How do you score A+ with 100 on all categories on SSL Labs test with Let's Encrypt and Nginx?

danday74 picture danday74 · Jan 30, 2017 · Viewed 10.8k times · Source

I'm trying to score 100 on all categories when testing my SSL certs at www.ssllabs.com

However, I am struggling to get A+ and 100 on all scores.

Any tips as to what NGINX config I should use? Or how I should generate my Let's Encrypt certs? thx

Answer

danday74 picture danday74 · Jan 31, 2017

These instructions apply to all certs (including Let's Encrypt certs). However, one or two Let's Encrypt specific tips are given.

The NGINX SSL config given below will give you the following SSL Labs scores. You choose:

Recommended

  • A+
  • Certificate 100/100
  • Protocol Support 95/100
  • Key Exchange 90/100
  • Cipher Strength 90/100

Perfect but restrictive

  • A+
  • Certificate 100/100
  • Protocol Support 100/100
  • Key Exchange 100/100
  • Cipher Strength 100/100

NGINX SSL config - Extract the bits you want. The notes clarify how a given NGINX directive will effect your SSL Labs score:

# Your listen directive should be .. listen 443 ssl http2;
# gzip off; # gzip over ssl? really?

ssl_certificate      /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key  /etc/letsencrypt/live/yourdomain.com/privkey.pem;

#################### ssllabs.com Protocol Support

ssl_protocols TLSv1.2 TLSv1.1 TLSv1; # Score=95 (recommended)
# ssl_protocols TLSv1.2; # Score=100

#################### ssllabs.com Key Exchange

# Score=90 (recommended)
ssl_dhparam          /etc/letsencrypt/live/yourdomain.com/dhparam2048.pem; # openssl dhparam -out dhparam2048.pem 2048
ssl_ecdh_curve       secp384r1; # optional

# Score=100 (must generate letsencrypt certs with flag --rsa-key-size 4096)
# ssl_dhparam        /etc/letsencrypt/live/yourdomain.com/dhparam4096.pem; # openssl dhparam -out dhparam4096.pem 4096
# ssl_ecdh_curve     secp384r1; # required

#################### ssllabs.com Cipher Strength - see https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations
ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:EC
DHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES25
6-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS; # Score=90 (recommended)
# ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; # Score=100

#################### ssllabs.com A+ - Enable HSTS on all subdomains

add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
# add_header Strict-Transport-Security "max-age=0; includeSubDomains"; # Delete browser cached HSTS policy (i.e. turn HSTS off)

# THE PRELOAD DIRECTIVE WILL HAVE SEMI-PERMANENT CONSEQUENCE AND IS IRREVERSIBLE - DO NOT USE UNTIL FULLY TESTED AND YOU UNDERSTAND WHAT YOU ARE DOING!
# add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;

#################### Other typical SSL settings that DO NOT effect the ssllabs.com score

ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;

ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 10s;

add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;

Note, you can only get 100 on Key Exchange if your:

  • certificates RSA key size is 4096 (for Let's Encrypt use --rsa-key-size 4096 when generating the cert otherwise you are stuck with the RSA key size used when your CA generated the cert for you) AND
  • dhparam is 4096 (openssl dhparam -out dhparam4096.pem 4096) - This takes approx 1 hour to generate, useless for an automated solution

EDIT

  • 2048 is enough security for the next 40 years. Noone has ever cracked a 1024, let alone a 2048!

  • openssl dhparam -dsaparam -out dhparam4096.pem 4096 ... is much quicker that one hour (see -dsaparam flag) but I don't know whether you should use it or not ... have not tested it on SSL Labs test since I'm going with 2048