[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openssl-dev
Subject:    Re: [openssl.org #2548] [Enhancement Request / Linux / openssl 0.9.8k-7ubuntu8.6] openssl s_client a
From:       "Peter Sylvester via RT" <rt () openssl ! org>
Date:       2011-06-26 18:10:27
Message-ID: rt-3.4.5-25185-1309111826-486.2548-6-0 () openssl ! org
[Download RAW message or body]

On 06/26/2011 02:59 PM, Alain Knaff via RT wrote:
> Hello,
>
> Currently, openssl s_client supports the -servername parameter to pass
> an SNI hostname.
>
> However, wouldn't it be useful to have s_client automatically use the
> host name specified for -connect as the SNI service name as well?
>
> So instead of saying:
>
> openssl s_client -connect www.lll.lu:443 -servername www.lll.lu
>
> you would simply say:
>
> openssl s_client -connect www.lll.lu:443
>
> This would be especially practical when connecting to many hosts in a
> row for testing, so that you'd only need only need to specify the host
> name once. Or for those cases where SNI would not be wanted, there could
> be a config option in openssl.conf to switch this on or off.
s_client is a test tool, it is not there to make things working
automagically.

the possibility to specify servername explicitly allows to
to things like (assuming you want to circumvent a DNS
problem :

openssl s_client -connect x.x.x.x:443 -servername www.lll.lu


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]