Hi,
I would like to use nginx 1.2.1 with TLS SNI support to proxy SMTP submission for several different domains over SSL. I would expect that if I configure multiple servers with different server names that a TLS v1 client will select the correct one through SNI. However I always get the first certificate regardless of the hostname specified in ClientHello.
Is there something wrong with my config?
mail {
auth_http 127.0.0.1/auth.php;
smtp_auth login plain;
smtp_capabilities "SIZE 10240000" "VRFY" "ETRN" "ENHANCEDSTATUSCODES" "8BITMIME" "DSN";
server {
listen 587;
server_name domain1.nl;
protocol smtp;
proxy on;
starttls only;
ssl_certificate /etc/nginx/ssl/domain1.crt;
ssl_certificate_key /etc/nginx/ssl/domain1.key;
}
server {
listen 587;
server_name domain2.com;
protocol smtp;
proxy on;
starttls only;
ssl_certificate /etc/nginx/ssl/domain2.crt;
ssl_certificate_key /etc/nginx/ssl/domain2.key;
}
}