TLS on Tomcat: Using ECC and RSA certificates together -- invalid intermediate certificate in chain

Wed, 09 Dec 2020 14:55:16 -0800 

I am trying to configure Tomcat 9.0.37 (or later if I need to) to use both
an RSA and an ECC certificate for the same host.

Platform is Windows 2008 R2, with the Tomcat Native 1.2.24 library
installed.

My configuration is roughly as follows:


        <SSLHostConfig protocols="TLSv1.3,TLSv1.2"
  honorCipherOrder="true"
  ciphers="<omitted for simplicity>"
              hostName="*.blahblah.com">
            <Certificate certificateKeyFile="conf/blahblah_com_priv.key"
                         certificateFile="conf/blahblah_com.crt"

 certificateChainFile="conf/blahblah_com.intermediate.crt"
                         type="RSA"
/>
            <Certificate
certificateKeyFile="conf/blahblah_com_com-ECC.private.key"
                         certificateFile="conf/blahblah_com-ECC.pem"

 certificateChainFile="conf/blahblah_com-ECC.intermediate.pem"
                         type="EC"
/>
        </SSLHostConfig>


The only change I've made was to add the additional Certificate element for
the ECC certificate (so I believe everything else about our configuration
is all good.

When I run "testssh.sh" against the host, I end up with a failed
certificate chain for the RSA certificate. The ECC certificate is all fine
though, and before adding the ECC certificate, the RSA certificate was fine.

I've dug into the documentation and found this statement with reference to
the certificateChainFile parameter:

"Note that when using more than one certificate for different types, they
all must use the same certificate chain"

So I checked the Git repo, and that was added with a commit comment that
references the Apache HTTP configuration which states something slightly
differently:

"But be careful: Providing the certificate chain works only if you are
using a single RSA or DSA based server certificate. If you are using a
coupled RSA+DSA certificate pair, this will work only if actually both
certificates use the same certificate chain. Else the browsers will be
confused in this situation."

The two statements suggest slightly different things. However the second
doesn't suggest that ECC and RSA cannot be combined with different chains.

Is there any way to have two different certificate chains for the ECC and
RSA certificates and get it working with Tomcat/OpenSSL? (as we don't have
certificates with the same chains as our provider seems to use different
intermediate CAs for ECC versus RSA).


Thanks for any suggestions anyone can provide,

Robert

Reply via email to