ssl - SSL handshake with SNI extension enabled - certificate selection on server

问题描述

During the SSL handshake, when the SNI extension is enabled in the client the server is not selecting and presenting the desired certificate back to the client.

I have a certificate chain that I've imported to the JVM's keystore on the server.

server certificate issued by an internal intermediate issuing CA.

Subject: CN=myserver.example.com

intermediate certificate issued by internal root CA.

        X509v3 Key Usage:
            Digital Signature, Certificate Sign, CRL Sign
        X509v3 Basic Constraints: critical
            CA:TRUE

self signed root CA certificate.

    X509v3 extensions:
        X509v3 Key Usage:
            Digital Signature, Certificate Sign, CRL Sign
        X509v3 Basic Constraints: critical
            CA:TRUE

I used "openssl s_client" to test.

I used the following command to test with Server Name Indication (SNI) TLS extension disabled and the certificate chain in the keystore is selected and presented by the server in the SSL handshake. That's what I expected.

openssl s_client -connect myserver.example.com:port

I used the following command to test with the Server Name Indication (SNI) TLS extension enabled and a different (default?) certificate was selected and presented by the server in the SSL handshake. This certificate is not in the keystore. I did not expect this.

openssl s_client -connect myserver.example.com:port -servername myserver.example.com

I'm trying to figure out why the server is not selecting my certificate chain that's in the keystore, and instead is selecting the "other" (default?) certificate when the SNI extension is enabled. Any help would be appreciated.

I don't know how certificate selection works on the server during the SSL handshake process.

标签： sslhandshakesni