Forum: NGINX implementing SNI SSL ?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
443a308e12ba2a3082fb6170ca94c2ef?d=identicon&s=25 Ed Wg (ewildgoose)
on 2008-06-17 10:11
(Received via mailing list)
Hi, to recap on a previous thread - is nginx currently able to handle
SNI based ssl virtual hosts (assuming latest 0.98 openssl)?

My host only allows a small number of IPs (8) and I have a bunch of
currently unencrypted services (due to lack of free IPs) which might
benefit from upgrading to SSL where it's supported , ie Vista IE7 /
Firefox, etc (currently > 50% of my visitors)

Cheers

Ed W
5640e332954fc0006aea97a155ce0afd?d=identicon&s=25 Igor Sysoev (Guest)
on 2008-06-17 10:25
(Received via mailing list)
On Tue, Jun 17, 2008 at 08:57:56AM +0100, Ed W wrote:

> Hi, to recap on a previous thread - is nginx currently able to handle
> SNI based ssl virtual hosts (assuming latest 0.98 openssl)?
>
> My host only allows a small number of IPs (8) and I have a bunch of
> currently unencrypted services (due to lack of free IPs) which might
> benefit from upgrading to SSL where it's supported , ie Vista IE7 /
> Firefox, etc (currently > 50% of my visitors)

nginx supports SNI since 0.5.23, it was tested against development
OpenSSL 0.9.9 year ago. OpenSSL SNI support had been merged to 0.9.8f,
however I did not test it: it might be changed while merging.
Also, note that SNI in OpenSSL 0.9.8 is not built by default.
443a308e12ba2a3082fb6170ca94c2ef?d=identicon&s=25 Ed Wg (ewildgoose)
on 2008-06-17 11:10
(Received via mailing list)
> nginx supports SNI since 0.5.23, it was tested against development
> OpenSSL 0.9.9 year ago. OpenSSL SNI support had been merged to 0.9.8f,
> however I did not test it: it might be changed while merging.
> Also, note that SNI in OpenSSL 0.9.8 is not built by default.
>
>

How should the config files be layed out to pick this up?  Do I just
setup a normal vhost type config with normal SSL directives on each and
it should just work..?

Cheers

Ed W


P.S.  This is quite exciting if it works...!
5640e332954fc0006aea97a155ce0afd?d=identicon&s=25 Igor Sysoev (Guest)
on 2008-06-17 11:15
(Received via mailing list)
On Tue, Jun 17, 2008 at 09:57:31AM +0100, Ed W wrote:

> >nginx supports SNI since 0.5.23, it was tested against development
> >OpenSSL 0.9.9 year ago. OpenSSL SNI support had been merged to 0.9.8f,
> >however I did not test it: it might be changed while merging.
> >Also, note that SNI in OpenSSL 0.9.8 is not built by default.
> >
>
> How should the config files be layed out to pick this up?  Do I just
> setup a normal vhost type config with normal SSL directives on each and
> it should just work..?

Yes.
This topic is locked and can not be replied to.