using TLS (>1.2) with more than one certificate

Angus Robertson - Magenta Systems Ltd angus at magsys.co.uk
Tue May 24 15:10:00 UTC 2022


>> I_ve a server application and need to support RSA and ECC 
>> clients at the same time.
>
> Configure the server's SSL_CTX with both certificate chains and 
> the private keys for the two entity certificates, and for older 
> TLS versions the server will select the appropriate chain based 
> on the cipher-suite list in the ClientHello. 

Side tracking slightly, I have only ECC certificates on my web, mail
and FTP servers, and SSL Labs says the only browser that can not
connect to them is Chrome 49 on Windows XP SP3.  

Is there another reason I should be duplicating all my ECC certificates
with RSA versions?

I do see a lot of SSL connection errors in my logs, but assume these
are mostly hackers or trackers with software not able to support
TLS/1.2, usually with a blank SNI and ALPN and often no extensions in
the client hello.  One had 'Versions: TLSv1.1, TLSv1.3 Key Share Data'
so got unsupported protocol.  

error:0A000102:SSL routines::unsupported protocol
error:0A000418:SSL routines::tlsv1 alert unknown ca
error:0A0000C1:SSL routines::no shared cipher
error:0A00006C:SSL routines::bad key share
error:0A000413:SSL routines::sslv3 alert unsupported certificate

Also lots of unexpected closes during handshake, and HTTP requests with
no handshake.  

Angus



More information about the openssl-users mailing list