On March 29, 2013 08:14PM Phil Pennock wrote: > On 2013-03-30 at 02:24 +0400, Valentin V. Bartenev wrote: > > On Saturday 30 March 2013 01:30:21 lblankers wrote: > > > I would like to use nginx 1.2.1 with TLS SNI support to proxy SMTP > > > submission for several different domains over SSL. I would expect that if I > > > configure multiple servers with different server names that a TLS v1 client > > > will select the correct one through SNI. However I always get the first > > > certificate regardless of the hostname specified in ClientHello. > > > > > > Is there something wrong with my config? > > > > > > > The problem is that TLS SNI currently is not supported in mail proxy. > > If someone needs TLS SNI with SMTP right now, Exim supports this. It's > not designed to be as scalable as nginx in performance, but it does okay > for most folks' purposes.
Thanks for clearing that up. I would prefer to use nginx rather than switch to Exim because I would like to use nginx to proxy IMAP using SSL SNI as well. Would it be possible to add SNI to the mail proxy? I am doing this as a hobby project rather than professionally so getting multiple IPs in order to host multiple domains is prohibitively expensive. Both in one time cost (~ € 100) and recurring cost (€ 2.50 / month / IP). So if someone could suggest a cheaper solution (e.g. sponsoring a developer to add this feature) I would very much appreciate that. Laurens Posted at Nginx Forum: http://forum.nginx.org/read.php?2,237967,237972#msg-237972 _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
