Feature Request: TLS Vhosts using SNI / Will Tatam <will@netmindz.net>

Any chance of adding http://en.wikipedia.org/wiki/Server_Name_Indication
support  ?

We don't support anything below IE7 and FF2 (test your browser at
https://sni.velox.ch/)

I love pound and have been using it for years for all sorts, but without
support for SNI, I might be forced to start looking at things like nginx
which do offer support

I know it has been discussed before, but not much was done due to
limited browser support, but browsers have now moved on so maybe it's
time for another look
[...]

RE: [Pound Mailing List] Feature Request: TLS Vhosts using SNI
Joe Gooch <mrwizard(at)k12system.com>

2010-03-06 22:09:41

[ FULL ]

I've implemented SNI against pound 2.5 vanilla...

http://users.k12system.com/mrwizard/pound/pound-2.5-SNI_implementation.patch.bz2

Let me know how this works for you!

Joe
[...]

Re: [Pound Mailing List] Feature Request: TLS Vhosts using SNI
Will Tatam <will(at)netmindz.net>

2010-03-19 18:19:33

[ FULL ]

Thanks, I'll give it a try. Are you or anyone else using in production ?

On 06/03/10 21:09, Joe Gooch wrote:[...][...][...]

[...]

RE: [Pound Mailing List] Feature Request: TLS Vhosts using SNI
Joe Gooch <mrwizard(at)k12system.com>

2010-03-19 19:19:09

[ FULL ]

I'm using it in my branch on my beta site.  However we have a wildcard cert and
haven't needed a vhost cert yet.... so while the headers are being processed,
there really isn't a decision for pound to make.

I tested it on my workstation with two certificates and it worked fine.

Joe

[...]

RE: [Pound Mailing List] Feature Request: TLS Vhosts using SNI
Joe Gooch <mrwizard(at)k12system.com>

2010-03-26 16:14:35

[ FULL ]

Redownload the patch... I was missing a ! in the regexec match in svc.c

I'm running it on my workstation now and will email again if I run into any
issues, but from running tests with firefox and openssl s_client, it appears to
be working great!

Thanks.
Joe
[...]