On 19/02/2014 17:30, Falco Schwarz wrote: > As of svn.apache.org/r1527295 standardized DH parameters were added to > mod_ssl. If I understand docs correctly, the bit length is based on the > RSA/DSA key. With the recent support of multiple certificates per VirtualHost > it is possible to use an RSA and ECC certificate. > > When using RSA and ECC, the DH bit length is dependent on the certificate > configured last, so: > > - if ECC is configured last, 1024 bit DH params are set (minimum) > - if RSA is configured last, the DH params depend on the private keys bit > length (it works) > > The ECC certificate should in any way be skipped and not taken into account > when setting DH params. >
I think that's a consequence of how SSL_get_certificate works. You get the current certificate which is not necessarily the one the server actually uses. Ugly workaround for ephemeral DH ciphersuites... if the cipher is of the form *-RSA-* it's the RSA certificate and *-DSS-* it's the DSA one. No ciphersuites exist using ephemeral DH and ECDSA. We should probably have a way to set the current certificate in OpenSSL to the one the server used. Steve. -- Dr Stephen Henson. OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 +1 877-673-6775 shen...@opensslfoundation.com
