Arkadiusz Miśkiewicz
2018-Nov-13 18:53 UTC
dovecot 2.2/openssl 1.0 vs dovecot 2.3/openssl 1.1.1 ssl regression
Hi. I'm considering dovecot migration from 2.2.36 run with openssl 1.0.2o to dovecot 2.3.3 run with openssl 1.1.1. Currently I have both variants running with identical configs and certs (the only differences are due to config syntax changes in dovecot 2.3), so for example on both I have: ssl_ca = </etc/openssl/certs/wildcard_ca.pem (this file contains single intermediate certificate of my CA) ssl_cert = </etc/openssl/certs/wildcard_crt.pem (this contains single cerificate for my *.example.com domain) ssl_key = # hidden, use -P to show it (and one key) No alt certs in use. Chain is: - CA trusted by clients (this certificate isn't provided by my dovecot, it's not needed) - wildcard_ca.pem - intermediate CA - wildcard_crt.pem - wildcard certificate for my *.example.com domain dovecot 2.2.36 behaviour is to provide wildcard_ca.pem and wildcard_crt.pem to the client - that behaviour is OK. Client has full trust chain. dovecot 2.3.3 provides only wildcard_crt.pem certificate to the client which is a big problem because missing wildcard_ca.pem (intermediate certificate) breaks chain and client is not able to verify trust chain. Testing is done with simple: openssl s_client -connect my.example.com:143 -starttls imap -servername my.example.com -showcerts 2.3.x announcements and upgrade wiki mention no such behaviour change, so I assume it is a regression. Now doing cat wildcard_ca.pem >> wildcard_crt.pem solves the problem and dovecot starts providing both certs to clients but if that's the proper way of solving this issue then what's the point of having ssl_ca config setting? Ideas? -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org )
Aki Tuomi
2018-Nov-13 18:58 UTC
dovecot 2.2/openssl 1.0 vs dovecot 2.3/openssl 1.1.1 ssl regression
<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 13 November 2018 at 20:53 Arkadiusz Miśkiewicz < <a href="mailto:arekm@maven.pl">arekm@maven.pl</a>> wrote: </div> <div> <br> </div> <div> <br> </div> <div> Hi. </div> <div> <br> </div> <div> I'm considering dovecot migration from 2.2.36 run with openssl 1.0.2o to </div> <div> dovecot 2.3.3 run with openssl 1.1.1. </div> <div> <br> </div> <div> Currently I have both variants running with identical configs and certs </div> <div> (the only differences are due to config syntax changes in dovecot 2.3), </div> <div> so for example on both I have: </div> <div> <br> </div> <div> ssl_ca = </etc/openssl/certs/wildcard_ca.pem </div> <div> (this file contains single intermediate certificate of my CA) </div> <div> <br> </div> <div> ssl_cert = </etc/openssl/certs/wildcard_crt.pem </div> <div> (this contains single cerificate for my *.example.com domain) </div> <div> <br> </div> <div> ssl_key = # hidden, use -P to show it </div> <div> (and one key) </div> <div> <br> </div> <div> No alt certs in use. </div> <div> <br> </div> <div> Chain is: </div> <div> - CA trusted by clients (this certificate isn't provided by my dovecot, </div> <div> it's not needed) </div> <div> - wildcard_ca.pem - intermediate CA </div> <div> - wildcard_crt.pem - wildcard certificate for my *.example.com domain </div> <div> <br> </div> <div> <br> </div> <div> <br> </div> <div> dovecot 2.2.36 behaviour is to provide wildcard_ca.pem and </div> <div> wildcard_crt.pem to the client - that behaviour is OK. Client has full </div> <div> trust chain. </div> <div> <br> </div> <div> dovecot 2.3.3 provides only wildcard_crt.pem certificate to the client </div> <div> which is a big problem because missing wildcard_ca.pem (intermediate </div> <div> certificate) breaks chain and client is not able to verify trust chain. </div> <div> <br> </div> <div> Testing is done with simple: </div> <div> <br> </div> <div> openssl s_client -connect my.example.com:143 -starttls imap -servername </div> <div> my.example.com -showcerts </div> <div> <br> </div> <div> <br> </div> <div> 2.3.x announcements and upgrade wiki mention no such behaviour change, </div> <div> so I assume it is a regression. </div> <div> <br> </div> <div> Now doing </div> <div> cat wildcard_ca.pem >> wildcard_crt.pem </div> <div> solves the problem and dovecot starts providing both certs to clients </div> <div> but if that's the proper way of solving this issue then what's the point </div> <div> of having ssl_ca config setting? </div> <div> <br> </div> <div> Ideas? </div> <div> <br> </div> <div> -- </div> <div> Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org ) </div> </blockquote> <div> Including ssl_ca with cert is not actually a good idea, but perhaps this should indeed be mentioned in the upgrading page. Not a regression in any case. </div> <div class="io-ox-signature"> --- <br>Aki Tuomi </div> </body> </html>
Hauke Fath
2018-Nov-15 15:53 UTC
dovecot 2.2/openssl 1.0 vs dovecot 2.3/openssl 1.1.1 ssl regression
On 11/13/18 19:58, Aki Tuomi wrote:> On 13 November 2018 at 20:53 Arkadiusz Mi?kiewicz wrote: >> I'm considering dovecot migration from 2.2.36 run with openssl 1.0.2o to >> dovecot 2.3.3 run with openssl 1.1.1. >> >> Currently I have both variants running with identical configs and certs >> (the only differences are due to config syntax changes in dovecot 2.3), >> so for example on both I have: >> >> ssl_ca = </etc/openssl/certs/wildcard_ca.pem >> (this file contains single intermediate certificate of my CA) >> >> ssl_cert = </etc/openssl/certs/wildcard_crt.pem >> (this contains single cerificate for my *.example.com domain)[dovecot 2.3+ does not provide intermediate CA cert to clients any more]>> 2.3.x announcements and upgrade wiki mention no such behaviour change, >> so I assume it is a regression. >> >> Now doing >> cat wildcard_ca.pem >> wildcard_crt.pem >> solves the problem and dovecot starts providing both certs to clients >> but if that's the proper way of solving this issue then what's the point >> of having ssl_ca config setting?>> Including ssl_ca with cert is not actually a good idea, but perhaps this should > indeed be mentioned in the upgrading page. Not a regression in any case.Aki, when I brought up this very issue in <https://dovecot.org/list/dovecot/2018-January/110638.html> ff., you told me that "ssl_ca", despite the name, was for client certificates only, and that I was supposed to append the CA certificate(s) to the server certificate file. I am glad to hear you consider this a bad idea now. ;) Cheerio, Hauke -- The ASCII Ribbon Campaign Hauke Fath () No HTML/RTF in email Institut f?r Nachrichtentechnik /\ No Word docs in email TU Darmstadt Respect for open standards Ruf +49-6151-16-21344