Hello, I tried to overload the value of my default ssl_protocols (http block level) in a server block. It did not seem to apply the other value in this virtuel server only.
Since I use SNI on my OpenSSL implementation, which perfectly works to support multiple virtual servers, I wonder why this SNI capability isn't leveraged to apply different TLS environment depending on the SNI value and the TLS directives configured for the virtual server of the asked domain. Can SNI be used for other TLS configuration directives other than certificates? More generally, is it normal you cannot overload directives such as ssl_protocols or ssl_ciphers in a specific virtual server, using the same socket as others? If positive, would it be possible to use SNI to tweak TLS connections envrionment depending on domain? --- *B. R.*
_______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
