TLS1.3 is not commonly supported on older distro due to slow adaptation of new version of openssl. To get around that, we can compile libressl from source. Here is how I did it on AmazonLinux2.
Initially, I tried to compile libressl and apache. It didn’t work out. The next best thing is to compile haproxy with new version of libressl.
Install LibreSSL from source
The following will install libressl under /opt/libressl
$ wget2 https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.2.tar.gz $ tar zxf libressl-3.4.2.tar.gz $ cd libressl-3.4.2 $ ./configure --prefix=/opt/libressl; make -j4; make install $ echo /opt/libressl/lib > /etc/ld.so.conf.d/ssl.conf ldconfig
Install HA Proxy 2.5.0 from source
The following installs haproxy under /usr/local/sbin
$ yum -y install pcre2-devel systemd-devel $ git clone -b v2.5.0 https://github.com/haproxy/haproxy.git $ cd haproxy $ make TARGET=linux-glibc USE_PCRE2=1 USE_PCRE2_JIT=1 USE_OPENSSL=1 SSL_LIB=/opt/libressl/lib SSL_INC=/opt/libressl/include USE_ZLIB=1 USE_SYSTEMD=1 $ make install
Create environment for haproxy
$ groupadd haproxy $ useradd -g haproxy haproxy $ mkdir /var/lib/haproxy $ chown haproxy /var/lib/haproxy
Create a config file for haproxy
Create /etc/haproxy.conf. This is the bare minimum config. SSL certificate is terminated on haproxy, and requests are forwarded to apache in plaintext.
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
tune.ssl.default-dh-param 2048
ssl-default-bind-ciphers TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:EECDH+AESGCM:EECDH+CHACHA20
ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 no-tlsv12
stats socket /var/lib/haproxy/stats
defaults
mode http
log global
option dontlognull
option http-server-close
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 2000
backend apache
http-request set-header X-Forwarded-Proto https
mode http
balance roundrobin
fullconn 2000
option httpchk
server local01 127.0.0.1:80 proto h2
frontend web
# the pem file is contains the server cert, intermediate cert, and the private key
# the order of these 3 components is important
bind *:443 ssl crt /etc/letsencrypt/live/your-domain.com/combined.pem alpn h2,http/1.1
mode http
use_backend apache
default_backend apache
Create a systemd service
Create /etc/systemd/system/haproxy.service with the following content.
[Unit] Description=HAProxy service After=syslog.target network.target [Service] PIDFile=/run/haproxy.pid ExecStart=/usr/local/sbin/haproxy -f /etc/haproxy.conf -p /run/haproxy.pid Restart=on-abort [Install] WantedBy=multi-user.target
Then run these to start up haproxy: systemctl daemon-reload; systemctl start haproxy
Update apache https redirect
If you previously redirects http traffic to https, you will need to update the RewriteCond to look for a http header instead of checking the request protocol
RewriteEngine On RewriteCond %{HTTP:X-Forwarded-Proto} !https RewriteRule ^(.*) https://%{SERVER_NAME}$1 [R,L]
Scan the web site
With your favorite ssl scanner, now check what protocols are supported. Here, I use sslscan
$ sslscan your.domain.com
Version: 2.0.7
OpenSSL 1.1.1l 24 Aug 2021
Connected to 18.136.38.30
Testing SSL server your.domain.com on port 443 using SNI name your.domain.com
SSL/TLS Protocols:
TLSv1.0 disabled
TLSv1.1 disabled
TLSv1.2 disabled
TLSv1.3 enabled
TLS Fallback SCSV:
Server supports TLS Fallback SCSV
TLS renegotiation:
Session renegotiation not supported
Supported Server Cipher(s):
Preferred TLSv1.3 256 bits TLS_AES_256_GCM_SHA384 Curve 25519 DHE 253
Accepted TLSv1.3 256 bits TLS_CHACHA20_POLY1305_SHA256 Curve 25519 DHE 253
Accepted TLSv1.3 128 bits TLS_AES_128_GCM_SHA256 Curve 25519 DHE 253
Server Key Exchange Group(s):
TLSv1.3 128 bits secp256r1 (NIST P-256)
TLSv1.3 192 bits secp384r1 (NIST P-384)
TLSv1.3 260 bits secp521r1 (NIST P-521)
TLSv1.3 128 bits x25519
TLSv1.3 224 bits x448
TLSv1.3 112 bits ffdhe2048
TLSv1.3 128 bits ffdhe3072
TLSv1.3 150 bits ffdhe4096
TLSv1.3 175 bits ffdhe6144
TLSv1.3 192 bits ffdhe8192
SSL Certificate:
Signature Algorithm: sha256WithRSAEncryption
RSA Key Strength: 2048
Subject: your.domain.com
Altnames: DNS:your.domain.com
Issuer: R3
Not valid before: Dec 20 01:47:08 2021 GMT
Not valid after: Mar 20 01:47:07 2022 GMT
Wrapping up
Openssl is the core component of all web services, even the OS themselves. I wish the distro vendor can keep up so we don’t need these workarounds.