jpdasma

I'm thinking if it's better to have an option to use SNI or just always enable it? The default `openssl` binary uses SNI by default.

@HarlemSquirrel sorry for the direct ping, but can you share your insights regarding this? This patched work for my test, but I'm not sure if it's a good idea to...

I'll fix the broken tests first.

The failing test should be fixed now. I also tested with `db.debian.org:636`. From some of my readings, SNI is an optional TLS extension, so it should be safe to be...

@HarlemSquirrel based on my tests, I think this should be safe to merge. I didn't encountered any issues with OpenLDAP and Windows LDAP.

It's been a while since I filed this issue. I could still reproduce it, however when I called `termux-wake-unlock` first before killing `sshd`, it seems to work properly. Will try...

@papanito Can you try to delete the ingress and recreate it again with the annotation in place? I tested this and this seems to happen if you updated the ingress...

So yeah, I think what happens is that cert-manager doesn't detect any changes for existing Ingress. So if we have an existing Ingress, and then added the annotation `acme.cert-manager.io/http01-edit-in-place: 'true'...