httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dr Stephen Henson <>
Subject Re: Certificate handling limitations in mod_ssl.
Date Sun, 05 Feb 2012 13:11:04 GMT
On 05/02/2012 11:08, Kaspar Brand wrote:
> On 04.02.2012 15:27, Dr Stephen Henson wrote:
>> IMHO to avoid these problems it would be better if mod_ssl could send an
>> arbitrary number of certificates and keys to OpenSSL and leave it to OpenSSL to
>> process them in an appropriate manner.
> Would that mean supplying names of key/certificate files to OpenSSL, or
> are you thinking of sending parsed keys/certs (like
> SSL_CTX_use_PrivateKey() etc. does right now)?

The existing API would still work so you'd just be able to use
SSL_CTX_use_PrivateKey and SSL_use_PrivateKey etc as now but it could be used
more times.

> Dealing with encrypted keys might become more tricky, depending on how
> the API for this would look like (currently, mod_ssl remembers the
> unencrypted keys in a separate table, so that they can survive a
> reload).

I had a quick look at that a while ago. It seems to be rather old code using
algorithm specific key serialisation functions. It has been possible to
serialise arbitrary private keys using the PKCS#8 format for some years now.

Also support for ENGINE based private keys is something mod_ssl should support
but it is problematical. A key might reside on an HSM ENGINE through an API
which OpenSSL has restricted control over including authentication (e.g. a PIN
pad, card insertion etc). In some cases you cannot reload the EVP_PKEY structure
without reauthentication. I'm not sure if that could be worked round by
attempting to cache the EVP_PKEY structure instead.

>> If finer control over some operations (for example to detect configuration
>> errors) is required OpenSSL could be extended to support that.
> This would certainly help. Things which come to mind: host name mismatch
> (i.e., cert does not include DNS name for ServerName/ServerAlias),
> private-vs.-public-key mismatch, missing chain.

I'm currently working on enhancing the API. In OpenSSL HEAD it is now possible
to use different certificate chains per key type tied to an SSL or SSL_CTX
structure: overcoming the limitation of only allowing one custom chain per SSL_CTX.

Building and caching of chains with error detection is something I'll also include.

Dr Stephen Henson. OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
+1 877-673-6775

View raw message