Forum List Message List New Topic Print View

lblankers

March 29, 2013 05:30PM

Registered: 11 years ago
Posts: 4

Hi,

I would like to use nginx 1.2.1 with TLS SNI support to proxy SMTP submission for several different domains over SSL. I would expect that if I configure multiple servers with different server names that a TLS v1 client will select the correct one through SNI. However I always get the first certificate regardless of the hostname specified in ClientHello.

Is there something wrong with my config?

mail {
auth_http 127.0.0.1/auth.php;

smtp_auth login plain;
smtp_capabilities "SIZE 10240000" "VRFY" "ETRN" "ENHANCEDSTATUSCODES" "8BITMIME" "DSN";

server {
listen 587;
server_name domain1.nl;
protocol smtp;
proxy on;
starttls only;
ssl_certificate /etc/nginx/ssl/domain1.crt;
ssl_certificate_key /etc/nginx/ssl/domain1.key;
}

server {
listen 587;
server_name domain2.com;
protocol smtp;
proxy on;
starttls only;
ssl_certificate /etc/nginx/ssl/domain2.crt;
ssl_certificate_key /etc/nginx/ssl/domain2.key;
}

}

Reply Quote

RSS

Subject	Author	Posted
Mail proxy with SNI	lblankers	March 29, 2013 05:30PM
Re: Mail proxy with SNI	Valentin V. Bartenev	March 29, 2013 06:26PM
Re: Mail proxy with SNI	Phil Pennock	March 29, 2013 08:14PM
Re: Mail proxy with SNI	lblankers	March 30, 2013 04:33AM
Re: Mail proxy with SNI	Jonathan Matthews	March 30, 2013 09:00AM
RE: Mail proxy with SNI	Lukas Tribus	March 30, 2013 09:58AM
Re: RE: Mail proxy with SNI	lblankers	March 30, 2013 12:05PM
Re: RE: Mail proxy with SNI	salsaj	May 15, 2014 11:23AM
Re: RE: Mail proxy with SNI	Maxim Dounin	May 15, 2014 12:36PM
Re: Mail proxy with SNI	Sven Köhler	November 07, 2014 08:02PM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 134

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018