When I use an application on Windows Vista that communicates with our server (using Apache 2.2.13 and OpenSSL 0.9.8k), it succeeds if I use the IP address of the server, but it fails when I use the FQDN of the server. When using the FQDN, I noticed that the packet (Client Hello) comes to the server with the FQDN (server name) in it. I believe this is part of the new SNI (Server Name Indication) feature of TLS.
Is there a way, without recompiling Apache or OpenSSL, to disable this SNI checking on the server? I tried putting the SSLStrictSNIVHostCheck directive in the .conf file, but it had no effect. Also, making the ServerName directive in the .conf file the same as what is coming across in the packet, had no effect either. Or, is there a way within Vista to disable the sending of the server name in the packet? Thanks in advance, Dan
