Github user jacksontj commented on the pull request:
https://github.com/apache/trafficserver/pull/121#issuecomment-56770441
Well, this is how it works regardless of how it should work...
But you should be able to specify multiple certs for a given IP (for
example) so sni clients can get the correct cert. It also makes sense to
have a fallback cert for clients that connect to such an IP and don't
support sni
On Sep 24, 2014 8:13 PM, "James Peach" <notificati...@github.com> wrote:
> That's not how it works. In all cases, we should be taking the longest
> match. If multiple certificates have the same matching specifier we should
> be issuing a warning and not loading the certificate.
>
> â
> Reply to this email directly or view it on GitHub
> <https://github.com/apache/trafficserver/pull/121#issuecomment-56768823>.
>
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
