| 1 |
SSL server requirements |
| 2 |
----------------------- |
| 3 |
|
| 4 |
This document is meant for Internet service providers as a check-list. If |
| 5 |
fetchmail refers you to it, mail this file to the support address for the |
| 6 |
server that caused the reference. |
| 7 |
|
| 8 |
In order to let any mail client (not just fetchmail) verify server certificates |
| 9 |
properly, so that users can be sure their connection is not eavesdropped, there |
| 10 |
are several requirements that need to be fulfilled. |
| 11 |
|
| 12 |
1. Match certificate and DNS names: |
| 13 |
|
| 14 |
The server certificate's "common name" or "subject alternative name" must |
| 15 |
match the name by which clients are connecting. Avoid the use of wildmats if |
| 16 |
possible, not all clients support them (fetchmail does). |
| 17 |
|
| 18 |
This may sound trivial, but for load balancing and failover setups, it may |
| 19 |
not be obvious. |
| 20 |
|
| 21 |
2. Provide the *full* certificate chain |
| 22 |
|
| 23 |
Many SSL documents tell you to install the server certificate, silently |
| 24 |
assuming that it were directly signed by a trusted root certification |
| 25 |
authority (CA). |
| 26 |
|
| 27 |
If your server certificate is not directly signed by the root certification |
| 28 |
authority (root CA), then you are using intermediate CA. In this case, you |
| 29 |
*MUST* (as per the TLS standard) provide *ALL* intermediate certificates. |
| 30 |
|
| 31 |
If you fail to provide intermediate certificates, clients can only connect |
| 32 |
if the end user overrides/disables security warnings in his/her software, |
| 33 |
and this disables the detection of eavesdroppers. |
| 34 |
|
| 35 |
The intermediate CA certificates must be issued after the server's |
| 36 |
certificate in proper order, that is: |
| 37 |
first the intermediate CA cert that signed the servers' certificate, then |
| 38 |
the intermedate CA cert that signed the previous intermediate CA, and all |
| 39 |
the way back to the root CA cert (which you should omit). |
| 40 |
|
| 41 |
You can optionally add the root CA certificate, but this is redundant, as |
| 42 |
the client needs to have that installed anyways (see 3 below) in its store |
| 43 |
of trusted root certification authorities in order to verify certificates |
| 44 |
that this root CA has signed. |
| 45 |
|
| 46 |
For software that does not offer "chain certificate" options, but that |
| 47 |
supports reading certificates in PEM format, it is usually sufficient to |
| 48 |
concatenate all the certs in proper order (again, from server to root). |
| 49 |
|
| 50 |
3. Provide the *root* CA's certificate separately. |
| 51 |
|
| 52 |
Provide the root CA's certificate in a place where your end users will |
| 53 |
quickly and easily find it, or provide a link to it. Depending on which mail |
| 54 |
software your clients use, it may not be pre-installed, and users require |
| 55 |
this root CA to verify your SSL server certificate, and possibly |
| 56 |
intermediate certificates. |
| 57 |
|
| 58 |
This is particularly important if you're using local self-signed |
| 59 |
certificates, as these are never preinstalled into end-users clients. |
| 60 |
|
| 61 |
Your technical support team should have the finger prints of this root CA |
| 62 |
readily available at least in MD5 and SHA1 formats and offer to clients and |
| 63 |
be ready to answer client questions as to the fingerprints (for |
| 64 |
verification) and installation in commonly used clients. |
