SNI support on centos 5.9

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,261
463
Hello :)

Yes, that is correct. CentOS 6, RHEL 6, or CloudLinux 6 is required for SNI to function. The version of the OpenSSL library provided on older versions of CentOS/CloudLinux/RHEL does not support SNI.

Thank you.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,261
463
Keep in mind that SNI is not required. You are welcome to continue using dedicated IP addresses for SSL certificates. Or, you could migrate the accounts to a system that uses an OS that supports SNI.

Thank you.
 

upsforum

Well-Known Member
Jul 27, 2005
474
0
166
but in my apache status I see

Apache server status for vps5.XXXXX.net

Server Version: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.1e mod_bwlimited/1.4

not sufficient?
 

upsforum

Well-Known Member
Jul 27, 2005
474
0
166
I compiled openssl 1.0.1e with "enable-tlsext", rebuil apache and now work fine, you can see here: Removed link to third-party URL

I have only question is problem if primary website not is wildcard cert that i use for hostname of vps? in screenshot you can see that wildcard cert is used con SNI and not is set like primary website but is second cert shared (in second row)
 
Last edited by a moderator:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,261
463
You are using an unsupported version of OpenSSL for CentOS 5 in regards to cPanel. While you are welcome to attempt to utilize SNI, it's not something we can support until you are using CentOS 6.

Thank you.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,261
463
I have only question is problem if primary website not is wildcard cert that i use for hostname of vps? in screenshot you can see that wildcard cert is used con SNI and not is set like primary website but is second cert shared (in second row)
That just means the hostname of that certificate is not created directly as an account or domain name on the server.

Thank you.