Can I put multiple alternative certificates for a host, in a single certificate file?

Question

I have a web service which is secured through HTTPS. I also have client software which talks to this web service, using libcurl (which may be linked to OpenSSL, or linked to GnuTLS; I don't know which one, it depends on how the user installed libcurl). Because the web service is only ever accessed through the client software and never through the browser, the web service utilizes a self-signed certificate. The client software, in turn, has a copy of this self-signed certificate and explicitly checks the connection against that certificate.

Because of Heartbleed, I want to change the private key and certificate. However I want my users to experience as little service disruption as possible.

For this reason, I cannot change the key/certificate on a fixed date and time. If I do this then all users must upgrade their client software at that exact date and time. Otherwise, the upgraded client software won't work before the server change, while old versions of the client software won't work after the server change.

Ideally, I want to tell my users that I'm going to change the certificate in 1 month, and that they have 1 month time to upgrade the client software. The client software should be compatible with both the old and the new certificate. Then, after 1 month, I can issue another client software update which removes support for the old certificate.

So now we've come to my question: can I append the old certificate and the new certificate into a single .crt file? Will this cause libcurl to accept both certificates? If not, what should I do instead? Does the behavior depend on the SSL library or version?

Tests on OS X seem to indicate that appending both certificates into a single file works, but I don't know whether this is OS X-specific behavior, or whether it works everywhere. My client software has to support a wide range of Unix systems, including Linux (multiple distros) and FreeBSD.

Answer 1

Yes a cert file should be able to hold multiple certificates. I would expect this to be broadly supported.

Answer 2

Short answer: You can't.

Long answer:

Yes you can put multiple certificates in a single .crt file, regardless of platforms.

However HTTPS can only serve one certificate, instead of a crt file. So it's not the file that is limiting you, it's the protocol.

Answer 3

You could have a look at SNI https://en.wikipedia.org/wiki/Server_Name_Indication to be able to serve another certificate based on the SNI information sent by the client at the beginning of the SSL Handshake

Alternatively, you could use a separate TCP port (or IP, or both) that will serve the new certificate.

But you say

The client software, in turn, has a copy of this self-signed certificate and explicitly checks the connection against that certificate.

This then requires you to release a version of your software for your clients to run, to at least have the copy of the new certificate you are going to use.

I guess you should better use a certificate signed by well-known CA, to decouple your server certificate from its validation chain, but that indeed means paying.