Opened 19 months ago

Last modified 5 months ago

#1404 new Feature Wish

Client Hello should contain SNI

Reported by: davewj100 Owned by:
Priority: major Milestone:
Component: Generic / unclassified Version:
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords: sni
Cc: tct


Good Day, I would really like to see the client TLS handshake specify an SNI (Server Name Indication) in the client hello.

This is a TLS extension which sends a clear-text hostname in handshake, and is very useful for proxying and load balancing.

The SNI should default to the peer's hostname, but a config file option to specify an SNI would also be useful.


Change History (2)

comment:1 Changed 19 months ago by tct

Cc: tct added

comment:2 Changed 5 months ago by ValdikSS

OpenVPN does uses TLS internally, but it does not have regular TLS handshake. It encapsulates it into its own protocol. Do you have a proxy or load balancer which supports OpenVPN protocol?

Note: See TracTickets for help on using tickets.