Hello, I'm actually using HTTPS/SNI on HAProxy 1.6
Documentation states the following : "If no SNI is provided by the client or if the SSL library does not support TLS extensions, or if the client provides an SNI hostname which does not match any certificate, then the first loaded certificate will be presented." Is there a way to not present the first loaded certificate and refuse connection instead ? I understand that it will also block non-compatible SNI client, but this is the behaviour one customer is asking ... Olivier
