Opened 19 months ago
Last modified 5 months ago
#1404 new Feature Wish
Client Hello should contain SNI
| Reported by: | davewj100 | Owned by: | |
|---|---|---|---|
| Priority: | major | Milestone: | |
| Component: | Generic / unclassified | Version: | |
| Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | sni |
| Cc: | tct |
Description
Good Day, I would really like to see the client TLS handshake specify an SNI (Server Name Indication) in the client hello.
This is a TLS extension which sends a clear-text hostname in handshake, and is very useful for proxying and load balancing.
The SNI should default to the peer's hostname, but a config file option to specify an SNI would also be useful.
Thanks!
Change History (2)
comment:1 Changed 19 months ago by
| Cc: | tct added |
|---|
comment:2 Changed 5 months ago by
Note: See
TracTickets for help on using
tickets.
OpenVPN does uses TLS internally, but it does not have regular TLS handshake. It encapsulates it into its own protocol. Do you have a proxy or load balancer which supports OpenVPN protocol?