On 06/26/2011 02:59 PM, Alain Knaff via RT wrote:
Hello,
Currently, openssl s_client supports the -servername parameter to pass
an SNI hostname.
However, wouldn't it be useful to have s_client automatically use the
host name specified for -connect as the SNI service name as well?
So instead of saying:
openssl s_client -connect www.lll.lu:443 -servername www.lll.lu
you would simply say:
openssl s_client -connect www.lll.lu:443
This would be especially practical when connecting to many hosts in a
row for testing, so that you'd only need only need to specify the host
name once. Or for those cases where SNI would not be wanted, there could
be a config option in openssl.conf to switch this on or off.
s_client is a test tool, it is not there to make things working
automagically.
the possibility to specify servername explicitly allows to
to things like (assuming you want to circumvent a DNS
problem :
openssl s_client -connect x.x.x.x:443 -servername www.lll.lu
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
