Once upon a time, Ángel <[email protected]> said: > On 2022-08-21 at 15:18 -0500, Chris Adams wrote: > > Also, I believe you can offer both RSA and EC certs, so shouldn't be > > a negative to getting an EC cert (you just need to have RSA too). > > How would you do that? > > You could use different certificates on different interfaces, based on > the hostname the client is connecting to (assuming they support SNI), > or even the client IP address. > > But I don't think you could easily vary the type of certificate you > present to the client. > Technically, the ClientHello message shal be sent before the > ServerHello, so I guess you could predict, based on the ciphersuites > presented, if the client is likely to support an EC cert and present an > EC or RSA certificate based on that, but I don't know of a SSL library > which allows you to do that.
That's how it works, and it is supported by at least OpenSSL (which I'm guessing is probably the widest-used library). For example, nginx's mod_ssl allows a single server to have both an RSA and an ECDSA cert configured. F5 load balancers support this as well, and include this in the KB article: Once configured, the choice of certificate presented comes down to the negotiated cipher suite in the SSL handshake during the client and server hello phase. https://support.f5.com/csp/article/K21239684 Postfix's TLS_README also says it supports multiple server cert types, determining which to use based on the negotiated ciphersuite. -- Chris Adams <[email protected]> _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
