[teiid-issues] [JBoss JIRA] (TEIID-3717) Enable SNI (Server Name Indication) support
Van Halbert (JIRA)
issues at jboss.org
Fri Nov 6 10:57:00 EST 2015
[ https://issues.jboss.org/browse/TEIID-3717?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13126499#comment-13126499 ]
Van Halbert commented on TEIID-3717:
------------------------------------
>From a blog:
An extension to SSL/TLS called Server Name Indication (SNI) addresses this issue by sending the name of the virtual host as part of the SSL/TLS negotiation. This enables the server to bind the correct virtual host early and present the browser with the certificate containing a CN matching that in the SNI header. This method also has far fewer complications associated with it as compared to TLS Upgrade or STARTTLS. The SNI extension is described in gross detail here. With SNI, you would have a sequence like:
Client: (TLS Handshake) Hello, I support XYZ Encryption, and I am trying to connect to
‘access.mycompany.com‘.
Server: (TLS Handshake) Hi There, Here is my Public Certificate, and lets use this encryption algorithm.
Client: (TLS Handshake) Sounds good to me.
Client: (Encrypted) HTTP Request
Server: (Encrypted) HTTP Reply
> Enable SNI (Server Name Indication) support
> -------------------------------------------
>
> Key: TEIID-3717
> URL: https://issues.jboss.org/browse/TEIID-3717
> Project: Teiid
> Issue Type: Feature Request
> Reporter: Van Halbert
> Assignee: Steven Hawkins
> Fix For: 8.12.2
>
>
> Enable SNI support
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the teiid-issues
mailing list