and the public key.
Cipher Suite—A cipher suite is a set of
cryptographic algorithms. An SSL cipher comprises encryption ciphers, an
authentication method, and compression. On SRX Series Firewall, SSL
sessions use key exchange method by which cryptographic keys are
exchanged between the client and the servers using cryptographic
algorithm. The kind of key exchange algorithm and the cipher suites used
must be supported by both sides.
SSL sessions use the algorithms from a cipher suite to:
Table 1 provides the details of RSA keys supported on various SRX Series
Firewalls.
Table 1: Maximum Key Sizes Supported on SRX Series DevicesSRX Series Devices | Supported RSA Key Size |
|---|
SRX300, SRX320, SRX340, SRX345, SRX550, SRX1500, SRX4100,
SRX4200, SRX4600, SRX5400, SRX5600, SRX5800 | 512 bits, 1024 bits, 2048 bits, 4096 bits |
Starting with Junos OS Release 15.1X49-D30 and Junos OS Release 17.3R1,
server certificates of key size 4096 bits are supported. Prior to Junos
OS Release 15.1X49-D30, server certificates with key size greater than
2048 bits were not supported because of cryptography hardware
limitations.
Starting in Junos OS Release 18.1R1, SSL proxy support is available on
SRX300 and SRX320 devices. On SRX300 and SRX320 devices, server
certificates with key size 4096 bits are not supported.
ECDSA Cipher Suite Support for SSL Proxy
Starting in Junos OS Release 18.3R1, SRX Series Firewalls support ECDSA cipher
suites for SSL proxy. ECDSA is a version of the Digital Signature Algorithm
(DSA) and is based on Elliptic-curve cryptography (ECC).
To use ECDSA ciphers on your security device, you must ensure
to:
Include the certificates containing ECC-capable public keys on the
device. Support is available for the Elliptic Curve Cryptography (ECC)
certificate only with the Elliptic Prime Curve 256 bit (P-256).
Include the ECDSA certificate option for the root CA. You can include one
RSA certificate and one ECDSA certificate each. Having both ECC and RSA
certificate allows you to perform ECC-based key exchange or RSA-based
key exchange depending on the client and the server device’s
compatibility.
For reverse proxy, include the ECDSA certificate for the server
certificate. No restriction on the number of ECDSA or RSA certificate
inclusion.
A trusted CA certificate can either be an RSA-based certificate and an
ECDSA-based certificate. All features supported on an RSA-based
certificate such as certificate cache, certificate revocation list
(CRL), certificate chain are supported on an ECDSA certificate.
Elliptic Curve (EC) groups are used in SSL/TLS communication for key exchange
during the handshake process. These groups are part of the Elliptic Curve
Cryptography (ECC) which provides secure communication with smaller key size,
resulting in reduced storage and faster transmission and secure
communications.
Starting in Junos OS 23.4R1, SRX Series Firewalls support the following ECC curve
types in SSL initiation, SSL termination, and SSL proxy profiles.
Above EC groups are configured SSL initiation, SSL termination, and SSL proxy
profiles by default and priority order of these EC groups is - priority order of
P-256, P-384, and P-521.
Note that the server and client must both support the same EC group in order to
successfully establish a secure connection.
Configuring these EC groups in SSL proxy client and server communication ensures
compatibility and flexibility in establishing secure connections.
SSL Cipher List
Table 2 displays a list of supported ciphers. NULL ciphers are excluded.
Table 2: Supported SSL Cipher List| SSL Cipher | Key Exchange
Algorithm | Data
Encryption | Message
Integrity | Preferred Ciphers Category | Earliest Supported Release |
|---|
ECDHE-ECDSA-AES-256-GCM- SHA384 | ECDHE/DSA key exchange | 256-bit AES/GCM | SHA384 hash | Strong | Junos OS Release 18.3R1 |
ECDHE-ECDSA-AES-128-GCM-SHA256 | ECDHE/DSA key exchange | 128-bit AES/GCM | SHA256 hash | Strong | Junos OS Release 18.3R1 |
ECDHE-ECDSA-AES-256-CBC- SHA384 | ECDHE/DSA key exchange | 256-bit AES/CBC | SHA384 hash | Strong | Junos OS Release 18.3R1 |
ECDHE-ECDSA-AES-128-CBC-SHA256 | ECDHE/DSA key exchange | 128-bit AES/CBC | SHA256 hash | Strong | Junos OS Release 18.3R1 |
