Hi,
On 04/03/16 14:24, Arne Schwabe wrote:
Am 04.03.16 um 14:18 schrieb ValdikSS:
On 03/04/2016 04:12 PM, Arne Schwabe wrote:
Am 03.03.16 um 22:04 schrieb ValdikSS:
Shouldn't sending the new CA chain only be enough? Since it is
(cross)signed by the old CA, the client will accept it. For the old
clients the new CA will look like an intermediate certificate.
Please clarify what do you mean. I'm trying to send new CA (signed by old CA)
and a server certificate.
Exactly what David Woodhouse replied just 10 minutes before my email.
the more I think about it, the more I think that what you are trying to
achieve ought not to work:
your current situation is this:
- clients are equipped with a 1024bit CA cert; the server certificate
(chain) must be signed using this end-entity CA cert for the client to
trust the server
- the server supplies this 1024bit CA cert, as well as a cross-signed
4096bit CA cert and a server cert.
- The client will never "accept" the 4K CA cert as the new end-entity,
as that is not configured in the config file.
*but*
anything signed using a 1K cert should be considered insecure, as it's
feasible nowadays to brute-force generate a key that will match that
certificate. That means that an attacker can grab your 1K CA cert,
generate a new CA key for it, then generate new server cert (or even a
4K cross-signed CA cert) and lure an unsuspecting client to the server -
your shiny new cross-signed CA cert will not prevent this.
The only way to prevent this from happening is by getting the clients to
stop trusting/using the 1K CA cert - thus, you must alter the
client-side configuration for this, painstaking as it is...
JJK
