x509 (server) cert signed by multiple CAs?

Question

Does anybody know whether it's feasible to have a csr signed by two CAs and deliver both certificates?

---

Reason for asking: a server running several services (https, mail, imap, git, xmpp...) and i run a CA for it, also used for client certs (xmpp, mail encryption etc.). This means users have to import th CA cert, which is ok for power users.

Some applications (mail and https) have to be accessible by regular (non-power?, common?) users, so it would be great to use a free ssl cert which is already installed in all common browsers for that (I think of startssl).

My first attempt is to get my CA cert signed by the official CA e.g. startssl, but its understandable that this does not work for free use.

So now I think about creating a csr for the common used services and have it signed by an official CA and my own CA, serving with both certificates, the official as "fallback".

or is there a smarter way?

Answer 1

You can't have a certificate signed by multiple CAs (there's only one issuer in the X.509 format). You can submit the same CSR to 2 CAs, but this will produce 2 distinct certificates (if that's your aim, it's usually better to have different key material, so different CSRs anyway).

If your clients support Server Name Indication (SNI), you could potentially server two distinct certificates on the same service, but the services would also need to have different names (otherwise, it's impossibly to distinguish which name is requested).

You're certainly over-complicating your problem by trying to use two distinct CAs or two certs on the same service on your server.

"Power users" will also certainly have the main commercial CAs in their trust anchors anyway. In this case, serving them a certificate signed by your own CA doesn't really bring any advantage. If their main difference is the fact they would come with a client-cert issued by your own CA, nothing prevents you from trusting your own CA (and therefore their client-certs) on your server, while still presenting a server certificate issued by a commercial CA. The trust anchors used by your server don't necessarily have anything to do with the trust anchors used by its clients.