From e462df7401ac144dce2aeb36b4e563980410a920 Mon Sep 17 00:00:00 2001
From: Nobuto Murata <nobuto.murata@canonical.com>
Date: Tue, 7 Jul 2020 21:18:48 +0900
Subject: [PATCH] Refresh cipher suites and protocols

The last update was 2016, and it's time to drop TLSv1 and TLSv1.1 as the
base configuration recommended by Mozilla.
https://wiki.mozilla.org/Security/Server_Side_TLS

Follow-up of the following commits:
106f418f13c073b1e7d4c57483f423d5f4d0dd10

Related changes in charm-helpers:
https://github.com/juju/charm-helpers/pull/485

Change-Id: Ib959663634bc648328e5cb35ed3d3622d759412c
Closes-Bug: #1886630
---
 templates/default-ssl | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/templates/default-ssl b/templates/default-ssl
index 59d0852a..71c05e3d 100644
--- a/templates/default-ssl
+++ b/templates/default-ssl
@@ -36,8 +36,14 @@ NameVirtualHost *:{{ 443 }}
     CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined
 
     SSLEngine on
-    SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2
-    SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM
+
+    # This section is based on Mozilla's recommendation
+    # as the "intermediate" profile as of July 7th, 2020.
+    # https://wiki.mozilla.org/Security/Server_Side_TLS
+    SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
+    SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
+    SSLHonorCipherOrder off
+
     SSLCertificateFile /etc/apache2/ssl/{{ namespace }}/cert_{{ endpoint }}
     # See LP 1484489 - this is to support <= 2.4.7 and >= 2.4.8
     SSLCertificateChainFile /etc/apache2/ssl/{{ namespace }}/cert_{{ endpoint }}