[Ach] client certificate request troubles

Manuel Kraus ach at lsd.is
Mon Jan 20 18:39:19 CET 2014

Hey Wolfgang,

I have a similar issue:

In Postfix I use the option

 smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

to have a CA-reference.

The documentation [1] states, that having all certs in one file, this whole file will be sent to the client to give him a choice which client-certificate to use for authentication (one, which the server knows the CA of). So, if you have a big file, the client potentially gets flooded. I've seen this already.

As the documentation says, this behavior should be avoidable in Postfix, if only the certificate _path_ is configured. In this setup the client sends simply it's default certificate to the requesting server and the server has to cope with it, no matter if he knows the CA or not.
Sadly this preferred variant doesn't work on my server yet, even taking the chroot environment into account.

But maybe you have a similar configuration option on Exim not sending all CAs to the client, like using a path rather than a combined file...


Manuel Kraus

[1] http://www.postfix.org/postconf.5.html#smtpd_tls_CApath

Am Mon, 20 Jan 2014 17:32:46 +0100
schrieb Wolfgang Breyha <wolfgang.breyha at univie.ac.at>:

> Hi!
> I've a topic not directly related to our document, but it fits "better crypto";-)
> I configured most of my Exim installations to request client certificates and
> to try to verify them. Currently without consequences and only for logging
> purposes.
> Last Friday I updated the ca-certificates bundle RPM of our CentOS hosts. The
> file grew in size from 570k to 750k and 120 root-CAs to 149, respectively.
> It took some time to figure that out, but since then many (older and/or
> embedded) clients fail to finish the SSL handshake. Eg. Pegasus Mail(, most
> likely Mercury MTA), older Exchange, Canon Printers,...more?
> I did some debugging with wireshark and recognized that the certificate
> request in the handshake grew since the DNs of the CAs are sent with the
> request as specified in the RFCs. And it grew beyond the maximum TLS record
> size of 16k and two TLS records are sent by OpenSSL. Pegasus directly
> complained about the length.
> Currently the only solution I see is disabling client cert requests at all.
> Stripping down the root-CAs makes no sense at all and the list of root-CAs
> wont get shorter. And we wont get rid of all the servers and clients of this
> kind, too.
> I wanted to ask if somebody else has seen troubles of this sort and if there
> are other possibilities then disabling client cert requests completely (and
> most likely for very long time).
> Greetings, Wolfgang

Linux® System Dienste

More information about the Ach mailing list