On Aug 30, 7:24 am, Steve Smith <st...@scsworld.co.uk> wrote: > It sounds like SNI just isn't the option for you. I know that browsers > are catching up but when I last checked (about a month ago) Chrome and > IE didn't support SNI because XP itself doesn't support SNI in it's TLS > negotiation. I *think* firefox might work but you would have to try it.
I have tried FF on XP SP3, and it worked without presenting a certificate warning. > If your users are on kiosk systems do you have access to the kiosks > themselves? Is there any way that you can pre-accept certificates such > as the piggyback one? I'm in the enviable position that I can dictate the browser choice. However, that is only for low level users. Some of the admins may login using IE. Though I would gander that most would be using something newer than XP. > Can you use the hostname based SSL or do you need > users to be able to access the site from the custom domain directly? Hostname is ok, but I have an absolute requirement that the client's IP be passed to the Heroku app. Yes, this seems to work, but not 100% (we have had periods of downtime where the IP is not passed). I was hoping SNI would be a better choice. In the end, I guess we can run with SNI for a while an see how it works. Can always switch to hostname later. -- You received this message because you are subscribed to the Google Groups "Heroku" group. To post to this group, send email to heroku@googlegroups.com. To unsubscribe from this group, send email to heroku+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/heroku?hl=en.