I'm hosting hundreds of websites using SNI and nobody ever complains. It has definitely been mainstream for years now.
On 2020-02-21 13:21, Adam Thompson wrote:
On 2020-02-21 12:42, Trevor Cordes wrote:
On 2020-02-21 athompso@athompso.net wrote:
Pretty sure this wouldn't have happened with nginx :-D.
Hahaha. Maybe!
Seriously, why not just make the TLS Virthost *:443 to both cover this scenario _and_ enable SNI simultaneously? Is there any harm in people using the other IP address? -Adam
Well, we were and will in the future use the 2nd/3rd IP addresses in apache again. It's just at the moment we are not. If I fix it that way now, then I enable the 2nd IP again in the future, I'll still have the same bug problem on the 3rd IP.
As for SNI... what is everyone's opinion of that? Is it "here" now in the sense that 99.999% of end-user browsers will support it? Put another way, does FB and google require SNI support to hit their sites? On our production server we don't want to lock out any user just because they don't happen to support SNI. (Yes, TLS limitations will probably bite people before SNI limitations...)
SNI went mainstream (i.e. >90% client support) several years ago, and yeah, I guess we're probably at the >>99% mark by now? Literally XP SP3 w/IE7 is the last thing I know of that doesn't support SNI. Or Android 2.1, and I don't think any of those devices are still alive.
-Adam _______________________________________________ Roundtable mailing list Roundtable@muug.ca https://muug.ca/mailman/listinfo/roundtable