[Devel] Re: [Users] TLS setup
Klaus Darilion
klaus.mailinglists at pernau.at
Wed Oct 12 13:30:28 CEST 2005
Juha Heinanen wrote:
> Klaus Darilion writes:
>
> > really? I have not tested it yet. Of course it requires configuration of
> > a dedicated socket for each domain, and a restart of openser whenever
> > you change domain settings.
>
> exactly and that is why it is out of question.
FYI: In rfc3546 (section 3.1), there is an TLS extension targeting this
problem:
Specifically, the extensions described in this document are designed
to:
- Allow TLS clients to provide to the TLS server the name of the
server they are contacting. This functionality is desirable to
facilitate secure connections to servers that host multiple
'virtual' servers at a single underlying network address.
AFAIK this is not supported in openssl, only in GNUTLS.
regards
klaus
> -- juha
>
>
More information about the Devel
mailing list