Guenter Knauf wrote: > Hi all, > another user pointed out that it seems that mod_ssl doesnt support SNI yet: > http://www.g-loaded.eu/2007/08/10/ssl-enabled-name-based-apache-virtual-hosts-with-mod_gnutls/ > > one of the reader comments contains a link to a mod_ssl patch which enables > this: > https://sni.velox.ch/misc/httpd-2.2.2-sni.patch > > I've tested the patch against trunk and 2.2.x, and it applies to both with > some fuzz.... > > someone against bringing this into trunk? >
A patch is also in bug #34607. Originally no released version of OpenSSL supported SNI it was an experimental addition to the HEAD which will become 0.9.9-dev. I recently backported it as an option to 0.9.8f. By "option" I mean it is not compiled in by default but will be included if the configuration option enable-tlsext is included. The patch included in the bug correctly detects the presence of support and will make use of it if compiled against an appropriately configured version of OpenSSL. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage.
