14224 – add support for multiple TLS keys, let samba select right one based on SNI

Bug 14224 - add support for multiple TLS keys, let samba select right one based on SNI

Summary: add support for multiple TLS keys, let samba select right one based on SNI

Status:	NEW

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	Other (show other bugs)
Version:	unspecified
Hardware:	All All

Importance:	P5 enhancement (vote)
Target Milestone:	---
Assignee:	Andrew Bartlett
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2019-12-23 10:22 UTC by Björn Jacke
Modified:	2019-12-23 10:22 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Björn Jacke 2019-12-23 10:22:52 UTC

it would be great if we could define multiple TLS certificates for Samba and let Samba choose the right key based on the SNI of the requesting client. This way Samba could for example get additional TLS sertificates for alias names which could be used by proxies or load balancers without having to mess with replacing the main AD controller TLS certificate of the DCs.