trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Leif Hedstrom <zw...@apache.org>
Subject 4.2.0 SSL SNI compatibility ... (related to TS-2031)
Date Sat, 01 Feb 2014 15:37:35 GMT
Hi all,

I just upgraded to latest master, and noticed that our behavior has changed related to how
certs are “negotiated”. This is related to TS-2031 I believe.

What it meant for me was that I had to reorder a couple of rules in ssl_multicert.config for
the sites to work as expected. I’m sure this is a pretty unusual case, so I’m probably
ok to just document this (visibly, in the v4.2.0 release) notes. But I’m interested to hear
what others using SSL has to say about this? It technically does break backwards compatibility,
since a config that used to work with v4.1.3 will not work with v4.2.0.

Or should we play it safe, and move TS-2031 over to 5.0.x ?

Thoughts?

— Leif


Mime
View raw message