TLS SNI support disabled

Justin Dorfman jdorfman at netdna.com
Wed May 2 20:21:55 UTC 2012


This is great. Thanks Cliff and Jim =)

Regards,

Justin Dorfman <http://www.twitter.com/jdorfman>



On Wed, May 2, 2012 at 1:05 PM, Jim Ohlstein <jim at ohlste.in> wrote:

> On 5/2/12 3:54 PM, Cliff Wells wrote:
> > On Wed, 2012-05-02 at 12:34 -0700, Justin Dorfman wrote:
> >> I was rebuilding nginx on a staging server and noticed: TLS SNI
> >> support disabled
> >>
> >>
> >> # /usr/local/nginx/sbin/nginx -V
> >> nginx version: nginx/1.0.15
> >> built by gcc 4.1.2 20080704 (Red Hat 4.1.2-48/CentOS 5.5 Final)
> >> TLS SNI support disabled
> >>
> >>
> >> Is that something I should be concerned about?
>
> TLS/SNI support is  enabled if you build nginx "--with-http_ssl_module"
> and if you have an recent enough version of OpenSSL on your system. I
> don't think OpenSSL is recent enough on RHEL/CentOS 5.x but should be in
> 6.x.
>
> >
> > Most likely not.  Great feature, not widely supported across browsers
> > yet.
> >
>
> If you exclude Windoze XP and older, and older versions of MacOS, it is
> fairly widely supported. I think the biggest problem is the still large
> installed base of XP.
>
> http://en.wikipedia.org/wiki/Server_Name_Indication#Support (sorry for
> the Wikipedia reference but it seems accurate as of this writing).
>
> > http://en.wikipedia.org/wiki/Server_Name_Indication
> >
> > Cliff
> >
> >
> > _______________________________________________
> > nginx mailing list
> > nginx at nginx.org
> > http://mailman.nginx.org/mailman/listinfo/nginx
>
>
> --
> Jim Ohlstein
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120502/542e2147/attachment.html>


More information about the nginx mailing list