Hi,
Yoav's tcpdump analysis, together with Martin's observations, helped
me find the problem at the server end. I've changed the config now
(addding a missing 'NameVirtualHost *:443' to Apache's config), and
Stuart's example now works for me on OS X Snow Leopard and Lion:
svn info https://svn.tools.ietf.org/svn/wg/hybi
(The box running Lion isn't happy with the certificate, though, even
if all other means of verification I have tells me it's OK.)
Thanks and best regards,
Henrik
On 2011-09-26 22:11 Yoav Nir said:
The client sends a SNI extension with the name "svn.tools.ietf.org".
For some reason the server does not recognize the name. This is
particularly puzzling because the CommonName in the server
certificate is "*.tools.ietf.org", which is usually considered a
match. The server sends a warning-level "unrecognized name" alert,
and the client breaks the connection.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf