Problem solved, was not related to SNI, SNI works great with client side stunnel, no need to set the protocol option.
Our problem was that http host, since our clients app was using stunnel to reach a virtual host on an nginx to reverse proxy, we connected to stunnel using stunnel local IP instead of our server domain name. Nginx was not receiving the domain name and was serving the default host. Solution was to add a record to the host file to point the server name to our local stunnel IP. Vincent Deschenes Ing. PMP Director of Operations Stelvio Inc. (+1) 514-281-8570 On Mon, Aug 1, 2016 at 1:19 PM -0400, "Vincent Deschenes" <[email protected]<mailto:[email protected]>> wrote: Do we have to specify the "protocol" option to have stunnel know how to handle the server name indication? I remember I had to set it to smtp for an smtp connection. This current case is for https. I can not find the http/s option for protocol, should I use the "connect" option? Thanks, Vincent Deschenes Ing. PMP Director of Operations Stelvio Inc. (+1) 514-281-8570 From: stunnel-users [mailto:[email protected]] On Behalf Of Vincent Deschenes Sent: Monday, August 1, 2016 1:10 PM To: [email protected] Subject: [stunnel-users] Client-side SNI Hi, Anyone know if there is anything special to do to get ServerName sent when using stunnel in client mode to be able to connect to SNI enabled server? Using latest version of stunnel and openssl. Will stunnel use the name specified in the "connect=" config ? Thanks, Regards, Vincent Deschenes Ing. PMP Director of Operations Stelvio Inc. (+1) 514-281-8570
_______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
