Hello!

On Thu, Oct 17, 2013 at 03:09:42PM +0100, Rob Stradling wrote:

> On 06/02/13 17:24, Primoz Bratanic wrote:
> >Hi,
> >
> >Apache supports specifying multiple certificates (different types) for same
> >host in line with OpenSSL support (RSA, DSA, ECC). This allows using ECC key
> >exchange methods with clients that support it and it's backwards compatible.
> >I wonder how much work would it be to add support for this to nginx. Is it
> >just allowing specifying 2-3 certificates (and checking they have different
> >key type) + adding support for returning proper key chain or are the any
> >other obvious roadblocks (that are not obvious to me).
>
> Here's a first stab at a patch. I hope this is a useful starting
> point for getting this feature added to Nginx.
>
> To specify an RSA cert plus an ECC cert, use...
> ssl_certificate my_rsa.crt my_ecc.crt;
> ssl_certificate_key my_rsa.key my_ecc.key;
> ssl_prefer_server_ciphers on;
> Also, configure ssl_ciphers to prefer at least 1 ECDSA cipher and
> permit at least 1 RSA cipher.
>
> I think DSA certs should work too, but I've not tested this.
>
>
> Issues I'm aware of with this patch:
>
> - It doesn't check that each of the certs has a different key type
> (but perhaps it should). If you specify multiple certs with the
> same algorithm, all but the last one will be ignored.

Bad, but we could live with it if there will be no better way to
do things.

> - The certs and keys need to be specified in the correct order.
> If you specify "my_rsa.crt my_ecc.crt" and "my_ecc.key my_rsa.key",
> Nginx will start but it won't be able to complete any SSL
> handshakes. This could be improved.

This is certainly not something acceptable. There should be a
better way to specify certs and keys.

> - It doesn't add the new feature to mail_ssl_module. Perhaps it should.

This could wait.

> - The changes I made to ngx_conf_set_str_array_slot() work for me,
> but do they break anything?

It doesn't look like changes we want. The
ngx_conf_set_str_array_slot() function is intended to handle
arrays like this:

example_array_directive value1;
example_array_directive value2;

I would rather see ssl_certificates to be used this way, something
like:

ssl_certificate rsa.crt;
ssl_certificate_key rsa.key;

ssl_certificate ecc.crt;
ssl_certificate_key ecc.key;

> - An RSA cert and an ECC cert might well be issued by different
> CAs. On Apache httpd, you have to use SSLCACertificatePath to
> persuade OpenSSL to send different Intermediate certs for each one.
> Nginx doesn't currently have an equivalent directive, and Maxim has
> previously said it's unlikely to be added [1].
> I haven't researched this properly yet, but I think it might be
> possible to do "certificate path" in memory (i.e. without syscalls
> and disk access on each certificate check) using the OpenSSL
> X509_LOOKUP API.

AFAIR, OpenSSL only able to store one certificate chain per
SSL_CTX, which is the root cause of the problem.

> - I expect Maxim will have other comments. :-)

One thing which instantly comes in mind is SSL Stapling related
issues.

--
Maxim Dounin
http://nginx.org/en/donation.html

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel