Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2...
Transcript of Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2...
![Page 1: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/1.jpg)
![Page 2: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/2.jpg)
2 © 2015 Pivotal Software, Inc. All rights reserved. 2 © 2015 Pivotal Software, Inc. All rights reserved.
Server Side TLS (for HTTP/2) and Java
Mark Thomas, September 2015
![Page 3: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/3.jpg)
3 © 2015 Pivotal Software, Inc. All rights reserved.
Introduction
Apache Tomcat committer since December 2003 – [email protected]
Tomcat 8 release manager
Member of the Servlet, WebSocket and EL expert groups
Consultant Software Engineer @ Pivotal
Currently focused on Apache Tomcat 9
Tomcat 9 will support HTTP/2
![Page 4: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/4.jpg)
4 © 2015 Pivotal Software, Inc. All rights reserved.
Agenda
Server side TLS requirements – Mainly from an HTTP/2 perspective
Server Name Indication (SNI)
Multiple certificate support
Application Layer Protocol Negotiation (ALPN)
![Page 5: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/5.jpg)
5 © 2015 Pivotal Software, Inc. All rights reserved.
Server Side TLS Requirements
![Page 6: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/6.jpg)
6 © 2015 Pivotal Software, Inc. All rights reserved.
Server Name Indication (SNI)
Server side TLS requirements
HTTP/1.1 supports virtual hosts
Host name passed as an HTTP header
TLS certificate needs to match host name
Certificate must be presented in the TLS handshake
The TLS handshake must complete before any HTTP traffic
SNI: adds host name to the handshake
![Page 7: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/7.jpg)
7 © 2015 Pivotal Software, Inc. All rights reserved.
Multiple certificates
Server side TLS
Three types of certificate – RSA (most popular)
– DSA (rarely used)
– EC (increasing in popularity)
Available ciphers depend on the certificate
![Page 8: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/8.jpg)
8 © 2015 Pivotal Software, Inc. All rights reserved.
Application Layer Protocol Negotiation (ALPN)
Server side TLS
ALPN adds protocol negotiation to the TLS handshake
HTTP/2 requires ALPN – HTTP/2 traffic starts as soon as the TLS handshake completes
![Page 9: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/9.jpg)
9 © 2015 Pivotal Software, Inc. All rights reserved.
Server side TLS
SNI, ALPN and certificate selection are inter-related
SNI determines which certificate(s) to use
Certificate(s) determine which ciphers are available
ALPN may have requirements for ciphers
Client capabilities also have an impact
Negotiation involves combination of protocol, host & ciphers
![Page 10: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/10.jpg)
10 © 2015 Pivotal Software, Inc. All rights reserved.
Server Name Indication
![Page 11: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/11.jpg)
11 © 2015 Pivotal Software, Inc. All rights reserved.
Server Name Indication
Java 8 added ‘support’ for server side SNI
But Java only allows a single certificate to be configured – Fine for *.apache.org
– Not so good for www.openoffice.org and openoffice.apache.org
So what SNI support does Java 8 provide?
![Page 12: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/12.jpg)
12 © 2015 Pivotal Software, Inc. All rights reserved.
Server Name Indication
Java provides a callback with the client provided host name
Java API provides the following options – Abort the connection
– Allow the connection to proceed
So how does the API support virtual hosting with different
certs for different hosts? – It doesn’t
Never fear, Oracle has a plan…
![Page 13: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/13.jpg)
13 © 2015 Pivotal Software, Inc. All rights reserved.
Server Name Indication
To use server side Java TLS virtual hosting applications
must: – Buffer the incoming network packets
– Parse the opening TLS handshake
– Extract the requested server name
– Select the correct certificate
– Configure the socket with the right TLS configuration
– Pass the buffered data to the socket
– Continue to pass all subsequent data
![Page 14: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/14.jpg)
14 © 2015 Pivotal Software, Inc. All rights reserved.
Multiple certificates
![Page 15: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/15.jpg)
15 © 2015 Pivotal Software, Inc. All rights reserved.
Multiple certificates
Java provides support for one certificate per connection
Same problem as with SNI
Use the same solution – Extract client ciphers form initial TLS handshake
– Filter ciphers based on available certificate(s)
– Select preferred cipher
– Use matching certificate
![Page 16: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/16.jpg)
16 © 2015 Pivotal Software, Inc. All rights reserved.
Application Layer Protocol Negotiation
![Page 17: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/17.jpg)
17 © 2015 Pivotal Software, Inc. All rights reserved.
Application Layer Protocol Negotiation
Servlet 4.0 will require ALPN support
Servlet 4.0 is part of Java EE 8
Java EE 8 must pass the TCK on Java 8
ALPN support is planned for Java 9
Servlet EG requested a backport of ALPN support to Java 8 – request denied
– twice
![Page 18: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/18.jpg)
18 © 2015 Pivotal Software, Inc. All rights reserved.
The Java solution
Application Layer Protocol Negotiation
Require Java 9
ALPN support is coming in Java 9
API isn’t finalized yet – complicated by negotiation requirements
Risk that ALPN support turns into another SNI – ALPN messages go both ways
– Parsing the handshake trick can’t work
![Page 19: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/19.jpg)
19 © 2015 Pivotal Software, Inc. All rights reserved.
The Jetty Solution
Application Layer Protocol Negotiation
Jetty has produced a binary patch to add ALPN to Java 8
JRE vendor and exact version specific
It is known to be working
Potential for support issues – Users have to install the right version
– Behavior may be ’odd’ if the wrong version is used
![Page 20: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/20.jpg)
20 © 2015 Pivotal Software, Inc. All rights reserved.
The OpenSSL solution
Application Layer Protocol Negotiation
OpenSSL supports ALPN
Tomcat’s APR/native connector uses OpenSSL
Also supports – SNI
– Multiple certificates
Requires a native library
![Page 21: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/21.jpg)
21 © 2015 Pivotal Software, Inc. All rights reserved.
The OpenSSL based JSSE provider solution
Application Layer Protocol Negotiation
TLS in Java is provided by JSSE
JSSE supports pluggable providers
Implement a JSSE provider using OpenSSL
Several attempts – Not aware of any that have been successful
![Page 22: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/22.jpg)
22 © 2015 Pivotal Software, Inc. All rights reserved.
The JSSE plus OpenSSL solution
Application Layer Protocol Negotiation
SSLContext is normally provided by JSSE
JSSE allows injection of custom SSLContext – Ability to do this spotted by the Netty project
Implementing an OpenSSL based SSLContext is much
simpler than implementing a JSSE provider
Requires a native library
Works with the JSSE API
![Page 23: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/23.jpg)
23 © 2015 Pivotal Software, Inc. All rights reserved.
Tomcat 9 plan for TLS
![Page 24: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/24.jpg)
24 © 2015 Pivotal Software, Inc. All rights reserved.
Tomcat 9 plan for TLS
Requiring Java 9 is not an option
The Jetty solution complicates the install
APR/native will be used – Tomcat already has the necessary code
OpenSSL based SSLContext will be used – Plugs in to existing Java I/O
![Page 25: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/25.jpg)
25 © 2015 Pivotal Software, Inc. All rights reserved.
Questions
![Page 26: Server Side TLS (for HTTP/2)...2015/09/24 · © 2015 Pivotal Software, Inc. All rights reserved. 2 Server Side TLS (for HTTP/2) and Java Mark Thomas, September 2015© 2015 Pivotal](https://reader033.fdocuments.us/reader033/viewer/2022042409/5f25aa45bc63f22b29055b7d/html5/thumbnails/26.jpg)