[Swan] Intermittent download.libreswan.org certificate hostname mismatch
Daniel McCarney
daniel at binaryparadox.net
Tue Apr 25 20:41:33 UTC 2017
On 25/04, Tuomo Soini wrote:
>I did some experiments and managed to get https://download.libreswan.org
>to work without SNI.
That's great. Thank you.
>But that only means https://libreswan.org/ requires SNI to work which
>was why we didn't want to do this before. But as all real browsers
>nowadays do support SNI this might be better way around.
My problems were specifically with a non-browser user agent against the
download domain. This seems like a reasonable trade-off from my
perspective.
Thanks again,
- Daniel
More information about the Swan
mailing list