How to enable SSL Forward Secrecy on Nginx

Having recently had to re-install an SSL certificate which was about to expire, I headed over to the excellent SSL Server Test site to check the cert was correctly installed.

Well the cert was installed correctly however I received an A- rating, good but could be better. The main issue was something called Forward Secrecy(FS) or Perfect Forward Secrecy. 

Without going into detail without FS it's possible that someone could intercept all encrypted traffic between a server and its users, and then at some point if they get a copy of the servers Private Key, could decrypted all the intercepted traffic. With FS enabled a unique Session Key is generated between the server and each client. Then at the end of the session the Session Key is destroyed making encrypted traffic practically impossible to decrypt.

To use FS you need a cipher with either ECDHE(Elliptic curve Diffie–Hellman) or DHE in the name. Fortunately the version of Nginx which ships with Ubuntu 12.04 already includes and uses these cipher suites. However it still relies on the client browser choosing an appropriate cipher. Many, particular older browsers don't use these ciphers by default even though they do support them.

A slight change to the Nginx config and FS will be used by all supporting browsers and clients.

In either the nginx.conf or the site config enter the following line in the http or server block:

ssl_prefer_server_ciphers on;

This tells the client when connecting to use prefer a cipher chosen by the server. Nginx places ECDHE and DHE ciphers first in order. Some sites suggest setting the ssl_ciphers config option to explicitly list ciphers to use, however there is no need as the default config already includes the appropriate high grade ciphers.

This change does not affect older browsers mainly Internet Explorer on Window XP which does not support FS, in this case they will choose a cipher they do support.

It is worth noting there is a slight performance penalty (apparently approx 15% increase in CPU) in using FS because of the session key generation process. Personally I believe the trade off is worth it for ensuring the security of your customers data. Incidental I now get an A grade from the SSL Server Test!