mod_ssl supports multiple certificates for the same host, one with RSA
key, one with DSA key and one with EC key. They can be configured at the
same time.
Altough tcnative has the code to handle that, we currently do not wire
it. We would need an way to express in the ssl config, that multiple
certificates are used (for the same name). A way to distinguish which
one is the one with RSA would be helpful. mod_ssl does it by requiring
it to be the first one. Any ideas how to express this in the config so
that e can create the wiring down to tcnative? Or do we think it is an
exotic feature?
Furthermore if we want to support all three (RSA, DSA, EC) at the same
time, it would require the use of a new tcnative version, because it has
a fixed array length of 2 for the certificates.
Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
