On Sat, Oct 18, 2014 at 9:50 AM, Tom Browder <[email protected]> wrote:
> If I get a server TLS certificate for an IP address, is it true that I > can have essentially unlimited TLS VHosts using that certificate > (assuming clients are SNI-capable)? > I don't think so. * The hostnames need to be in the certificate for the client to validate it * SNI is only useful for N certificates, not 1 certificate that has wildcards or subjectaltnames. The latter doesn't require SNI.
