← Back to team overview

maria-discuss team mailing list archive

Re: TLS SNI support


> On 2 Sep 2016, at 3:07 AM, Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote:
>> It’s a boon in shared hosting environments
> in webhosting environments the different hostnames have differnt document roots aka websites aka as virtual servers

Actually, that’s a big annoyance with Apache, that the configuration expects every virtual host to have the same SSL certificate. So if your vhost has 5 domains, you need a single certificate with 5 domains. Bleh.

Dovecot does it much better: you just feed it a hash table of domains and key/certificate files.

> in case of a database-server (as also for a mailserver where this crazy idea comes too each year) you have *one* dmaned server, your username and your password - *why* do you need different hostnames for it?

As you imply, the greatest use case for SNI is for web hosting.

Mail is less useful but still relevant: domain owners want to brand all of their services with their domain name. If I’m setting up “felipes-stuff.com” and have employees go to “hals-hosting.net” for mail, that’s not as “branded” of an experience as if everything used the same domain.

Database access is similar. There is still a use case for SNI here, even if it’s not the most apparent one.


Follow ups