ECDHE-ECDSA-AES-256-CBC-SHA | ECDHE/DSA key exchange | 256-bit AES/CBC | SHA hash | Strong | Junos OS Release 18.3R1 |
ECDHE-ECDSA-AES-128-CBC-SHA | ECDHE/DSA key exchange | 128-bit AES/CBC | SHA hash | Strong | Junos OS Release 18.3R1 |
ECDHE-RSA-AES256-GCM-SHA384 | ECDHE/RSA key exchange | 256-bit AES/GCM | SHA384 hash | Strong | Junos OS Release 15.1X49-D10 |
ECDHE-RSA-AES256-CBC-SHA384 | ECDHE/RSA key exchange | 256-bit AES/CBC | SHA384 hash | Strong | Junos OS Release 15.1X49-D10 |
ECDHE-RSA-AES256-CBC-SHA | ECDHE/RSA key exchange | 256-bit AES/CBC | SHA hash | Strong | Junos OS Release 15.1X49-D10 |
ECDHE-RSA-AES128-GCM-SHA256 | ECDHE/RSA key exchange | 128-bit AES/GCM | SHA256 hash | Strong | Junos OS Release 15.1X49-D10 |
ECDHE-RSA-AES128-CBC-SHA256 | ECDHE/RSA key exchange | 128-bit AES/CBC | SHA256 hash | Strong | Junos OS Release 15.1X49-D10 |
ECDHE-RSA-AES128-CBC-SHA | ECDHE/RSA key exchange | 128-bit AES/CBC | SHA hash | Strong | Junos OS Release 15.1X49-D10 |
RSA-AES256-GCM-SHA384 | ECDHE/RSA key exchange | 256-bit AES/GCM | SHA384 hash | Strong | Junos OS Release 15.1X49-D10 |
RSA-AES256-CBC-SHA256 | ECDHE/RSA key exchange | 256-bit AES/CBC | SHA256 hash | Strong | Junos OS Release 15.1X49-D10 |
RSA-AES128-GCM-SHA256 | ECDHE/RSA key exchange | 128-bit AES/GCM | SHA256 hash | Strong | Junos OS Release 15.1X49-D10 |
RSA-AES128-CBC-SHA256 | ECDHE/RSA key exchange | 128-bit AES/CBC | SHA256 hash | Medium | Junos OS Release 15.1X49-D10 |
RSA-AES128-CBC-SHA | RSA key exchange | 128-bit AES/CBC | SHA hash | Weak | Junos OS Release 12.1 |
RSA-AES256-CBC-SHA | RSA key exchange | 256-bit AES/CBC | SHA hash | Weak | Junos OS Release 12.1 |
Starting in Junos OS Release 21.2R1, on SRX Series Firewalls, SSL proxy supports
TLS version 1.3 and it provides improved security and better performance. Table 3 displays a list of TLS 1.3 supported ciphers.
Table 3: TLS 1.3 Supported Cipher List| TLS Cipher | Key Exchange Algorithm | Data
Encryption | Message
Integrity | Earliest Supported Release |
|---|
TLS_AES_256_GCM_SHA384 | Any | 256-bit AES/GCM | SHA384 hash | Junos OS Release 21.2R1 |
TLS_AES_128_GCM_SHA256 | Any | 128-bit AES/GCM | SHA256 hash | Junos OS Release 21.2R1 |
TLS_CHACHA20_POLY1305_SHA256 | Any | 256-bit CHACHA20_POLY1305 | SHA256 hash | Junos OS Release 21.2R1 |
TLS_AES_128_CCM_SHA256 | Any | 128-bit AES/CCM | SHA256 hash | Junos OS Release 21.2R1 |
TLS_AES_128_CCM_8_SHA256 | Any | 128-bit AES/CCM | SHA256 hash | Junos OS Release 21.2R1 |
Starting in Junos OS Release 18.4R1, support for some ciphers in custom ciphers
are deprecated. Table 4 provides the list of the deprecated ciphers.
Table 4: List of Deprecated Ciphers| SSL Cipher | Key Exchange
Algorithm | Data
Encryption | Message
Integrity | Preferred Ciphers Category | Earliest Supported Release |
|---|
ECDHE-ECDSA-3DES-EDE-CBC-SHA | ECDHE/DSA key exchange | 3DES EDE/CBC | SHA hash | Strong | Junos OS Release 18.3R1 |
ECDHE-RSA-DES-CBC3-SHA | ECDHE/RSA key exchange | DES CBC | SHA hash | Medium | Junos OS Release 15.1X49-D10 |
RSA-RC4-128-MD5 | RSA key exchange | 128-bit RC4 | Message Digest 5 (MD5) hash | Medium | Junos OS Release 12.1 |
RSA-RC4-128-SHA | RSA key exchange | 128-bit RC4 | Secure Hash Algorithm (SHA) hash | Medium | Junos OS Release 12.1 |
RSA-EXPORT-1024-RC4-56-MD5 | RSA 1024 bit export | 56-bit RC4 | MD5 hash | Weak | Junos OS Release 12.1 |
RSA-EXPORT-1024-RC4-56-SHA | RSA 1024 bit export | 56-bit RC4 | SHA hash | Weak | Junos OS Release 12.1 |
RSA-EXPORT-RC4-40-MD5 | RSA-export | 40-bit RC4 | MD5 hash | Weak | Junos OS Release 12.1 |
RSA-EXPORT-DES40-CBC-SHA | RSA-export | 40-bit DES/CBC | SHA hash | Weak | Junos OS Release 12.1 |
RSA-EXPORT-1024-DES-CBC-SHA | RSA 1024 bit export | DES/CBC | SHA hash | Weak | Junos OS Release 12.1 |
RSA-3DES-EDE-CBC-SHA | RSA key exchange | 3DES EDE/CBC | SHA hash | Weak | Junos OS Release 12.1 |
RSA-DES-CBC-SHA | RSA key exchange | DES CBC | SHA hash | Weak | Junos OS Release 12.1 |
Note the following:
Supported SSL ciphers for HTTPS firewall authentication are
RSA-AES-128-CBC-SHA,
and RSA-AES-256-CBC-SHA.
