httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dr Stephen Henson <shen...@opensslfoundation.com>
Subject Re: Certificate handling limitations in mod_ssl.
Date Sun, 05 Feb 2012 13:11:04 GMT
On 05/02/2012 11:08, Kaspar Brand wrote:
> On 04.02.2012 15:27, Dr Stephen Henson wrote:
>> IMHO to avoid these problems it would be better if mod_ssl could send an
>> arbitrary number of certificates and keys to OpenSSL and leave it to OpenSSL to
>> process them in an appropriate manner.
> 
> Would that mean supplying names of key/certificate files to OpenSSL, or
> are you thinking of sending parsed keys/certs (like
> SSL_CTX_use_PrivateKey() etc. does right now)?
> 

The existing API would still work so you'd just be able to use
SSL_CTX_use_PrivateKey and SSL_use_PrivateKey etc as now but it could be used
more times.

> Dealing with encrypted keys might become more tricky, depending on how
> the API for this would look like (currently, mod_ssl remembers the
> unencrypted keys in a separate table, so that they can survive a
> reload).
> 

I had a quick look at that a while ago. It seems to be rather old code using
algorithm specific key serialisation functions. It has been possible to
serialise arbitrary private keys using the PKCS#8 format for some years now.

Also support for ENGINE based private keys is something mod_ssl should support
but it is problematical. A key might reside on an HSM ENGINE through an API
which OpenSSL has restricted control over including authentication (e.g. a PIN
pad, card insertion etc). In some cases you cannot reload the EVP_PKEY structure
without reauthentication. I'm not sure if that could be worked round by
attempting to cache the EVP_PKEY structure instead.

>> If finer control over some operations (for example to detect configuration
>> errors) is required OpenSSL could be extended to support that.
> 
> This would certainly help. Things which come to mind: host name mismatch
> (i.e., cert does not include DNS name for ServerName/ServerAlias),
> private-vs.-public-key mismatch, missing chain.
> 

I'm currently working on enhancing the API. In OpenSSL HEAD it is now possible
to use different certificate chains per key type tied to an SSL or SSL_CTX
structure: overcoming the limitation of only allowing one custom chain per SSL_CTX.

Building and caching of chains with error detection is something I'll also include.

Steve.
-- 
Dr Stephen Henson. OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
+1 877-673-6775
shenson@opensslfoundation.com

Mime
View raw message