SNI on TLS connections?
I was not able to get SNI (alias Server name identification) working on TLS connections.
This is required if you serve multiple domains with different certificates from one server with a single ipv4 address (the server needs to know which certificate to publish to the client prior to have the tls connection established).
Actually from the source I see, that there is an undocumented key-word in the ussl.wrap_socket function
and I see, that the hostname is properly set on line
However still it is not working for me. Anyone else got this working correctly?
The workaround is to distribute the cert required by non-sni clients as a default one. However this workaround might not work for some conditions.
Sorry, looks like this was my fault. Looks like it is working as intended but I messed something on the server.
Got to do some more testing though...
@jmarcelino (btw, congrats for you position at pycom), Still you might wanne document the parameter
A just noticed that cert mismatch does not rise
OSErrorwhich is therefore wrong in the docs too.