Welcome! Log In Create A New Profile

Advanced

Re: ssl_protocols per server and SNI

Previous Message Next Message
Forum List Message List New Topic Print View
Frank Liu
April 16, 2018 08:10PM
Looks like OpenSSL 1.1.1 finally fixed this (
https://github.com/openssl/openssl/issues/4301) and added early callback
(new in OpenSSL 1.1.1), which allows the application to switch SSL_CTXes
*before* TLS version negotiation.
Hopefully nginx 1.15 milestone will be able to take advantage of this.

Thanks!
Frank


On Mon, Apr 16, 2018 at 4:23 PM, Frank Liu <gfrankliu@gmail.com> wrote:

> This topic has been discussed in the past. eg: 3 years ago @
> http://mailman.nginx.org/pipermail/nginx/2014-November/045738.html and
> nginx couldn't fix it due to OpenSSL.
> Has anything changed since then, with newer versions of OpenSSL?
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Reply Quote
RSS
Subject Author Posted

ssl_protocols per server and SNI

Frank Liu April 16, 2018 07:24PM

Re: ssl_protocols per server and SNI

Frank Liu April 16, 2018 08:10PM

Re: ssl_protocols per server and SNI

Maxim Dounin April 17, 2018 09:04AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 179
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready