Bug 287216

Version:           4.7.2 (using KDE 4.7.2) 
OS:                Linux

Connecting via https to a host (for example 2.testhost.lan (apache is configured with 1.testhost.lan as primary host, both hosts have unique and specific SSL keys installed)) requiring SNI results in warnings and wrong certificates being used.

The error message:
'The server failed the authenticity check (2.testhost.lan).

The certificate does not apply to the given host'

On examination the certificate of the 'primary' host (1.testhost.lan in the example) is presented.

Continuing results in display of the contents of host 1 (but on some server configurations apparently the contents of 2 (2.testhost.lan) are displayed, but with the certificate and encryption settings of host 1)

When using SNI host and certificate/encryption settings should match.

Reproducible: Always

Steps to Reproduce:
Connect to an SNI enabled site using multiple hosts, for example
https://alice.sni.velox.ch/

Actual Results:  
on the velox.ch test site the primary host&certificate is used, I have run into sites which display the secondary sites using the primary site's certifiate however.

Expected Results:  
Connection established to the correct host using the correct certificate

For people concerned about SNI-privacy concerns one could add an option to turn it off.

probably related to https://bugs.kde.org/show_bug.cgi?id=122433