Ian G wrote: > Further, it turns out that Apache does not have the > code to deal with the client helo server name indication.
I'm not sure if it was mentioned, but I made a post to our blog about subjectAltNames and such and apparently mod_gnutls does attempt to support this (via apache), so all you need to do now is hope they get it as good as mod_ssl and then hassle the mozilla guys into supporting it :) http://www.outoforder.cc/projects/apache/mod_gnutls/ "Warning: mod_gnutls is a very new module. If you truely care about making your server secure, do not use this module yet. With time and love, this module can be a viable alternative to mod_ssl, but it is not ready." -- Best regards, Duane http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://happysnapper.com.au - Sell your photos over the net! http://e164.org - Using Enum.164 to interconnect asterisk servers "In the long run the pessimist may be proved right, but the optimist has a better time on the trip." _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
