> Yep, it's OS X curl. > > curl 7.37.1 (x86_64-apple-darwin14.0) libcurl/7.37.1 > SecureTransport zlib/1.2.5 > Protocols: dict file ftp ftps gopher http https imap imaps ldap > ldaps pop3 pop3s rtsp smtp smtps telnet tftp > Features: AsynchDNS GSS-Negotiate IPv6 Largefile NTLM NTLM_WB SSL libz > > I decided to take a dump: > > sudo tcpdump -ps0 -i eth0 -w coolaj86.com.eth0.443.cap tcp port 443 > > https://dropsha.re/files/afraid-wolverine-84/coolaj86.com.eth0.443.cap
In this case, your client DOES send SNI, so thats why it works. The big question is why does curl on mac somethimes send the SNI value and sometimes not? Maybe it has someting todo with the -k/--insecure argument? Which certificate are you getting if you do: curl --insecure https://coolaj86.com Regards, Lukas
