Multiple SSL

Ed W lists at wildgooses.com
Thu May 29 21:24:49 MSD 2008


Sean Allen wrote:
> you cant do virtual naming with ssl
>
> because the cert negotation comes first.

However, SNI is rapidly becoming an option?

It appears that SNI support has been backported to at least OpenSSL 
0.9.8g ?  You need to specify --enable-tlsext when building openssl

What else is required on the nginx side in order to test TLS upgrades?  
Does someone have a sample config showing this working on some web browser?

Cheers

Ed W





More information about the nginx mailing list