KDE will start using SNI starting July 1st.

This is an announcement that the KDE Sysadmins will start using SNI on the KDE servers starting from July 1st. If you don’t know what SNI is, here is a small explanation:

This allows a server to present multiple certificates on the same IP address and port number and hence allows multiple secure (HTTPS) websites to be served off the same IP address without requiring all those sites to use the same certificate. It is the conceptual equivalent to HTTP/1.1 virtual hosting for HTTPS.

Simply put: IP-addresses (the old v4 ones) are starting to run out. Up to now we needed each and every https-site to run on a different IP-address. SNI makes it possible to run multiple https-sites on one IP-address. But if your browser does not support SNI, you get to see a certificate error.

We’ve pushed SNI to Qt  long ago, that way Konqueror supports it (from KDE 4.9.0), and all other main browsers we care about support it. If you run Konqueror with an earlier version of KDE, we suggest you reserve some time before July to upgrade.

If you want to test if your browser supports it, go to https://sni.velox.ch/. If you get certificate errors, then your browser does not support it. If the page says ‘Great’, than you can safely read the next blog now…

3 thoughts on “KDE will start using SNI starting July 1st.”

    1. That is a different topic but also close to impossible, unless you use a very ancient browser and/or disabled js entirely.
      But even if you are rejected you usually get an incident id which you should give us (the sysadmins) so we can check what goes wrong.

  1. The main impact of this will be on those using Internet Explorer on XP. On vista or later (assuming you’re not running an ancient version of IE) then there’s support for SNI. Very old versions of Qt (< 4.7 iirc) will also fail. The other impact will be on tools like wget, and people's custom scripts since most of these won't support SNI.

Leave a Reply

Your email address will not be published. Required fields are marked *

* Copy This Password *

* Type Or Paste Password Here *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>