254268 – No support for TLS extension SNI

Bug 254268 - No support for TLS extension SNI

Summary: No support for TLS extension SNI

Status:	RESOLVED DUPLICATE of bug 304212

Alias:	None

Product:	kio
Classification:	Unmaintained
Component:	general (show other bugs)
Version:	4.5
Platform:	Arch Linux Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	David Faure

URL:
Keywords:

Depends on:
Blocks:

Reported:	2010-10-15 15:36 UTC by alex
Modified:	2012-07-31 22:25 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description alex 2010-10-15 15:36:00 UTC

Version:           4.5 (using KDE 4.5.2) 
OS:                Linux

SNI, Server Name Identification is an extension to TLS that allows the client to request the domain name before the certificate is committed to by the server. This allows you do have multiple websites using TLS but all on the same IP address.

When clicking on a https URL within KMail that goes to one of our websites which is on a server using SNI, I get an error message stating the TLS/SSL certificate is invalid since it is using the wrong certificate for the domain I am actually accessing.

Reproducible: Always

Steps to Reproduce:
Setup a httpd server and use SNI so host multiple TLS websites on 1 IP address
Click on a link in KMail to open this in the default browser

Actual Results:  
Dialog box from KIOExec state the certificate is incorrect

Expected Results:  
Default browser should open the URL just fine

Comment 1 meyerm 2011-01-28 23:59:13 UTC

See #174933 and #122433 . George Staikos said on 2006-03-09:
"Supported in 0.9.9.  Will add for 4.0"

So the devs are at least aware ;-)

Comment 2 Myriam Schweingruber 2012-07-31 22:25:50 UTC


*** This bug has been marked as a duplicate of bug 304212 ***