[gnutls-help] [mod_gnutls-devel] need help with SNI
BenBE1987 at gmx.net
Thu Apr 10 08:36:04 CEST 2014
Am 09.04.2014 23:47, schrieb Olaf Zaplinski:
> Am 09.04.2014 23:31, schrieb Daniel Kahn Gillmor:
>> On 04/09/2014 10:55 AM, Olaf Zaplinski wrote:
>>> I have a problem with SNI.
>>> I have 3 name based vhosts with GnuTLS.
>> I think you're stalking about apache with mod_gnutls.
>> I'm sending this response to mod_gnutls-devel at lists.gnutls.org since
>> that's a better place for apache-related mod_gnutls questions. please
>> follow up there.
> OK. But I will keep this list on CC, ok?
>> it does sound like there might be an SNI matching issue that we could
>> tighten up (presumably we'd want to take the most-specific match
>> possible, rather than the first-matching cert).
> I found a blog mentioning that GnuTLS has problems with subjectAltName:
> Sounds like my problem: GnuTLS chooses the "wrong" certificate.
Could you please check if you can install the latest mod_gnutls from
trunk? Some issues with VHosts were fixed with 0.6 but being
bleeding-edge might be worth a try.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 482 bytes
Desc: OpenPGP digital signature
More information about the Gnutls-help