sni

I am trying to add SNI support using SSLCertificateSocketFactory.setHostname, With wireshark i see the communication between client and SNI enabled server, The CLIENT HELLO goes to the server(with the correct hostname set), Server responds with Server Hello and sends certificate to client but after that client is not sending Certificate and communication/Handshake stops, via openssl command openssl s_client -connect theclient -servername thehostname -cert thecertificate everything goes smooth, Handshake occurs successfully .. I am using sockets and on socket.startHandshake i get exception :

I have a Debian server which is running a number of client sites. Most of these are not running SSL so accessing by HTTP is fine. I have one customer with an SSL certificate and accessing their site via HTTPS is fine too. The problem comes if you try to access one of the other sites with HTTPS you get directed to the other site that has the SSL certificate. For instance, lets say we have the following sites on the server: alpha.net bravo.net charlie.net (SSL) delta.net So as you can see, charlie is the only one with SSL, and irrespective of if you go to http charlie.net or https charlie.net,

I am trying to get the server certificate of badssl.com subdomains (ex. https://expired.badssl.com ). import ssl ssl.get_server_certificate(('expired.badssl.com', 443)) But when examining the above generated certificate I see that the certificate has Identity: badssl-fallback-unknown-subdomain-or-no-sni which means SNI is failing. How can I get the server certificate of different subdomains of badssl.com? (I am using python 2.7.12) Found the answer. import ssl hostname = "expired.badssl.com" port = 443 conn = ssl.create_connection((hostname, port)) context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)

According to these two answers (1)(2) it's possible to have two ssl certificates serving from the same tomcatserver using Server Name Indication (SNI). My question is then, how to setup this? I could setup two virtual hosts but I still have then just one connector which presents the specified ssl certificate to the client. In the connector one can specify the keystore and alias to use for the certificate but there is no paramter saying for which virtual host this connector is for or which certificate he should present to the client according to the used domain. How can I tell tomcat which ssl

I'm trying to download an HTTPS page from my site hosted on Google App Engine with SNI. No matter what library I use, I get the following error: [Errno 8] _ssl.c:504: EOF occurred in violation of protocol I've tried solving the error in many ways, including using the urllib3 openssl monkeypatch: from urllib3.contrib import pyopenssl pyopenssl.inject_into_urllib3 But I always get the same error mentioned above. Any ideas? Unfortunately for urllib3, the Python standard library did not add SNI support until Python 3.2. (See Issue #118 @ urllib3 ) To use SNI in Python 2.7 with urllib3, you'll need

I am trying to figure out how to send a successful HTTP GET request to a server requiring SNI. I searched on SO and other places, and found some articles that said that SNI is now supported in JDK7, as well as Apache HTTP Components. https://issues.apache.org/jira/browse/HTTPCLIENT-1119 https://wiki.apache.org/HttpComponents/SNISupport Relevant SO article: Certificate chain different between HTTPSURLconnection and Apache (System) DefaultHttpClient -- However, I cannot seem to find any docs that show how to get this to work. Here is the code I am using... KeyStore trustStore = KeyStore