On Mon, May 11, 2020 at 04:34:07PM +0200, William Dauchy wrote:
> > I'm going to remove the support for multi-cert bundle once 2.2 is
> > released, so it will simplify a lot of things. I encourage people
> > writing new features to not support multi-cert bundles, more
> > particularly on the CLI.
> So you mean that
> example.pem.rsa
> example.pem.ecdsa
> will be loaded separately as all the other certificates?
> I'm not 100% sure what you meant behind removing support of "multi-cert 
> bundle".

What we call "multi-cert bundle" is the ability to load a certificate
for each key type (RSA,DSA,ECDSA) in the same SSL_CTX.
It was a hack implemented this way for OpenSSL 1.0.2 because there
wasn't any callback available to chose a certificate type in this
version. It wasn't implemented by all other SSL libraries.

With OpenSSL 1.1.1, a client_hello callback was implemented, letting us
chose the certificate type ourselves instead of letting OpenSSL do it.
In my opinion this API is better.

The multi-cert bundles are tricky and need specific conditions
everywhere in the loading code. It complexify a lot of things. For
example the loading code needs to verify if all SNIs exists in all
certificate types, and generates the right SSL_CTX combinations, leading
to multiple SSL_CTX created if the SNI weren't matching.

By removing, it just means:
- In the case of a directory there is basicaly nothing to do but remove
  the bundle code, everything will be loaded as usual, it will just be
  done in separate SSL_CTX.
- In the configuration, if you specify a bundle with "example.pem" to
  load the .rsa and .ecdsa, I'll probably add a shim to emulate the
  previous behavior, but they will be loaded in separate SSL_CTX.

Regarding the steps during the connection, during the SNI lookup,
instead of having one sni_ctx node containing a SSL_CTX with all
certificates, you will have one sni_ctx for each certificate type and
the right one will be selected during lookup.

Note that you can configure more precisely the SSL, for each certificate
file, by loading separately the certs in a crt-list, instead of
configuring all certificates on the bind line.

William Lallemand

Reply via email to