Cipher suites that have “export” in the title are intended for use
outside of the United States and might have encryption algorithms with
limited key sizes. Export ciphers are not enabled by default. You need
to either configure the export ciphers to enable or install a domestic
package.
ECDHE-based cipher suits support the perfect
forward secrecy feature in SSL proxy.
Perfect forward secrecy is a specific key agreement protocols which
ensures that all transactions sent over the Internet are secure. Perfect
forward secrecy generates a unique session key for every session
initiated by user. This ensures that the compromise of a single session
key has no impact on data other than that exchanged in the specific
session protected by that particular key.
Configuring Cipher Suites for SSL Proxy
You can use following options in SSL proxy profile configuration to set cipher
suites:
Preferred Ciphers—Preferred ciphers allow
you to define an SSL cipher with acceptable key strength: strong,
medium, or weak.
If you do not want to use one of the three categories, you can select
ciphers from each of the categories to form a custom cipher set. Custom
ciphers allow you to define your own cipher list. To configure custom
ciphers, you must set preferred-ciphers to custom. Example:
content_copy zoom_out_map
set services ssl proxy profile profile-name preferred-ciphers custom
Custom Ciphers—Custom ciphers allow you to
define your own cipher list. Example:
content_copy zoom_out_map
set services ssl proxy profile profile-name custom-ciphers ecdhe-ecdsa-with-aes-256-cbc-sha384
set services ssl proxy profile profile-name custom-ciphers ecdhe-ecdsa-with-aes-128-cbc-sha256
Starting in Junos OS Release 21.2R1, you can also use the following
custom ciphers:
content_copy zoom_out_map
set services ssl proxy profile profile-name custom-ciphers tls13-with-aes-256-gcm-sha384
set services ssl proxy profile profile-name custom-ciphers tls13-with-aes-128-gcm-sha256
set services ssl proxy profile profile-name custom-ciphers tls13-with-chacha20-poly1305-sha256
set services ssl proxy profile profile-name custom-ciphers tls13-with-aes-128-ccm-sha256
set services ssl proxy profile profile-name custom-ciphers tls13-with-aes-128-ccm8-sha256
Use the following steps to configure an SSL proxy with custom ciphers:
Generate a root CA certificate or you can import your own trusted CA
certificate and private and public keys into the device.
Create an SSL proxy profile and associate root CA certificate (Root CA or
the server certificate).
Enable preferred-cipher in the SSL proxy as a custom-cipher and attach
custom cipher
Example:
This example shows how to create a custom cipher. In this example, you set
preferred-cipher to custom and add the cipher list
(ecdhe-ecdsa-with-aes-256-cbc-sha384 and ecdhe-ecdsa-with-aes-128-cbc-sha256):
content_copy zoom_out_map
request security pki local-certificate load filename rootCA.pem key rootCA.key certificate-id rootCAEcds
content_copy zoom_out_map
set services ssl proxy profile profile-name server-certificate rootCAEcds
Or
content_copy zoom_out_map
set services ssl proxy profile profile-name root-ca rootCAEcds
content_copy zoom_out_map
set services ssl proxy profile profile-name preferred-ciphers custom
content_copy zoom_out_map
set services ssl proxy profile profile-name custom-ciphers ecdhe-ecdsa-with-aes-256-cbc-sha384
set services ssl proxy profile profile-name custom-ciphers ecdhe-ecdsa-with-aes-128-cbc-sha256
Proceed with configuring the SSL proxy profile and applying the SSL proxy profile
to a security policy
Configuring Server Certificates of Key Size 4096 Bits on SRX300 and
SRX320
Starting in Junos OS Release 19.4R1, SRX300 and SRX320 devices support RSA
certificates with key size 4096 bits. This support is available only when the
SRX300 and SRX320 devices are operating in standalone mode.
You must explicitly configure the SSL proxy profile on SRX300 and SRX320 devices
to use the server certificate with key size 4096 bits. Example:
SSL Forward Proxy Profile
content_copy zoom_out_map
proxy {
profile sslfp-proxy-profile {
trusted-ca all;
root-ca ssl-inspect-ca;
actions {
allow-strong-certificate;
}
}
}
SSL Reverse Proxy Profile
content_copy zoom_out_map
proxy {
profile server-protection-profile {
server-certificate ssl-server-protection;
actions {
allow-strong-certificate;
}
}
}
