[asio-users] ssl server supporting multiple certificates and multiple private keys...
Brought to you by:
chris_kohlhoff
From: leon z. <leo...@gm...> - 2010-05-27 08:43:23
|
I have a distributed app (server client) with self-signed certificate used to validate communication between server and, multiple, client instances (i.e. 1 server box and many client boxes -- each client running the same client app). I would like to automatically update/renew this self-signed cert in the context of the distributed app. The client side has the capacity to self-update any of the client-side files automatically (over the SSL connection with the server)... including own executable, etc. etc. etc. -- inclusive of being able to download the updated cert. for the client. The client side also has the capability to auto-restart after the update of relevant files has been completed. There is a temporal problem however -- there are many clients (some could be online or offline with a few days frequency)... so some clients may be connecting with an already-updated cert. whilst others may be connecting, after a long offline period, still with the older certificate (and if the server is migrated to use the new cert, then the late-comers will not be able to connect with still-old cert and self-update, etc...) I would, ideally, like to have a server which would support, concurrently, 2 different certs (each signed with a different private key of course) -- this way any previously-connected and already-updated clients can continue working via the new cert.; and the currently-connecting clients which need updating will be able to update themselves via the old cert. The idea being that there will be a transition time-window over which both of the certs will be supported... with the older one being eventually phased out. Would this be possible (in boost::asio::ssl) ? I know that there may be other ways such as starting another instance of the server (on diff address) thus having 2 servers running: one with the old and another with the new cert... ... but it would include issues (e.g. being clanky admin-wise and due to having to prevent non-atomic writes w.r.t. contents of the cert file and the new client's config file (new ip/port address to connect to the server) on the client side: so as to prevent cases when updating client updates the new cert but crashes/restarts (e.g. due to power loss) before updating the new ip address... or the other way around... and this would involve more work etc... ... and so I'd like to see if it is at all possible to achieve the aforementioned solution with the 2 certs being supported by the same server at the same time... Or of course, if there are other ideas -- I'd welcome them all at this early stage of development. Kind regards Leon. |