Hello Greg,
Thanks for this, I have opened a feature request at
https://github.com/eclipse/jetty.project/issues/3863. That mode you
describe would do fine for me.
Kind regards,
Silvio
On 09-07-19 08:18, Greg Wilkins wrote:
Silvio,
Open a feature request on github and we'll look at
Silvio,
Open a feature request on github and we'll look at this. It might be
simply that we can add a mode that if no SNI matches are found then we
don't delegate to the normal key manager. At least that would work if
you have all SNI capable keys. If there is no SNI match and you want to
Hello Greg,
The keystore contains both wildcard certs and non-wildcard certs, for a
total of ~100 certs. If a request for a domain matching a cert comes in
the right cert is selected, totally no issues there. But when there is
no matching cert or no SNI info is provided I think the first cert
Silvio,
I'm sorry, but we are going to need more info that that. Can you describe
precisely the setup you have with regards to what certs are in your
keystore and what sort of cert they are (eg wild cards etc.). Then give us
an example of exactly what you mean by random cert?
Typically jetty