sni

Does Spring Boot support Server Name Indication (SNI)?

岁酱吖の 提交于 2020-03-23 12:01:22
问题 Does Spring Boot support Server Name Indication (SNI)? Specifically, is it possible for a Spring Boot (2.2.2.RELEASE) application running an embedded Tomcat server and packaged as an executable jar file to support multiple SSL certificates/domains based on the hostname of the incoming request? It appears Tomcat supports SNI (as of Tomcat 8.5), but I'm not sure how to implement SNI in my Spring Boot app. 回答1: I was able to verify that Spring Boot running an embedded Tomcat server supports

Can PostgreSQL service in OpenShift cluster receive external traffic via exposed route

混江龙づ霸主 提交于 2020-01-24 20:47:26
问题 Is it possible to run PostgreSQL as a service inside an OpenShift cluster and get external traffic to it via an exposed route (the recommended default way for communicating from the outside)? The OpenShift 3.9 documentation states this: A router is configured to accept external requests and proxy them based on the configured routes. This is limited to HTTP/HTTPS(SNI)/TLS(SNI), which covers web applications. PostgreSQL can to SSL and it can be configured to listen on port 443 (HTTPS), but I

Multiple sites per Apache server with SSL showing wrong site with HTTPS

北战南征 提交于 2020-01-21 06:22:07
问题 I have a Debian server which is running a number of client sites. Most of these are not running SSL so accessing by HTTP is fine. I have one customer with an SSL certificate and accessing their site via HTTPS is fine too. The problem comes if you try to access one of the other sites with HTTPS you get directed to the other site that has the SSL certificate. For instance, lets say we have the following sites on the server: alpha.net bravo.net charlie.net (SSL) delta.net So as you can see,

TLS extension “Server Name Indication” (SNI): value not available on server side

不想你离开。 提交于 2020-01-11 06:21:17
问题 Based on the JSSE examples, I'm trying to get the value of the TLS parameter "Server Name Indication" (SNI) on the server side - without success. I'm sure that the value is sent by the client since I used a network sniffer (Wireshark) that shows the value. But when I use the following code fragment, the list of server name parameters is empty (while the "protocols" are shown): public void connectionAccepted(Socket socket) { System.out.println("Connection accepted!"); try { /* get SNI

SNI and SSL on IIS 8.5

霸气de小男生 提交于 2020-01-05 05:45:11
问题 I have a website running on IIS that requires two SSL certificates, one for the main website domain, and one for the traffic coming through a CDN (the assets are served from a different domain name). Both use SSL. I therefore used the Server Name Indication option when creating the HTTPS bindings in IIS. The site works fine, I know that users on IE6/Windows XP may experience an issue, but we don't have any/many users visiting our site using that combination so that's not a problem. However,

Golang ReverseProxy with Apache2 SNI/Hostname error

我与影子孤独终老i 提交于 2019-12-24 17:45:56
问题 i am writing my own ReverseProxy in Go.The ReverseProxy should connect my go-webserver and my apache2 webserver. But when I run my reverseproxy on another IP-Adress then my Apache2 webserver I got following error in my apache-logfile, when the reverseproxy sends the request to apache. "Hosname xxxx provided via sni and hostname xxxx2 provided via http are different" My Reverse Proxy and apache-webserver running on https. Here some code: func (p *Proxy) directorApache(req *http.Request) {

Multi-tenant application on CloudBees with multiple SSL certificates (SNI)

独自空忆成欢 提交于 2019-12-23 00:51:28
问题 I'm building a multi-tenant application using the Play framework and hosting it with CloudBees. A key feature the site is the ability to purchase SSL certificates on behalf of our customers during the sign-up process. On sign-up, the user provides us with their custom domain name (ie, customer.com) We create the client account and associate customer.com with their client ID We purchase the SSL certificate for our client and automatically configure it on our server The client should only have

What is the most efficient code to detect and redirect SNI supported browsers?

|▌冷眼眸甩不掉的悲伤 提交于 2019-12-21 10:47:14
问题 Say, I have a website mywebsite.com , hosted using Apache Httpd. Now what I want is that whenever any user types mywebsite.com or www.mywebsite.com and if the browser supports SNI then it should redirect to https://www.mywebsite.com else redirect to http://www.mywebsite.com . So, what is the most efficient way to achieve it ? 回答1: The below code should work Options -Indexes +FollowSymLinks RewriteEngine on RewriteCond %{HTTP_HOST} ^mywebsite.com$ RewriteCond %{HTTPS} (on|off) RewriteRule ^(.*

TIdHTTP and TLS SNI doesnt work

 ̄綄美尐妖づ 提交于 2019-12-17 20:52:29
问题 On my attempt the TLS SNI extension is missing. I don't know why. Can someone point me in the right direction? Embarcadero® RAD Studio 10 Seattle Version 23.0.21418.4207 Indy version: 10.6.2.5311 OpenSSL: https://indy.fulgan.com/SSL/openssl-1.0.2h-i386-win32.zip The (WireShark) result is the same with and without the workaround. Example/demonstration code: unit CMTelekomTest; ... var IdHTTP1: TIdHTTP; IdSSLIOHandlerSocketOpenSSL1: TIdSSLIOHandlerSocketOpenSSL; xml: ixmldocument; root, node,