speed, performance and scalability of ecdsa certs with backward compatibility of rsa certs
What’s the benefit of using LibreSSL anyway? It is old, fragmented and does not offer the latest features and functions. It is based on the OpenSSL 1.0.1 code which has been issued almost 6 years ago. (OpenSSL 1.0.1 [14 Mar 2012) Instead of disabling weak Ciphers et al. with a patch like Fedora and Red Hat does. They started all over again with old rubbish.
Can I use RapidSSL for this? Cheap Standard certificate from $7.38/year. Buy/Renew RapidSSL Standard certificate and retain Comodo on this: Any guide I can follow?
no idea for RapidSSL. only know comodo supports ECDSA as does letsencrypt backwards compat is just this threads outlined dual rsa + ecdsa cert setup for commercial certs it's just same as single commercial cert just need 2 one with generated rsa 2048 bit private key + CSR file and one with ecdsa 256bit private key + CSR file
I like this idea. I have some user who are still on XP chrome/IE which only does RSA. So I'm running RSA Is it still in testing mode?
You mean dual certs in testing mode or you mean private branch which automates this as outlined at SSL - Nginx 1.11.0 introduces dual ECDSA + RSA SSL certificate support ! ? if it's automation via private branch, then yes still in testing right now
So ssl_certificate & ssl_certificate_key will have duplicate line one for RSA and one for ECC. What about ssl_trusted_certificate? I'm trying this now.
Do you have live site using Dual Cert? I want to test on UCBrowser Desktop (Windows XP SP3). My setup failed.
official Centmin Mod HTTP/2 HTTPS demo site is using dual ECDSA + RSA SS certificates https://http2.centminmod.com/ but IIRC WinXP isn't supported by SHA256 ? Edit WinXP SP3 might but whether browser does that's another matter Chrome browser 39+ sunsetting SHA-1 SSL signatures SHA-256 Compatibility
For some reason that site works fine. Chrome and Firefox on XP works fine. Only this UCBrowser has issue with me. Can you please share your cipher list for that site? (http2.centminmod.com) OpenSSL version used? I guess still on OpenSSL 1.0.2?
using OpenSSL 1.1.1-pre1 right now for TLS v1.3 testing Code (Text): ssl_ciphers TLS13-AES-128-GCM-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
Ah seems it's because OpenSSL 1.1 default priority is to use x25519 curve [openssl-dev] X25519 is the default curve for ECDHE in OpenSSL 1.1.0 and X25519 implementation complicates curve order preference for consuming applications · Issue #4175 · openssl/openssl · GitHub So updating to OpenSSL 1.1.0g or 1.1.1-pre1 and see but you will loose RC4 IIRC. But doesn't matter Nginx fall backs to serving with P-256 in either case as you can see in SSLLab listing of clients/browsers (with exception on my site for Firefox 53/Win) Your site's Server Temp Key Code (Text): echo n | openssl s_client -debug -connect phcorner.net:443 2>&1 | grep -A12 'Server Temp Key:' Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 3361 bytes and written 415 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-GCM-SHA256 Server public key is 256 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-ECDSA-AES128-GCM-SHA256 my site Code (Text): echo n | openssl s_client -debug -connect http2.centminmod.com:443 2>&1 | grep -A12 'Server Temp Key:' Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 2779 bytes and written 415 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-GCM-SHA256 Server public key is 256 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-ECDSA-AES128-GCM-SHA256