> From: openssl-users <openssl-users-bounces@xxxxxxxxxxx> On Behalf Of Matt > Caswell > Sent: Tuesday, 24 May, 2022 07:43 > To: openssl-users@xxxxxxxxxxx > Subject: Re: using TLS (>1.2) with more than one certificate > > On 24/05/2022 13:52, Tobias.Wolf@xxxxxxxxxxxxx wrote: > > I’ve a server application and need to support RSA and ECC clients at the > > same time. > > > > I don’t know which certificate from my local keystore I have to send to > > the client, btw I have a rsa and a ecc certificate in my keystore > already. > > > > I don’t know with which certificate (rsa or ecc) a client comes during > > handshake of a tls connection. > > > > How can this technically work? > > > > It's perfectly find to add multiple certs/keys of different types to a > single SSL_CTX/SSL. OpenSSL will select the appropriate cert to use > based on the negotiated sigalg (for TLSv1.3). Just to clarify - this works for earlier TLS versions as well. Configure the server's SSL_CTX with both certificate chains and the private keys for the two entity certificates, and for older TLS versions the server will select the appropriate chain based on the cipher-suite list in the ClientHello. That is, it will use the ECC certificate (probably ECDSA, though EdDSA is becoming more common) if the client's cipher-suite list indicates it supports the necessary algorithms. -- Michael Wojcik
