You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Connecting to SSL secured hosts that require SNI (Server Name Indication) support is currently not possible without accepting all certificates, which is of course undesirable. It would be nice if ZAX would support SNI so proper hostname based TLS negotiation can be performed.
I've done some research and found a couple of resources indicating that SNI is possible on Android.
There is an setHostname() method in OpenSSLSocketImpl that if called
causes NativeCrypto.SSL_set_tlsext_host_name() to be called. That in
turn calls SSL_set_tlsext_host_name().
Hopefully, this is helpful.
The text was updated successfully, but these errors were encountered:
Connecting to SSL secured hosts that require SNI (Server Name Indication) support is currently not possible without accepting all certificates, which is of course undesirable. It would be nice if ZAX would support SNI so proper hostname based TLS negotiation can be performed.
I've done some research and found a couple of resources indicating that SNI is possible on Android.
http://source-android.frandroid.com/libcore/luni/src/main/java/libcore/net/http/HttpsURLConnectionImpl.java
http://source-android.frandroid.com/libcore/luni/src/main/java/libcore/net/http/HttpConnection.java
http://source-android.frandroid.com/libcore/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java
There is an setHostname() method in OpenSSLSocketImpl that if called
causes NativeCrypto.SSL_set_tlsext_host_name() to be called. That in
turn calls SSL_set_tlsext_host_name().
Hopefully, this is helpful.
The text was updated successfully, but these errors were encountered: