How to obtain an A+ in the Qualys SSL Labs Security Test - Open Wiki
- jorgedlcruz
- Zimbra Alumni
- Posts: 2782
- Joined: Thu May 22, 2014 4:47 pm
How to obtain an A+ in the Qualys SSL Labs Security Test - Open Wiki
Hi guys,
I am writing the next Wiki article about how to obtain the best score in the Qualys SSL Labs Security Test using the different Zimbra Collaboration Releases:
https://wiki.zimbra.com/wiki/How_to_obt ... urity_Test
Is a Community Contribution Wiki, that you can edit if you have a Wiki account. If you have some expertise, or tweaks, or extra input, please add it to the Wiki, or let the feedback here. Could be great to have the best result in that test using Zimbra Collaboration, in their different Releases.
I'm waiting to hear from you.
Best regards!
I am writing the next Wiki article about how to obtain the best score in the Qualys SSL Labs Security Test using the different Zimbra Collaboration Releases:
https://wiki.zimbra.com/wiki/How_to_obt ... urity_Test
Is a Community Contribution Wiki, that you can edit if you have a Wiki account. If you have some expertise, or tweaks, or extra input, please add it to the Wiki, or let the feedback here. Could be great to have the best result in that test using Zimbra Collaboration, in their different Releases.
I'm waiting to hear from you.
Best regards!
-
- Advanced member
- Posts: 183
- Joined: Fri Apr 25, 2014 12:42 pm
How to obtain an A+ in the Qualys SSL Labs Security Test - Open Wiki
Hi Jorge,
Congratulation for another great initiative !
Congratulation for another great initiative !
-
- Advanced member
- Posts: 183
- Joined: Fri Apr 25, 2014 12:42 pm
How to obtain an A+ in the Qualys SSL Labs Security Test - Open Wiki
Hi Jorge,
What are the recommendations to fix the Logjam issue in the IMAP, POP and SMTP services? I mean, for the 8.6 version.
Zimbra 8.0.9 is already Poodle free, isn't?
Thank you !
What are the recommendations to fix the Logjam issue in the IMAP, POP and SMTP services? I mean, for the 8.6 version.
Zimbra 8.0.9 is already Poodle free, isn't?
Thank you !
- jorgedlcruz
- Zimbra Alumni
- Posts: 2782
- Joined: Thu May 22, 2014 4:47 pm
How to obtain an A+ in the Qualys SSL Labs Security Test - Open Wiki
Hi Fabio, I'm testing the Logjam in my lab, I will come later, and update the Wiki.
Zimba 8.0.9 should come with the Poodle fix, but the truth is that I've downloaded from the Website, and do a vanilla install 3 times, and always I had the Poodle issue, so following the steps in the Security Wiki fix it.
Is really strange as I thought also that 8.0.9 came with poodle fixed.
Zimba 8.0.9 should come with the Poodle fix, but the truth is that I've downloaded from the Website, and do a vanilla install 3 times, and always I had the Poodle issue, so following the steps in the Security Wiki fix it.
Is really strange as I thought also that 8.0.9 came with poodle fixed.
-
- Advanced member
- Posts: 183
- Joined: Fri Apr 25, 2014 12:42 pm
How to obtain an A+ in the Qualys SSL Labs Security Test - Open Wiki
Hi Jorge,
Thanks for the Feedback, if there is anything that I could do to help in this tests just let me know.
Thanks for the Feedback, if there is anything that I could do to help in this tests just let me know.
- jorgedlcruz
- Zimbra Alumni
- Posts: 2782
- Joined: Thu May 22, 2014 4:47 pm
How to obtain an A+ in the Qualys SSL Labs Security Test - Open Wiki
Hi Fabio,
Following the steps in this Wiki, I obtain A+ with Proxy, or A without Proxy, in Zimbra Collaboration 8.6:
https://wiki.zimbra.com/wiki/How_to_obt ... urity_Test
Then If I try the next test https://tools.keycdn.com/logjam in the different ports:
993
995
465
I obtain in all of them that we are free of Logjam:
I've just updated yesterday with the procedure to protect a Zimbra Collaboration 8.6 without Proxy, not recommended.
Best regards!
Following the steps in this Wiki, I obtain A+ with Proxy, or A without Proxy, in Zimbra Collaboration 8.6:
https://wiki.zimbra.com/wiki/How_to_obt ... urity_Test
Then If I try the next test https://tools.keycdn.com/logjam in the different ports:
993
995
465
I obtain in all of them that we are free of Logjam:
I've just updated yesterday with the procedure to protect a Zimbra Collaboration 8.6 without Proxy, not recommended.
Best regards!
-
- Advanced member
- Posts: 183
- Joined: Fri Apr 25, 2014 12:42 pm
How to obtain an A+ in the Qualys SSL Labs Security Test - Open Wiki
Hi Jorge,
Thank you very much for the effort and congratulations for the work, you make all the difference to the Zimbra community.
Thank you very much for the effort and congratulations for the work, you make all the difference to the Zimbra community.
- jorgedlcruz
- Zimbra Alumni
- Posts: 2782
- Joined: Thu May 22, 2014 4:47 pm
How to obtain an A+ in the Qualys SSL Labs Security Test - Open Wiki
Hi Fabio,
Thank you so much for your words, I've updated the Wiki and now we have:
Zimbra Collaboration 8.6 with Proxy - A+
Zimbra Collaboration 8.6 without Proxy - A
Zimbra Collaboration 8.0.9 with Proxy - A
Zimbra Collaboration 8.0.9 without Proxy - A
In 8.0.9 I have the next in the SSL Labs scan that is the reason to not obtain the A+ I think:
Downgrade attack prevention No, TLS_FALLBACK_SCSV not supported (more info)
If you have any help that I can test to improve this results, let me know. But for now you can find a good results in the Wiki.
Best regards
Thank you so much for your words, I've updated the Wiki and now we have:
Zimbra Collaboration 8.6 with Proxy - A+
Zimbra Collaboration 8.6 without Proxy - A
Zimbra Collaboration 8.0.9 with Proxy - A
Zimbra Collaboration 8.0.9 without Proxy - A
In 8.0.9 I have the next in the SSL Labs scan that is the reason to not obtain the A+ I think:
Downgrade attack prevention No, TLS_FALLBACK_SCSV not supported (more info)
If you have any help that I can test to improve this results, let me know. But for now you can find a good results in the Wiki.
Best regards
- jorgedlcruz
- Zimbra Alumni
- Posts: 2782
- Joined: Thu May 22, 2014 4:47 pm
How to obtain an A+ in the Qualys SSL Labs Security Test - Open Wiki
Hi guys,
The steps for Zimbra Collaboration 8.7 are also included, just a few commands and Zimbra Collaboration 8.7 is fully secure
https://wiki.zimbra.com/wiki/How_to_obt ... ration_8.7
Waiting for your feedback.
Best regards
The steps for Zimbra Collaboration 8.7 are also included, just a few commands and Zimbra Collaboration 8.7 is fully secure
https://wiki.zimbra.com/wiki/How_to_obt ... ration_8.7
Waiting for your feedback.
Best regards
-
- Advanced member
- Posts: 183
- Joined: Fri Apr 25, 2014 12:42 pm
How to obtain an A+ in the Qualys SSL Labs Security Test - Open Wiki
Hi,
Is there any way for the community to test Zimbra 8.7?
Is there any way for the community to test Zimbra 8.7?