On Jan 13, 2009, at 5:56 AM, Igor Sysoev <is...@rambler-co.ru> wrote:
On Sun, Jan 11, 2009 at 12:25:26PM -0800, mike wrote:
On Sun, Jan 11, 2009 at 12:15 PM, mike <mike...@gmail.com> wrote:
It does appear that the SSL gods have wisened up - no more wasting
IPs, hopefully, and with a new protocol/extensions to existing
ones it
may be possible. I haven't found out yet browser compatibility/etc,
and then of course I don't think nginx supports it yet. However,
if it
does have wide compatibility, this would definately be something to
request for nginx (I could use it right now!)
Oops. According to wikipedia
http://en.wikipedia.org/wiki/Server_Name_Indication nginx already can
support this.
However, I just noticed - IE6 and IE7 on XP don't. Doh. How pathetic.
All it would be is a frickin couple files changed probably.
For nginx to support it, you just need OpenSSL built with SNI support
(--enable-tlsext) and I'm not sure if you have to specify
ssl_protocols or something related to 'force' that protocol all the
time in nginx or not.
You do not need to configure SNI in nginx: it just works if there is
OpenSSL support.
This sucks though. I have to support IE6/IE7 on XP...
The single hope is Windows 7. If it will be lighter than Vista,
then people may consider to upgrade.
Sadly the UI is all vista-y and is really pissing me off. But think of
how long it takes to upgrade the general public. It will be a long
time before SNI equipped windows is the standard. There is probably
more chance in them patching the existing IEs...
10 messages in ru.sysoev.nginxRe: Wrong Vhost being followed when u...
