Hey Willy On 12/3/15, 1:40 AM, "Willy Tarreau" <[email protected]> wrote:
>I didn't understand what you meant with this last sentence, it sounds like >there could be multiple default contexts which are more or less randomly >chosen so that confuses me. Sorry if that was confusing. I was merely trying to indicate that the logic to pick the default context will prefer SSL_CTX¹s with multiple keys over SSL_CTX¹s with fewer keys. So for example: Lets say that after doing the checks on all the names, we end up with 3 SSL_CTX¹s. One is for RSA only names, one for ECDSA only names and one for shared names of RSA and ECDSA. The code will use the shared SSL_CTX as the default SSL_CTX if none has yet been set. -Dave
