>> FCtrlSocket.SslServerName := FHostName;  { V8.11 needed for SNI 
>> support }
>> It broke connection to one of the thirdparty servers that I use, so 
>> I'm trying to figure out is it a problem with ICS/OpenSSL or problem with 
>> site?
>> Is it supposed to work with all sites?

>When IPv4 addresses were freely available, all SSL servers had a unique IP 
>address, so only needed to support a single SSL certificate.  But many SSL 
>servers now have multiple hosts >on the same IP address, and need the SSL 
>Server Name Indication (SNI) to know which SSL certificate to use when a 
>connection starts.  
>SNI has been supported since Windows XP SP3 10 years ago, and with SSL coming 
>standard for most web sites today, many SSL sites become unaccessible without 
>SNI, cloud based >sites in particular.  
>The only reason SNI would break a connection is if the host name you used did 
>not match the server and you ignore SSL certificate checking completely. 
>What is the URL of the failing site?


I tried it with couple of ICS demos and it fails with SSL handshake error 
unless you comment out setting SslServerName
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to