Pen and Server Name Indication

Server Name Indication is a TLS extension which allows multiple virtual hosts, and multiple digital certificates, to coexist on the same IP address and port. It is among the features destined for Pen 0.27.4.

To enable SNI in Pen, all that needs to be done is this line in the configuration file:

ssl_sni_path /etc/pen/sni

Then add the private key, your certificate and the CA’s certificate to that directory, using this naming scheme:

[root@lb pen]# ls /etc/pen/sni

Now any time a request comes in for, these files will be used for the negotiation.

The downside is that a reasonably modern browser is required.



One thought on “Pen and Server Name Indication

Leave a Reply

Your email address will not be published. Required fields are marked *