-
Notifications
You must be signed in to change notification settings - Fork 51
/
README.tls-sni
51 lines (34 loc) · 1.11 KB
/
README.tls-sni
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
TLS-SNI Patch
=============
Negotiate with a server for a TSL/SSL certificate
Patch
-----
To check if Mutt supports "TLS-SNI", look for "patch-tls-sni" in the mutt
version.
Dependencies
* mutt-1.5.24
* OpenSSL
Introduction
------------
The "TLS-SNI" patch adds support for TLS virtual hosting. If your mail
server doesn't support this everything will still work normally.
TLS supports sending the expected server hostname during the handshake, via
the SNI extension. This can be used to select a server certificate to issue
to the client, permitting virtual-hosting without requiring multiple IP
addresses.
This has been tested against Exim 4.80, which optionally logs SNI and can
perform vhosting.
To verify TLS SNI support by a server, you can use:
openssl s_client -host <imap server> -port <port> -tls1 -servername
<imap server>
See Also
--------
* NeoMutt project
Known Bugs
----------
None
Credits
-------
* Jeremy Katz <[email protected]>
* Phil Pennock <[email protected]>
* Richard Russon <[email protected]>