On 02/11/17 18:00, Viktor Dukhovni wrote: > On Thu, Nov 02, 2017 at 12:15:16PM +0000, [email protected] wrote: > >> OpenSSL: >> The Notes section of SSL_CTX_use_certificate_chain_file(3ssl) uses the word >> "added", implying we can call it multiple times. The description for >> SSL_CTX_use_PrivateKey_file() also says "added". > > I may have mentioned this on this list before, but just in case: > > * Some versions of OpenSSL prior to 1.1.0 (don't recall whether > this includes 1.0.2 or not), don't correctly handle the > issuer certificate lists when using multiple chain files. > > IIRC, the last chain file loaded was used to provide the issuer > certificates for all the public key types. The work-around is to > make sure that all the issuer certificates needed by *any* leaf > cert are present in *each* chain file. > > It would be great if you could test this with 1.0.2, and post your > findings (likely worth documenting, if 1.0.2 still exhibits the > anomaly). >
With OpenSSL 1.0.2k-fips :- Server has loaded two full-chain .pem files, each having a leaf-cert, an intermediate, and an anchor. One chain is pure RSA, the other is pure EC. For no specified cipher priority list on the server :- the certificates sent with the server-hello are the RSA chain (which was the first set in the load sequence). For a priority list "ECDSA:RSA:!COMPLEMENTOFDEFAULT" :- the certificates sent with the server-hello are the EC chain. In both test cases the client-hello listed a full set of sig-alorithms (including both RSA and ECDSA types). -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
