In December of 2014 researchers found that the RC4 cipher being used in common TLS implementations could be easily broken. As of January 15 2015 the recommended predefined security policy for AWS Elastic Load Balancers still permits the use of RC4 ciphers and will need to be custom configured to deal with the RC4 vulnerability. These steps are described here.
Background
In October of 2014 a POODLE attack was launched against SSLv3 that allowed attackers to gain cookie data from target sites. To mitigate this it was advised to remove SSLv3 and use TLS instead.
The movement towards TLS brings to light cipher issues that you should be aware of when configuring SSL on your server. Common TLS implementations will preferentially use the RC4 cipher suite for their cryptographic needs. However, the IETF has recently issued a draft prohibiting RC4 cipher suites.
At this point in time, the newest ELB Security Policy (2014-10) provided by AWS still permits the use of RC4 cipher suites. This presents problems when using tools such as ssllabs.com server test which will flag an AWS instance as non-compliant due to the use of RC4 ciphers.
To resolve this issue you must manually specify ciphers you wish ELB to use during ELB creation.
If you are using a predefined ELB security policy you can change the cipher usage. To do this:
-
Find your ELB in AWS and select the Listeners tab. In the Cipher column click Change on the cipher row.
![Change the cipher][step1] -
Select Predefined Security Policy and ELBSecurityPolicy-2014-10 from the drop down.
![Select predefined policy][step2] -
Change the radio button selection to Custom Security Policy and uncheck the two ciphers ECDHE-RSA-RC4-SHA and RC4-SHA then click Save.
![De-select ciphers][step3]
More information on predefined security policies can be found here.
For HAProxy SSL users here's an example working cipher set: no-sslv3 no-tls-tickets ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES128-SHA:AES256-SHA256:AES256-SHA