SSL/TLS Profile

Overview

This guide explains the SSL/TLS profile details.

SSL/ TLS Profile

Avi Vantage supports the ability to terminate SSL connections between the client and the virtual service, and to enable encryption between Avi Vantage and the back-end servers. The Templates > Security > SSL/TLS Profile contains the list of accepted SSL versions and the prioritized list of SSL ciphers. To terminate client SSL connections, both an SSL profile and an SSL certificate must be assigned to the virtual service. To also encrypt traffic between Avi Vantage and the servers, an SSL profile must be assigned to the pool. When creating a new virtual service via the basic mode, the default system SSL profile is automatically used.

Each SSL profile contains default groupings of supported SSL ciphers and versions that may be used with RSA or an elliptic curve certificates, or both. Ensure that any new profile created includes ciphers that are appropriate for the certificate type that will be used. The default SSL profile included with Avi Vantage is optimized for security, rather than just prioritizing the fastest ciphers.

Creating a new SSL/TLS profile or using an existing profile entails various trade-offs between security, compatibility, and computational expense. For example, increasing the list of accepted ciphers and SSL versions increases the compatibility with clients, while also potentially lowering security.

Notes:

  • Starting with Avi Vantage version 18.2.3, Avi Vantage can accommodate a broader set of security needs within a client community by associating multiple SSL profiles with a single virtual service, and have the Service Engines choose which to use based on the client’s IP address. For more information, refer to the Client-IP-based SSL Profiles article.
  • Starting with Avi Vantage version 18.2.6, Avi Vantage supports TLS 1.3.
  • Starting with Avi Vantage version 20.1.1, the virtual service creation without SSL profile should default to System-Standard-PFS SSL profile.
  • Selecting unsafe ciphers will display the following error message.
    controller-fault.png

SSL Profile Templates

To view the currently defined SSL and TLS profiles, navigate to Templates > Security and click to the SSL/TLS Profile tab.

existing-ssl-tls-profiles.png
The table provides the following information for each SSL/TLS profile:

  • Name — Name of the profile.
  • Accepted Ciphers — List of ciphers accepted by the profile, including the prioritized order.
  • Accepted Versions — SSL and TLS versions accepted by the profile.

Create an SSL/TLS Profile

To create or edit an SSL profile, click on Create to see a window such as depicted in the below screenshots. In this, TLS1.3 is unchecked.

TLS 1.3 not selected

Checking the TLS 1.3 option causes the Early Data option to appear.

TLS 1.3 selected

Checking TLS 1.2 option, the following ciphers are enabled:

TLS 1.2 selected

UI Fields

  • SSL/TLS Name — Specify a unique name for the SSL/TLS profile.
  • Type — Choose Application if the profile is to be associated with a virtual service, System if the profile is to be associated with the Controller.
  • Cipher — Ciphers may be chosen from the default List view or a String. The String view is for compatibility with OpenSSL-formatted cipher strings. When using String view, Avi Vantage does not provide an SSL rating, nor a score for the selected ciphers.
  • SSL Rating — This is a simple rollup of the security, compatibility, and performance of the ciphers chosen from the list. Often ciphers may have great performance but very low security. The SSL rating attempts to provide some insight into the outcome of the selected ciphers.  Avi Networks may change the score of certain ciphers from time to time, as new vulnerabilities are discovered.  This does not impact or change an existing Avi Vantage deployment, but it does mean the score for the profile, and potentially the security penalty of a virtual service, may change to reflect the new information.
  • Version — Avi Vantage supports versions SSL 3.0, TLS 1.0 and newer. The older SSL 2.0 protocol is no longer supported.
    Starting with release 18.2.6, TLS 1.3 protocol is supported. Users must select one or more of the three supported TLS 1.3 ciphers in the list of ciphers or configure them in the Ciphersuites option under the String view.
  • Send “close notify” alert — Gracefully inform the client of the closure of an SSL session. This is similar to TCP doing a FIN/ACK rather than an RST.
  • Prefer client cipher ordering — Off by default, set this to On if you prefer the client’s ordering.
  • Enable SSL Session Reuse — On by default, this option persists a client’s SSL session across TCP connections after the first occurs.
  • SSL Session Expiration — Set the length of time in seconds before an SSL session expires.
  • Ciphers — When negotiating ciphers with the client, Avi Vantage will give preference to ciphers in the order listed. The default cipher list prioritizes elliptic curve with PFS, followed by less secure, non-PFS and slow RSA-based ciphers.  Enable, disable, and reorder the ciphers via the List view.  In the String view, manually enter the cipher strings via the OpenSSL format, which is documented on the OpenSSl.org website. You may use an SSL/TLS profile with both an RSA and an elliptic curve certificate. These two types of certificates can use different types of ciphers, so it is important to incorporate ciphers for both types in the profile if both types of certs may be used. As with all security, Avi Networks recommends diligence to understand the dynamic nature of security and to ensure that Avi Vantage is always up to date.
  • Ciphersuites — Starting with Avi Vantage 18.2.6, this option exclusively configures TLS 1.3 protocol ciphers. Currently, Avi supports
    • TLS_AES_128_GCM_SHA256
    • TLS_AES_256_GCM_SHA384
    • TLS_CHACHA20_POLY1305_SHA256
      Note: These ciphers will only work with the TLS 1.3 protocol. The old ciphersuites cannot be used with the TLS 1.3 protocol.
  • Early Data — Starting with Avi Vantage 18.2.6, this option enables TLS-v1.3-terminated applications to send application data (referred to here as early data or 0-RTT data) without having to first wait for the TLS handshake to complete. This saves one full round-trip time between the client and server before the client requests can be processed. SSL session reuse must be enabled to use the Early Data option.

Document Revision History

Date Change Summary
December 23, 2020 Added note on System-Standard-PFS SSL profile