[PATCH] RSA+DSA+ECC bundles

Maxim Dounin mdounin at mdounin.ru
Thu Oct 17 15:18:00 UTC 2013 

Hello!

On Thu, Oct 17, 2013 at 03:09:42PM +0100, Rob Stradling wrote:

> On 06/02/13 17:24, Primoz Bratanic wrote:
> >Hi,
> >
> >Apache supports specifying multiple certificates (different types) for same
> >host in line with OpenSSL support (RSA, DSA, ECC). This allows using ECC key
> >exchange methods with clients that support it and it's backwards compatible.
> >I wonder how  much work would it be to add support for this to nginx. Is it
> >just allowing specifying 2-3 certificates (and checking they have different
> >key type) + adding support for returning proper key chain or are the any
> >other obvious roadblocks (that are not obvious to me).
> 
> Here's a first stab at a patch.  I hope this is a useful starting
> point for getting this feature added to Nginx.
> 
> To specify an RSA cert plus an ECC cert, use...
>   ssl_certificate  my_rsa.crt my_ecc.crt;
>   ssl_certificate_key  my_rsa.key my_ecc.key;
>   ssl_prefer_server_ciphers  on;
> Also, configure ssl_ciphers to prefer at least 1 ECDSA cipher and
> permit at least 1 RSA cipher.
> 
> I think DSA certs should work too, but I've not tested this.
> 
> 
> Issues I'm aware of with this patch:
> 
>   - It doesn't check that each of the certs has a different key type
> (but perhaps it should).  If you specify multiple certs with the
> same algorithm, all but the last one will be ignored.

Bad, but we could live with it if there will be no better way to 
do things.

>   - The certs and keys need to be specified in the correct order.
> If you specify "my_rsa.crt my_ecc.crt" and "my_ecc.key my_rsa.key",
> Nginx will start but it won't be able to complete any SSL
> handshakes.  This could be improved.

This is certainly not something acceptable.  There should be a 
better way to specify certs and keys.

>   - It doesn't add the new feature to mail_ssl_module.  Perhaps it should.

This could wait.

>   - The changes I made to ngx_conf_set_str_array_slot() work for me,
> but do they break anything?

It doesn't look like changes we want. The 
ngx_conf_set_str_array_slot() function is intended to handle 
arrays like this:

    example_array_directive value1;
    example_array_directive value2;

I would rather see ssl_certificates to be used this way, something 
like:

    ssl_certificate      rsa.crt;
    ssl_certificate_key  rsa.key;

    ssl_certificate      ecc.crt;
    ssl_certificate_key  ecc.key;

>   - An RSA cert and an ECC cert might well be issued by different
> CAs.  On Apache httpd, you have to use SSLCACertificatePath to
> persuade OpenSSL to send different Intermediate certs for each one.
> Nginx doesn't currently have an equivalent directive, and Maxim has
> previously said it's unlikely to be added [1].
> I haven't researched this properly yet, but I think it might be
> possible to do "certificate path" in memory (i.e. without syscalls
> and disk access on each certificate check) using the OpenSSL
> X509_LOOKUP API.

AFAIR, OpenSSL only able to store one certificate chain per 
SSL_CTX, which is the root cause of the problem.

>   - I expect Maxim will have other comments.  :-)

One thing which instantly comes in mind is SSL Stapling related 
issues.

-- 
Maxim Dounin
http://nginx.org/en/donation.html

More information about the nginx-devel mailing list