--- ../Pound-2.6c/config.c	2010-12-27 17:54:18.000000000 +0100
+++ ./config.c	2011-04-08 08:54:53.000000000 +0200
@@ -796,11 +796,11 @@
 
     /* logmsg(LOG_DEBUG, "Received SSL SNI Header for servername %s", servername); */
 
     SSL_set_SSL_CTX(ssl, NULL);
     for(pc = ctx; pc; pc = pc->next)
-        if(fnmatch(pc->server_name, server_name, 0) == 0) {
+        if(strcasecmp(pc->server_name, server_name) == 0) {
             /* logmsg(LOG_DEBUG, "Found cert for %s", servername); */
             SSL_set_SSL_CTX(ssl, pc->ctx);
             return SSL_TLSEXT_ERR_OK;
         }
 
@@ -915,12 +915,15 @@
             res->log_level = atoi(lin + matches[1].rm_so);
         } else if(!regexec(&Cert, lin, 4, matches, 0)) {
 #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
             /* we have support for SNI */
             FILE        *fcert;
-            char        server_name[MAXBUF], *cp;
+            int         lastpos;
+            char        *common_name;
             X509        *x509;
+            X509_NAME   *x509_name;
+            X509_NAME_ENTRY *x509_name_entry;
 
             if(has_other)
                 conf_err("Cert directives MUST precede other SSL-specific directives - aborted");
             if(res->ctx) {
                 for(pc = res->ctx; res->next; res = res->next)
@@ -947,18 +950,27 @@
             if((fcert = fopen(lin + matches[1].rm_so, "r")) == NULL)
                 conf_err("ListenHTTPS: could not open certificate file");
             if((x509 = PEM_read_X509(fcert, NULL, NULL, NULL)) == NULL)
                 conf_err("ListenHTTPS: could not get certificate subject");
             fclose(fcert);
-            memset(server_name, '\0', MAXBUF);
-            X509_NAME_oneline(X509_get_subject_name(x509), server_name, MAXBUF - 1);
-            X509_free(x509);
-            if((cp = strrchr(server_name, '=')) == NULL)
-                conf_err("ListenHTTPS: could not get certificate CN");
-            else
-                if((pc->server_name = strdup(++cp)) == NULL)
+            lastpos = -1;
+            for (;;) {
+                common_name=NULL;               
+                if((x509_name = X509_get_subject_name(x509)) == NULL)
+                    conf_err("ListenHTTPS: could not set certificate subject");               
+                lastpos = X509_NAME_get_index_by_NID(x509_name, NID_commonName, lastpos);
+                if (lastpos == -1)
+                    break;
+                if((x509_name_entry = X509_NAME_get_entry(x509_name, lastpos)) == NULL)
+                    conf_err("ListenHTTPS: could not get certificate CN");                  
+                ASN1_STRING_to_UTF8((unsigned char**)&common_name,X509_NAME_ENTRY_get_data(x509_name_entry));
+                if((pc->server_name = strdup(common_name)) == NULL)
                     conf_err("ListenHTTPS: could not set certificate subject");
+                OPENSSL_free(common_name);
+              }
+             X509_free(x509);             
+
 #else
             /* no SNI support */
             if(has_other)
                 conf_err("Cert directives MUST precede other SSL-specific directives - aborted");
             if(res->ctx)