On 24/05/2022 13:52, tobias.w...@t-systems.com wrote:
I’ve a server application and need to support RSA and ECC clients at the
same time.
I don’t know which certificate from my local keystore I have to send to
the client, btw I have a rsa and a ecc certificate in my keystore already.
I don’t know with which certificate (rsa or ecc) a client comes during
handshake of a tls connection.
How can this technically work?
It's perfectly find to add multiple certs/keys of different types to a
single SSL_CTX/SSL. OpenSSL will select the appropriate cert to use
based on the negotiated sigalg (for TLSv1.3).
Matt
