Multiple SSL
Calomel
nginxlist at calomel.org
Thu May 29 23:32:38 MSD 2008
Ed,
As I understand it tlsext is still in "BETA" like stage for 0.9.8g. I
also believe remote clients must be strictly RFC 4366 compliant
otherwise browsers will still get a SSL error page.
According to Goggle, this site has a test case tlsext setup.
https://dave.sni.velox.ch/
--
Calomel @ https://calomel.org
Open Source Research and Reference
On Thu, May 29, 2008 at 06:24:49PM +0100, Ed W wrote:
>Sean Allen wrote:
>>you cant do virtual naming with ssl
>>
>>because the cert negotation comes first.
>
>However, SNI is rapidly becoming an option?
>
>It appears that SNI support has been backported to at least OpenSSL
>0.9.8g ? You need to specify --enable-tlsext when building openssl
>
>What else is required on the nginx side in order to test TLS upgrades?
>Does someone have a sample config showing this working on some web browser?
>
>Cheers
>
>Ed W
More information about the nginx
mailing list