EMS TLS extension enforcement causing capacity issue In ADC

EMS TLS extension enforcement causing capacity issue In ADC

book

Article ID: CTX264377

calendar_today

Updated On:

Description

  • Issue 1: Intermittent TLS failures
    • When a Windows client attempts a TLS connection to Citrix ADC with TLS_DHE_* cipher suites, it may experience intermittent failure approximately 1 out of 256 attempts. https://support.microsoft.com/en-us/help/4528489/transport-layer-security-tls-connections-might-fail-or-timeout-when-co
  • Issue 2: Compatibility issues with TLS EMS  
  • Issue 3: Increased ADC CPU and SSL hardware load 
    • Without TLS EMS support on ADC, all TLS connections including TLS session resumption use cases will fall back to a full handshake.  A full handshake consumes more CPU and SSL hardware resources on the ADC.   

Background

EMS or Extended Master Secret (EMS, RFC 7627) is an optional extension to the
Transport Layer Security (TLS) protocol for any mechanism that relies on the master secret for authentication, an example being session resumption. To prevent against any vulnerabilities for “man-in-the-middle” attack, in the October 2019 patch, Microsoft enabled the EMS extension by default for all Microsoft clients and servers. 

Citrix ADC supports TLS EMS from build 13.0-61.48; the impact on the ADC may be intermittent TLS failures and increased CPU/SSL hardware load on the ADC. Please use the below workarounds to mitigate against any of the symptoms if you haven't updated your ADC to above mentioned build.

Environment

Citrix is not responsible for and does not endorse or accept any responsibility for the contents or your use of these third party Web sites. Citrix is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by Citrix of the linked Web site. It is your responsibility to take precautions to ensure that whatever Web site you use is free of viruses or other harmful items.

Resolution

Perform the following workarounds based on each respective issue encountered:

1. Workaround for Intermittent TLS failures

Remove Diffie-Hellman (DHE) ciphers from the front end (towards the client) and back-end of the Citrix ADC
https://docs.citrix.com/en-us/citrix-adc/13/ssl/ciphers-available-on-the-citrix-ADC-appliances/configure-user-defined-cipher-groups-on-the-adc-appliance.html

2. Workaround for Compatibility issues with TLS EMS  

Disable TLS session resumption the back end of the ADC (session resumption is enabled by default)
  • To disable TLS session resumption on the back-end using CLI:
    • Set ssl <service name> -sessReuse disabled
  • To disable TLS session resumption on the back-end using GUI:
    • Go to Traffic Management > Load Balancing > Services > select the SSL service on which you wish to disable Session reuse > Edit > SSL Parameters > uncheck enable session reuse
If the customer is using client certificate-based authentication, then: 
  • Disable TLS renegotiation as well as the step above. Disabling TLS renegotiation should be done on the front end and can be achieved as described in CTX123680

3. Workaround for Increased ADC CPU and SSL hardware load 

 

Citrix supports TLS EMS from build 13.0-61.48 , so the workarounds above are no longer necessary if you are on the mentioned build. 

The longer-term solution for the industry is TLS 1.3, which performs TLS key binding similar to TLS EMS.
 

*Prioritizing ECDHE over DHE will help for 5900, 8900, 15000, 26000 variation models. For older models, please contact PM(Program/Product Manager).

Additional Information

Powered by Wolken Software