Re: [openssl-users] How to get SNI info from s_client debug logs?

* 1. Why does s_server need option "-servername"? For debugging, so that you can test that clients are sending the right SNI extension and properly handling the TLS error when they don’t. * 2. It looks options -servername and -alpn cannot work together. Yes, kind-of. The s_client

Re: [openssl-users] How to get SNI info from s_client debug logs?

I just tried s_server, and its logs included something like "Hostname in TLS extension". But I still have a couple of puzzles. 1. Why does s_server need option "-servername"? I supposed only s_client needs this option. With my test, if only s_client specified "-servername server", the desired

Re: [openssl-users] How to get SNI info from s_client debug logs?

The -servername [host] is what causes the SNI extension to be sent. I don't think its sending is put into the debug output. Do you really need it there? I'm pretty certain that s_server outputs it in debug output. -Kyle H On Nov 26, 2017 18:59, "John Jiang" wrote: >

Re: [openssl-users] How to get SNI info from s_client debug logs?

ers <openssl-users@openssl.org> Subject: [openssl-users] How to get SNI info from s_client debug logs? Hi, The following is my OpenSSL version info, OpenSSL 1.1.0f 25 May 2017 I supposed the below command can give me some SNI info, but nothing was found. openssl s_client -debug -tlsextd

[openssl-users] How to get SNI info from s_client debug logs?

Hi, The following is my OpenSSL version info, OpenSSL 1.1.0f 25 May 2017 I supposed the below command can give me some SNI info, but nothing was found. openssl s_client -debug -tlsextdebug -msg -connect -servername < /dev/null | grep "server name" But I found SNI extension with Wireshark while