Eu tenho um site que foi vinculado a um novo certificado SSL com SAN (4 nomes adicionais).
O certificado tem uma chave de 2048 bits.
O problema é que ele funciona em algumas combinações de navegador / sistema operacional, mas não em outras.
- IE7 / Win XP - falha
- IE6 / Win 2003 - falha
- IE8 / Win XP / Proxy corporativo - OK
- IE8 / Win 7 / OUTRO proxy corporativo - falha
- IE9 / 10 / Win 7 - OK
- Chrome / Win 7 - OK
- Firefox / Win 7 - OK
- Chrome / Android - OK
Nota: As duas proxies corporativas são organizações muito diferentes, em dois países separados.
Instalei o Fiddler no IE6 / Win 2003 (o segundo da lista) e capturei isso da guia Inspectors \ Raw:
IE6:
CONNECT sorry.site.not.disclosed:443 HTTP/1.0
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; FDM; .NET4.0C; .NET4.0E)
Host: sorry.site.not.disclosed
Content-Length: 0
Connection: Keep-Alive
Pragma: no-cache
A SSLv2-compatible ClientHello handshake was found. Fiddler extracted the parameters below.
Major Version: 2
Minor Version: 0
Random: EA AE EB C5 20 0C 46 90 7F C1 E0 EE 47 BE 05 63
SessionID: empty
Ciphers:
[10080] SSL2_RC4_128_WITH_MD5
[700C0] SSL2_DES_192_EDE3_WITH_MD5
[30080] SSL2_RC2_128_WITH_MD5
[60040] SSL2_DES_64_WITH_MD5
[20080] SSL2_RC4_128_EXPORT40_WITH_MD5
[40080] SSL2_RC2_128_EXPORT40_WITH_MD5
[00FF] TLS_EMPTY_RENEGOTIATION_INFO_SCSV
Compression:
(not specified)
Extensions:
none
Chrome:
CONNECT sorry.site.not.disclosed:443 HTTP/1.1
Host: sorry.site.not.disclosed
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 5.2) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.172 Safari/537.22
A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.
Major Version: 3
Minor Version: 2
Random: 51 4A 0D 68 FE C4 50 A9 26 43 9E 1A C2 E9 05 5C FE 5F CF 37 4D 20 96 FF 0E 2F 5E EB 16 C1 F2 20
SessionID: empty
Ciphers:
[C014] TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA
[0088] TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
[0087] TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
[0039] TLS_DHE_RSA_WITH_AES_256_SHA
[0038] TLS_DHE_DSS_WITH_AES_256_SHA
[C00F] TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
[0084] TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
[0035] TLS_RSA_AES_256_SHA
[C011] TLS_ECDHE_RSA_WITH_RC4_128_SHA
[C013] TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA
[0045] TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
[0044] TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
[0066] TLS_DHE_DSS_WITH_RC4_128_SHA
[0033] TLS_DHE_RSA_WITH_AES_128_SHA
[0032] TLS_DHE_DSS_WITH_AES_128_SHA
[C00C] TLS_ECDH_RSA_WITH_RC4_128_SHA
[C00E] TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
[0096] TLS_RSA_WITH_SEED_CBC_SHA
[0041] TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
[0005] SSL_RSA_WITH_RC4_128_SHA
[0004] SSL_RSA_WITH_RC4_128_MD5
[002F] TLS_RSA_AES_128_SHA
[C012] TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
[0016] SSL_DHE_RSA_WITH_3DES_EDE_SHA
[0013] SSL_DHE_DSS_WITH_3DES_EDE_SHA
[C00D] TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
[FEFF] SSL_RSA_FIPS_WITH_3DES_EDE_SHA
[000A] SSL_RSA_WITH_3DES_EDE_SHA
Compression:
[00] NO_COMPRESSION
Extensions:
server_name sorry.site.not.disclosed
renegotiation_info 00
elliptic_curves 00 06 00 17 00 18 00 19
ec_point_formats 01 00
SessionTicket TLS empty
NextProtocolNegotiation empty
channel_id(GoogleDraft) empty
status_request 01 00 00 00 00
Ao testar usando SSLLabs, por exemplo link
O site mostra APENAS duas opções em conjuntos de cifras e suporta apenas o TLS 1.0:
Protocols
TLS 1.2 No
TLS 1.1 No
TLS 1.0 Yes
SSL 3.0 No
SSL 2.0 No
Cipher Suites (SSLv3+ suites in server-preferred order, then SSLv2 suites where used)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH 256 bits (eq. 3072 bits RSA) 128
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH 256 bits (eq. 3072 bits RSA)
Eu entrei em contato com a Verisign (Austrália) e o grupo afirma que todos os certificados da Verisign suportam SSLv1, v2, v3, TLS.
Então, por que o servidor IIS não o apresenta? Usando um certificado curinga SELF-SIGNED, consegui fazer com que o mesmo servidor IIS relatasse SSLLabs:
Protocols
TLS 1.2 No
TLS 1.1 No
TLS 1.0 Yes
SSL 3.0 Yes
SSL 2.0 INSECURE Yes
Cipher Suites (SSLv3+ suites in server-preferred order, then SSLv2 suites where used)
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) 128
TLS_RSA_WITH_AES_256_CBC_SHA (0x35) 256
TLS_RSA_WITH_RC4_128_SHA (0x5) 128
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) 168
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH 256 bits (eq. 3072 bits RSA) 128
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH 256 bits (eq. 3072 bits RSA) 256
TLS_RSA_WITH_RC4_128_MD5 (0x4) 128
SSL_DES_192_EDE3_CBC_WITH_MD5 (0x700c0) 168
SSL_RC4_128_WITH_MD5 (0x10080) 128
Onde procurar a seguir?