[Cyberduck-trac] [Cyberduck] #7831: SNI support in the non-App Store version

Cyberduck trac at trac.cyberduck.io
Mon Mar 3 05:07:46 UTC 2014

#7831: SNI support in the non-App Store version
    Reporter:  sergei  |      Owner:
        Type:  defect  |     Status:  new
    Priority:  normal  |  Milestone:
   Component:  core    |    Version:  4.4.3
    Severity:  normal  |   Keywords:
Architecture:  Intel   |   Platform:  Mac OS X 10.9
 This issue is related to discussion in google group
 [https://groups.google.com/forum/#!topic/cyberduck/to2dymHbxOo] thread.

 It appears that cyberduck does pass server name to the server when it
 establishes SSL connection.

 To reproduce an issue go open attached bookmark file.

 The following openssl command line demonstrates that sever is properly

     openssl s_client -servername cyberduck.coobserver.com -connect

 Certificate CN name is cyberduck.coobserver.com

 If server name option is omitted then:

     openssl s_client -connect cyberduck.coobserver.com:443

 then server sends certificate with CN=dav.lianajoykids.com

 Cyberduck warns that certificate does not match server name. This means
 that cyberduck failed to send server name in SSL handshake.

 The demo site is empty and configured to resolve just this issue.

 Please send me email to sergeig at me dot com for password to access the

Ticket URL: <https://trac.cyberduck.io/ticket/7831>
Cyberduck <http://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows

More information about the Cyberduck-trac mailing list