On 29/12/14 10:00, Jerry OELoo wrote: > Thanks Jeffrey & Matt > > Now I have a more question, I do not want to make code use tlsv1 > method and SSL_set_tlsext_host_name to query all website, I just want > to when encounter this issue, then I will construct tlsv1 and set sni > name to query certificate, So how can I get this kind of information, > or what is correct coding process when support sni and non-sni > webiste. Thanks!
You do not need to use tlsv1 method to be able to call SSL_set_tlsext_host_name - you can use SSLv23_method and it should work fine. The SNI hostname is sent as part of the initial ClientHello, i.e. before you've done anything with the server - so you have limited options to avoid it. I don't understand why you would want to. Matt _______________________________________________ openssl-users mailing list openssl-users@openssl.org https://mta.opensslfoundation.net/mailman/listinfo/openssl-users
