http icon indicating copy to clipboard operation
http copied to clipboard
verified publisher icon vapor

Support SNI for HTTPClient

Open mura-admin opened this issue 7 years ago • 3 comments

Currently any host that requires SNI will currently fail on TLS negotiation. i.e. most hosts that are behind Cloudflare: https://support.cloudflare.com/hc/en-us/articles/204144518-SSL-FAQ

Given that a large part of the web is now behind shared protected edge services this seems like a much needed feature.

Will submit a pull request with my solution.

mura-admin avatar Oct 15 '18 20:10 mura-admin

Hi @mura-admin! Could you please clarify where in the chain of events this happens? I have numerous Vapor hosts behind Cloudflare utilizing SNI certs and I've never encountered any problems with direct web connections to those hosts or inter-host communication. Just want to better wrap my head around what you're describing :)

jdmcd avatar Oct 15 '18 20:10 jdmcd

I'm referring specifically to HTTPClient.connect and HTTPClient.upgrade in this codebase. Accessing from a browser isn't an issue as SNI is supported in all modern browsers.

I've just finished a pull request there so will post it now.

mura-admin avatar Oct 15 '18 21:10 mura-admin

Awesome! Thanks for your work on this.

jdmcd avatar Oct 15 '18 21:10 jdmcd