[stunnel-users] client side SNI
Michal Trojnara
Michal.Trojnara at mirt.net
Fri Jan 13 18:06:50 CET 2012
yyy wrote:
> It looks like server name for client side SNI is defined
> as name to connect to in connect option. According to RFC,
> this name must be FQDN. It is the only place where it is
> defined and server name for SNI cannot be defined outside
> connect option.
> Is that right?
Well... Not really. There is an undocumented method to do it. Use
"protocolHost" option.
What I'm going to do is to modify "sni" option, to specify client-side
SNI name in a client-mode section ("client = yes").
> I am trying to run multiple independent services over the same port
> there is no DNS infrastructure in place, so those server names
> would be random strings not refering to anything.
You don't really need DNS for this.
You could also specify your names in /etc/hosts on your client.
Mike
More information about the stunnel-users
mailing list