>> FCtrlSocket.SslServerName := FHostName; { V8.11 needed for SNI >> support } >> >> It broke connection to one of the thirdparty servers that I use, so >> I'm trying to figure out is it a problem with ICS/OpenSSL or problem with >> site? >> Is it supposed to work with all sites?
>When IPv4 addresses were freely available, all SSL servers had a unique IP >address, so only needed to support a single SSL certificate. But many SSL >servers now have multiple hosts >on the same IP address, and need the SSL >Server Name Indication (SNI) to know which SSL certificate to use when a >connection starts. >SNI has been supported since Windows XP SP3 10 years ago, and with SSL coming >standard for most web sites today, many SSL sites become unaccessible without >SNI, cloud based >sites in particular. >The only reason SNI would break a connection is if the host name you used did >not match the server and you ignore SSL certificate checking completely. >What is the URL of the failing site? https://ip.mellennia.com/ I tried it with couple of ICS demos and it fails with SSL handshake error unless you comment out setting SslServerName -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be