How to make a dynamic SSL HTTPS server in nodejs without SNICallback

*"maybe using open SSL?"* - nodejs is already using the openssl library and SNICallback is basically the way how openssl requires the application to implement different certificates based on the given server name in the TLS ClientHello (i.e. SNI). And just stating *"I want to ... without using SNICallback"* looks like an [XY problem](https://meta.stackexchange.com/questions/66377/what-is-the-xy-problem) to me - where does this requirement comes from, i.e. what real problem dictates that you cannot use SNICallback?

@SteffenUllrich I wanted it to be used as a normal production web server. But I also wanted to be able to use tools like curl which doesn't appear to support SNICallback. unless I'm wrong.

curl is a HTTP client and not a server. All modern clients (including curl) send the server name in the ClientHello and thus work together with the SNICallback in nodejs. Also, you could also simply add the various contexts using [server.addContext](https://stackoverflow.com/a/25953210/3081018) which inside uses the SNI callback (or in terms of openssl API - [SSL_CTX_set_tlsext_servername_callback](https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_tlsext_servername_callback.html)). And if the server name is not given in the ClientHello addContext will use the most recently added context.

(@SteffenUllrich) except _obsolete_ tools like a router or embedded device from about 2012 or earlier with no updates from the manufacturer (e.g. went bankrupt) -- then you might lack SNI. In that case you either need to get a cert with SAN listing all the servernames (clients mostly supported SAN since early noughties) or _if_ your servernames are all subdomains of the same domain get a cert with a _wildcard_ name that matches all of them. Otherwise use the old old way, different servers on different IP addresses or ports :-(

@SteffenUllrich what I really had in mind was making a HTTPS server from scratch using net.Server

@wesleyallison: *"making a HTTPS server from scratch using net.Server"* - net.Server has no support for TLS. That's what the TLS module is for - which has also support for SNI. Anyway, all of this seems to be off-topic here since serverfault.com is not about programming - that's what stackoverflow.com is for.

@SteffenUllrich sorry if it's off topic. I think what I'm trying to do is to complicated: I'm trying to remake TLS I guess

I sit in a Tesla and translated this thread with Ai: