On 18.04.2014 23:19, Falco Schwarz wrote: > On Fri, Apr 18, 2014 at 4:04 PM, Daniel Kahn Gillmor > <d...@fifthhorseman.net>wrote: > >> Looking at the code, it appears that ssl_callback_TmpDH() in >> modules/ssl/ssl_engine_kernel.c doesn't try to match ECC keys at all -- >> this probably needs to be updated. >> > > That was also my conclusion. It kinda makes sense that ECC keys are not > matched, because there is no ECDSA+DH cipher.
Right, there are no cipher suites which use ECDSA for authentication and ephemeral Diffie-Hellman keys (cf. "openssl ciphers -v aECDSA"). ssl_callback_TmpDH() is therefore irrelevant for the ECC case (it is only called for DHE-* cipher suites, not for ECDHE-* ones). For ephemeral ECDH, mod_ssl is relying on automatic curve selection, if available (OpenSSL 1.0.2 or later), see also [1]. > However ssl_callback_TmpDH() > would either have to iterate through all private keys or just read the > first key in order to be consistent with DH / ECDH params. The problem is the one pointed out by Steve in [2] already, I think: in the callback, SSL_get_privatekey() doesn't get us the private key which is actually used for the current connection, it only returns the "current" key i.e. the last one we configured. > Reindl, that is quite a good guide on how to setup certificates as of > 2.4.9. With one noteworthy exception: putting the private key into its own SSLCertificateKeyFile is preferred over having it in SSLCertificateFile (BTW, "Harald" would be the first name, I assume you didn't intend to call him by his last name). Kaspar [1] https://mail-archives.apache.org/mod_mbox/httpd-dev/201401.mbox/%3c52cc3c0d.1030...@velox.ch%3E [2] https://mail-archives.apache.org/mod_mbox/httpd-dev/201402.mbox/%3c53057121.70...@opensslfoundation.com%3E
