TLS SNI support disabled
Jim Ohlstein
jim at ohlste.in
Wed May 2 20:05:20 UTC 2012
On 5/2/12 3:54 PM, Cliff Wells wrote:
> On Wed, 2012-05-02 at 12:34 -0700, Justin Dorfman wrote:
>> I was rebuilding nginx on a staging server and noticed: TLS SNI
>> support disabled
>>
>>
>> # /usr/local/nginx/sbin/nginx -V
>> nginx version: nginx/1.0.15
>> built by gcc 4.1.2 20080704 (Red Hat 4.1.2-48/CentOS 5.5 Final)
>> TLS SNI support disabled
>>
>>
>> Is that something I should be concerned about?
TLS/SNI support is enabled if you build nginx "--with-http_ssl_module"
and if you have an recent enough version of OpenSSL on your system. I
don't think OpenSSL is recent enough on RHEL/CentOS 5.x but should be in
6.x.
>
> Most likely not. Great feature, not widely supported across browsers
> yet.
>
If you exclude Windoze XP and older, and older versions of MacOS, it is
fairly widely supported. I think the biggest problem is the still large
installed base of XP.
http://en.wikipedia.org/wiki/Server_Name_Indication#Support (sorry for
the Wikipedia reference but it seems accurate as of this writing).
> http://en.wikipedia.org/wiki/Server_Name_Indication
>
> Cliff
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
--
Jim Ohlstein
More information about the nginx
mailing list