microsoft/msquic

Support for multiple server certificates

Open

#3,141 opened on Oct 12, 2022

View on GitHub
 (5 comments) (0 reactions) (0 assignees)C (671 forks)github user discovery
Area: APITLS: SchannelTLS: quicTLSfeature requestgood first issue

Repository metrics

Stars
 (4,712 stars)
PR merge metrics
 (PR metrics pending)

Description

Describe the feature you'd like supported

Currently MsQuic only supports a single QUIC_CERTIFICATE_HASH_STORE in QUIC_CREDENTIAL_CONFIG, so servers cannot offer both RSA-based and ECDSA-based ciphers. As certificate protocols evolve it would be useful to support multiple types of certificates simultaneously.

Proposed solution

QUIC_CREDENTIAL_CONFIG.CertificateHashStore is already a pointer type. Either accept an array length via the Reserved parameter, or create a new QUIC_CERTIFICATE_MULTI_HASH_STORE type to handle an array of hash store objects.

Additional context

No response

Contributor guide