[PATCH] RSA+DSA+ECC bundles
mdounin at mdounin.ru
Thu Oct 17 15:18:00 UTC 2013
On Thu, Oct 17, 2013 at 03:09:42PM +0100, Rob Stradling wrote:
> On 06/02/13 17:24, Primoz Bratanic wrote:
> >Apache supports specifying multiple certificates (different types) for same
> >host in line with OpenSSL support (RSA, DSA, ECC). This allows using ECC key
> >exchange methods with clients that support it and it's backwards compatible.
> >I wonder how much work would it be to add support for this to nginx. Is it
> >just allowing specifying 2-3 certificates (and checking they have different
> >key type) + adding support for returning proper key chain or are the any
> >other obvious roadblocks (that are not obvious to me).
> Here's a first stab at a patch. I hope this is a useful starting
> point for getting this feature added to Nginx.
> To specify an RSA cert plus an ECC cert, use...
> ssl_certificate my_rsa.crt my_ecc.crt;
> ssl_certificate_key my_rsa.key my_ecc.key;
> ssl_prefer_server_ciphers on;
> Also, configure ssl_ciphers to prefer at least 1 ECDSA cipher and
> permit at least 1 RSA cipher.
> I think DSA certs should work too, but I've not tested this.
> Issues I'm aware of with this patch:
> - It doesn't check that each of the certs has a different key type
> (but perhaps it should). If you specify multiple certs with the
> same algorithm, all but the last one will be ignored.
Bad, but we could live with it if there will be no better way to
> - The certs and keys need to be specified in the correct order.
> If you specify "my_rsa.crt my_ecc.crt" and "my_ecc.key my_rsa.key",
> Nginx will start but it won't be able to complete any SSL
> handshakes. This could be improved.
This is certainly not something acceptable. There should be a
better way to specify certs and keys.
> - It doesn't add the new feature to mail_ssl_module. Perhaps it should.
This could wait.
> - The changes I made to ngx_conf_set_str_array_slot() work for me,
> but do they break anything?
It doesn't look like changes we want. The
ngx_conf_set_str_array_slot() function is intended to handle
arrays like this:
I would rather see ssl_certificates to be used this way, something
> - An RSA cert and an ECC cert might well be issued by different
> CAs. On Apache httpd, you have to use SSLCACertificatePath to
> persuade OpenSSL to send different Intermediate certs for each one.
> Nginx doesn't currently have an equivalent directive, and Maxim has
> previously said it's unlikely to be added .
> I haven't researched this properly yet, but I think it might be
> possible to do "certificate path" in memory (i.e. without syscalls
> and disk access on each certificate check) using the OpenSSL
> X509_LOOKUP API.
AFAIR, OpenSSL only able to store one certificate chain per
SSL_CTX, which is the root cause of the problem.
> - I expect Maxim will have other comments. :-)
One thing which instantly comes in mind is SSL Stapling related
More information about the nginx-devel