[Solved] TLS key per SNI dropped in 1.4.68 (=> spurious trace)
Added by HenrikHolst 9 months ago
Hi,
I see that support for separate TLS keys (aka ssl.pemfile) have been changed in 1.4.68 to now only be set per $SERVER["socket"] and thus it is no longer possible to have separate TLS keys per SNI host, aka per $SERVER["socket"]. Does this solve something important in Lighttpd or is it something that might be possible to reverse?
I happen to use this quite extensively and AFAIK it should be a useful feature for other people as well. Basically this removes SNI support in lighttpd, unless I have missed something (which is very likely).
Replies (2)
RE: TLS key per SNI dropped in 1.4.68 - Added by gstrauss 9 months ago
The warning trace from lighttpd is unfortunate and wrong. There is a patch in #3182 which will be part of the next lighttpd release.
Per-vhost ssl.pemfile
is still supported. Please double-check that things still work for you and please report here if that is not the case.