On Tue, Apr 29, 2008 at 4:27 PM, Klaus Darilion <klaus.mailinglists at pernau.at> wrote: > Hi! > > Openssl 0.9.8g support the TLS extension "server name" (or also often > called SNI for server name indication). (when configured with > "enable-tlsext")[1][2] > > If the TLS clients uses the server name extension in the ClientHello, > the server can host multiple TLS domains on the same socket (because the > server nows which certificate to present to the client). > > I think it would be rather easy for pjsip to add this feature - at least > for outgoing TLS connection (pjsip = TLS client). Yeah it doesn't seem to be too difficult, probably just need to add a field setting in pjsip_tls_setting and propagate this all the way to pjsua. > Actually there is no SIP proxy yet which supports it, but I have it on > my Todo list for openser, but found out that I do not have a client for > testing :-) > Are you going to implement that very soon? Cheers Benny > regards > klaus > > [1] > http://howtoforge.com/enable-multiple-https-sites-on-one-ip-using-tls-extensions-on-debian-etch > [2] https://sni.velox.ch/ >
