15 Dec
2011
15 Dec
'11
8:33 p.m.
On Fri, Dec 16, 2011 at 9:16 AM, Brian McGinity brian@databaseknowledge.com wrote:
Is there a way to do it without the user getting a certificate error?
So abc.com would have its own unique cert and xyz.com would a different cert.
Well there is a TLS extension called Server Name Indication which allows different certificates to be sent depending on the domain name. Stunnel appears to support it though I've never used it (option "sni")
Keep in mind though that many browsers and libraries, particularly older ones, don't support it and will just get the default cert.