Dear Users, I'd like the next version of stunnel to support server-side Server Name Indication: https://secure.wikimedia.org/wikipedia/en/wiki/Server_Name_Indication The new service-level stunnel.conf option would be: sni = <master service>:<sni host> For example: [virtual] accept = 443 ; settings for clients that didn't send an SNI extension cert = default.pem connect = default.internal.mydomain.com:80 [sni1] ; notice that "sni" option is used instead of "accept" sni = virtual:server1.mydomain.com cert = server1.pem connect = server1.internal.mydomain.com:80 [sni2] sni = virtual:server2.mydomain.com cert = server2.pem connect = server2.internal.mydomain.com:80 ; other service-level options may be specified here verify = 3 CAfile = server2-allowed-clients.pem [sni3] sni = virtual:server3.mydomain.com cert = server3.pem connect = server3.internal.mydomain.com:80 I would appreciate your comments on the user interface I designed for this functionality. Best regards, Michal Trojnara