httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dr Stephen Henson <shen...@oss-institute.org>
Subject Re: SNI support for mod_ssl
Date Mon, 17 Dec 2007 22:50:48 GMT
Guenter Knauf wrote:
> Hi all,
> another user pointed out that it seems that mod_ssl doesnt support SNI yet:
> http://www.g-loaded.eu/2007/08/10/ssl-enabled-name-based-apache-virtual-hosts-with-mod_gnutls/
> 
> one of the reader comments contains a link to a mod_ssl patch which enables this:
> https://sni.velox.ch/misc/httpd-2.2.2-sni.patch
> 
> I've tested the patch against trunk and 2.2.x, and it applies to both with some fuzz....
> 
> someone against bringing this into trunk?
> 

A patch is also in bug #34607. Originally no released version of OpenSSL
supported SNI it was an experimental addition to the HEAD which will
become 0.9.9-dev.

I recently backported it as an option to 0.9.8f. By "option" I mean it
is not compiled in by default but will be included if the configuration
option enable-tlsext is included.

The patch included in the bug correctly detects the presence of support
and will make use of it if compiled against an appropriately configured
version of OpenSSL.

Steve.
-- 
Dr Stephen N. Henson.
Core developer of the   OpenSSL project: http://www.openssl.org/
Freelance consultant see: http://www.drh-consultancy.co.uk/
Email: shenson@drh-consultancy.co.uk, PGP key: via homepage.

Mime
View raw message