>> FCtrlSocket.SslServerName := FHostName; { V8.11 needed for SNI
>> support }
>>
>> It broke connection to one of the thirdparty servers that I use, so
>> I'm trying to figure out is it a problem with ICS/OpenSSL or problem with
>> site?
>> Is it supposed to work with all sites?
>When IPv4 addresses were freely available, all SSL servers had a unique IP
>address, so only needed to support a single SSL certificate. But many SSL
>servers now have multiple hosts >on the same IP address, and need the SSL
>Server Name Indication (SNI) to know which SSL certificate to use when a
>connection starts.
>SNI has been supported since Windows XP SP3 10 years ago, and with SSL coming
>standard for most web sites today, many SSL sites become unaccessible without
>SNI, cloud based >sites in particular.
>The only reason SNI would break a connection is if the host name you used did
>not match the server and you ignore SSL certificate checking completely.
>What is the URL of the failing site?
https://ip.mellennia.com/
I tried it with couple of ICS demos and it fails with SSL handshake error
unless you comment out setting SslServerName
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
