Multiple SSL

Calomel nginxlist at
Thu May 29 23:32:38 MSD 2008


As I understand it tlsext is still in "BETA" like stage for 0.9.8g. I
also believe remote clients must be strictly RFC 4366 compliant
otherwise browsers will still get a SSL error page.

According to Goggle, this site has a test case tlsext setup. 

  Calomel @
  Open Source Research and Reference

On Thu, May 29, 2008 at 06:24:49PM +0100, Ed W wrote:
>Sean Allen wrote:
>>you cant do virtual naming with ssl
>>because the cert negotation comes first.
>However, SNI is rapidly becoming an option?
>It appears that SNI support has been backported to at least OpenSSL 
>0.9.8g ?  You need to specify --enable-tlsext when building openssl
>What else is required on the nginx side in order to test TLS upgrades?  
>Does someone have a sample config showing this working on some web browser?
>Ed W

More information about the nginx mailing list