Using normal tls certificates with gemini

[colecmac at protonmail.com]

> For my gemini capsule's tls setup, I just used my Let's Encrypt
> certificate since I already had it set up for my web site. However,
> after reading deeper into server setup with gemini, I discovered that
> I'm probably adding a lot of extra request overhead by using a
> certificate from a CA instead of self-signed. Now my problem is that if
> I change out the certificate, then people that have previously visited
> my site may think it is compromised because the certificate changed and
> most clients are TOFU. Should I change out the certificate or is it fine
> to leave it as is?

I had the same problem for my capsule, gemini://makeworld.gq. What I did
was wait until the Let's Encrypt cert expired for a clean transition, and
then created my own small 5-year cert. See my gemlog post for details on
how to generate these:

gemini://makeworld.gq/gemlog/2020-07-06-openssl.gmi

There is also the gemcert tool:
https://tildegit.org/solderpunk/gemcert


> As an additional question, if I was writing a more advanced gemini
> client, should I validate cert chains if they're availaible or only use
> TOFU on the fingerprint and ignore chains entirely? The spec just says
> to validate however you want, but what's the community's recommendation?

Only validate the certificate in the chain that applies to the host you're
visiting, ignore all the others. Most servers do not send chains anyway,
as it adds needless extra bytes. But that does not mean fingerprints shouldn't
be used, you can still take the fingerprint of the last cert in the chain.

Cheers,
makeworld