[stunnel-users] client side SNI

• Previous message (by thread): [stunnel-users] client side SNI
• Next message (by thread): [stunnel-users] client side SNI
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

yyy wrote:
> It looks like server name for client side SNI is defined
> as name to connect to in connect option. According to RFC,
> this name must be FQDN.  It is the only place where it is
> defined and server name for SNI cannot be defined outside
> connect option.
> Is that right?

Well... Not really.  There is an undocumented method to do it.  Use 
"protocolHost" option.

What I'm going to do is to modify "sni" option, to specify client-side 
SNI name in a client-mode section ("client = yes").

> I am trying to run multiple independent services over the same port
> there is no DNS infrastructure in place, so those server names
> would be random strings not refering to anything.

You don't really need DNS for this.
You could also specify your names in /etc/hosts on your client.

Mike

• Previous message (by thread): [stunnel-users] client side SNI
• Next message (by thread): [stunnel-users] client side SNI
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]