[Cyberduck-trac] [Cyberduck] #7831: SNI support in the non-App Store version

[Cyberduck]

#7831: SNI support in the non-App Store version
-----------------------+---------------------------
    Reporter:  sergei  |      Owner:
        Type:  defect  |     Status:  new
    Priority:  normal  |  Milestone:
   Component:  core    |    Version:  4.4.3
    Severity:  normal  |   Keywords:
Architecture:  Intel   |   Platform:  Mac OS X 10.9
-----------------------+---------------------------
 This issue is related to discussion in google group
 [https://groups.google.com/forum/#!topic/cyberduck/to2dymHbxOo] thread.

 It appears that cyberduck does pass server name to the server when it
 establishes SSL connection.

 To reproduce an issue go open attached bookmark file.

 The following openssl command line demonstrates that sever is properly
 configured:

     openssl s_client -servername cyberduck.coobserver.com -connect
 cyberduck.coobserver.com:443

 Certificate CN name is cyberduck.coobserver.com

 If server name option is omitted then:

     openssl s_client -connect cyberduck.coobserver.com:443

 then server sends certificate with CN=dav.lianajoykids.com

 Cyberduck warns that certificate does not match server name. This means
 that cyberduck failed to send server name in SSL handshake.

 The demo site is empty and configured to resolve just this issue.

 Please send me email to sergeig at me dot com for password to access the
 website.

-- 
Ticket URL: <https://trac.cyberduck.io/ticket/7831>
Cyberduck <http://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows