Extra intermediate certificate when using ssl_alt_cert

Aki Tuomi aki.tuomi at dovecot.fi
Tue Mar 13 09:57:04 EET 2018

On 10.03.2018 17:11, Aki Tuomi wrote:
>> On 10 March 2018 at 16:53 Aki Tuomi <aki.tuomi at dovecot.fi> wrote:
>>> On 10 March 2018 at 16:05 Aki Tuomi <aki.tuomi at dovecot.fi> wrote:
>>>> On 10 March 2018 at 15:20 John Fawcett <john at voipsupport.it> wrote:
>>>> On 10/03/18 14:06, Aki Tuomi wrote:
>>>>>> On 10 March 2018 at 14:49 John Fawcett < john at voipsupport.it
>>>>>> <mailto:john at voipsupport.it>> wrote:
>>>>>> On 08/03/18 18:43, Peter Linss wrote:
>>>>>>> I just added an ECDSA certificate to my mail server using
>>>>>>> ssl_alt_cert (the RSA certificate is specified by ssl_cert), both
>>>>>>> certificate files contain the certificate and a single intermediate
>>>>>>> (which currently happens to be the same intermediate from Let’s
>>>>>>> Encrypt).
>>>>>>> When connecting to the server using either RSA or ECDSA ciphers, the
>>>>>>> server sends the proper certificate, but also sends two
>>>>>>> intermediates. Apparently it’s reading the intermediate from both
>>>>>>> files and using both for all situations, rather than using only the
>>>>>>> intermediate in the RSA file for RSA certificates, and the
>>>>>>> intermediate in the ECDSA file for ECDSA certificates. I expect this
>>>>>>> will be a bigger problem when Let’s Encrypt starts using ECDSA
>>>>>>> intermediates.
>>>>>>> Removing the intermediate from the ssl_alt_cert file solves the
>>>>>>> problem (but then doesn’t allow an ECDSA intermediate to be specified).
>>>>>> I believe that supplying multiple unrelated intermediate certificates is
>>>>>> an incorrect behaviour, though I don't know if this is a problem that
>>>>>> can be solved in Dovecot or has to be addressed in openssl itself.
>>>>>> Do you get any issue in certificate validation in the client?
>>>>>> John
>>>>> You sure your cert file does not contain unrelated certificates?
>>>>> ---
>>>>> Aki Tuomi
>>>> Aki
>>>> I'll leave Peter to respond about his cert files, but in the test I did,
>>>> each the ssl_cert and ssl_alt_cert each contained the server cert and
>>>> the next cert in the chain. However, both intermediates were supplied
>>>> whether using RSA or ECDSA.
>>>> John
>>> I can confirm this behaviour. We'll look into it.
>>> Aki
>> This appears to be slightly too difficult to fix for OpenSSL 1.0.0, but we can fix this for 1.0.2 and later on next release.
>> Aki
> Sorry, target release 2.3.2, not 2.3.1.
> Aki

Fixed with


More information about the dovecot mailing list