[erlang-questions] ssl server multiple certificates

Andreas Schultz <>
Sun Oct 27 18:15:19 CET 2013


Hi Sergej,

No, it's not possible.

A few ideas on how to add it:

To do that Erlang SSL would need to support the SNI (Server Name Indication)
TLS Extensions (RFC 3546). Currently neither in client nor in server mode
that extension is supported.
Adding it for client mode should be relatively simple, just add a ssl option
to pass the server name to the library and include that into a SNI hello
extension.
For server mode, things are a bit more complicated. Basically every option
that's in the ssloption() type needs to be made a per server option with
the server name as selector. Decoding the client hello extension again is
simple, then a look up of the options per server name and you're done.

The extended options could be something like this:
in server mode: {sni, ServerName:string(), Options:ssloptions()}
in client mode: {sni, ServerName:string()}

Andreas

----- Original Message -----
> hello,
> 
> Is it possible to host multiple ssl certificates for different domains on a
> single IP and port? Like nginx is capable of doing.
> 
> 
> Sergej
> _______________________________________________
> erlang-questions mailing list
> 
> http://erlang.org/mailman/listinfo/erlang-questions
> 

-- 
-- 
Dipl. Inform.
Andreas Schultz

email: 
phone: +49-391-819099-224
mobil: +49-170-2226073

------------------- enabling your networks -------------------

Travelping GmbH               phone:         +49-391-819099229
Roentgenstr. 13               fax:           +49-391-819099299
D-39108 Magdeburg             email:       
GERMANY                       web:   http://www.travelping.com

Company Registration: Amtsgericht Stendal Reg No.:   HRB 10578
Geschaeftsfuehrer: Holger Winkelmann | VAT ID No.: DE236673780
--------------------------------------------------------------



More information about the erlang-questions mailing list