SNI support
hengwoon opened this issue · comments
Are there plans to support SNI with Net::SMTP? Currently the TLS connection fails with a OpenSSL::SSL::SSLError: hostname foo.bar.com does not match the server certificate
, where the cert has a subject name of bar.com
, but is a multi-domain cert with foo.bar.com
as a subject alternative name
Currently this is what I am doing:
module Net
class SMTP
module ForceSNI
private
def ssl_socket(socket, context)
s = super
s.hostname = @address if s.respond_to? :hostname=
s
end
end
prepend ForceSNI
end
end
Unless I'm missing an option or something, I don't see a way to enable SNI currently
FYI: I didn't reallize net/smtp
had been extracted to a gem (lib/net/smtp.rb
still exists in the ruby repository). So I opened a ruby issue here: https://bugs.ruby-lang.org/issues/16611 and a github PR here: ruby/ruby#2883
Okay, see #4