cURL / Mailing Lists / curl-library / Single Mail


RE: Manual setting of TLS Server Name Indication

From: Daniel Stenberg <>
Date: Tue, 10 Aug 2010 00:39:36 +0200 (CEST)

On Mon, 9 Aug 2010, Matthieu Speder wrote:

> I'm not sure to understand your idea with the custom Host header : for me
> the server will only get this within the HTTP header, so after the TLS
> transaction took place and it is then too late to modify the handshake to
> request client cert. But maybe I missed something.

I meant like how you pass on a custom Host: header to work with named-based
virtual hosts when you don't have their names in the DNS. Like for example if
you work on your site locally you can still try it with curl

$ curl -H "Host:"

This feature is called CURLOPT_HTTPHEADER in libcurl lingo, and when you set a
custom Host: like this libcurl automatically works with that host when it does
cookie magic.

We could (or should?) perhaps do the same when a custom Host: is used and an
SNI name is passed on, as then (lib)curl would still do the proper SNI even
when trying out a local https:// site like above.

List admin:
Received on 2010-08-10