Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-27312

PQC: Fix Apache SSLProtocol and SSLCipherSuite in storage operator ssl.conf

XMLWordPrintable

      As a security engineer, I want the Apache TLS configuration deployed by cinder-operator, glance-operator, manila-operator, and swift-operator to explicitly require TLS 1.3 and exclude RSA key exchange cipher suites, so that TLS sessions use forward-secret key exchange and are ready for PQC key exchange (X25519MLKEM768) when OpenSSL >= 3.5 is available in the container image.

      • Update templates/*/config/ssl.conf in cinder-operator, glance-operator, manila-operator, and swift-operator to replace: 
        SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!RC4:!3DES
SSLProtocol all -SSLv2 -SSLv3 -TLSv1

        with:

        SSLCipherSuite HIGH:!aNULL:!MD5:!RC4:!3DES:!kRSA
SSLCipherSuite TLSv1.3 TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
SSLProtocol -all +TLSv1.3 +TLSv1.2
      • The SSLProtocol change stops TLS 1.1 from being negotiated and explicitly enables TLS 1.3. TLS 1.2 is retained for backward compatibility during transition; full PQC safety requires removing TLS 1.2 in a future step once all clients support TLS 1.3.
      • The SSLCipherSuite change drops the MEDIUM group and adds !kRSA to exclude RSA key exchange suites (e.g. AES256-SHA) from the HIGH group. These suites use RSA for key exchange, which is VULNERABLE to Shor's algorithm and lacks forward secrecy. Excluding !kRSA forces TLS 1.2 sessions onto forward-secret ECDHE/DHE key exchange.
      • Full PQC key exchange (X25519MLKEM768) additionally requires OpenSSL >= 3.5 in the container image and TLS 1.3 to be negotiated.

      Acceptance Criteria:

      • templates/cinder/config/ssl.conf, templates/common/config/ssl.conf, templates/glanceapi/config/ssl.conf, templates/manila/config/ssl.conf, and templates/swiftproxy/config/ssl.conf all contain SSLProtocol -all +TLSv1.3 +TLSv1.2 and SSLCipherSuite with !kRSA and a TLSv1.3-specific cipher suite directive
      • OpenGrep rules [1] apache-ssl-protocol-no-tls13 and apache-ssl-ciphersuite-permits-rsa-kex no longer fire on these files
      • TLS 1.1 is no longer permitted (was previously allowed via the "all" keyword)
      • TLS 1.2 sessions no longer negotiate RSA key exchange (verified via: openssl s_client -connect <host>:443 -cipher 'kRSA' — connection should fail)

      [1] https://gitlab.cee.redhat.com/OSP-DFG-security/pqc-automated-analysis

              Unassigned Unassigned
              rhn-support-johfulto John Fulton
              rhos-storage-integration
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: