Node.js - Change the SSL certificate for an HTTPS server dynamically at runtime

Question

I'm building an HTTPS proxy in node. Basically I'm allowing people to set a DNS CNAME alias to my proxy machine (which has a wildcard DNS setupped), and import their SSL certificate into my application (like AWS Elastic Load Balancer does) so that their CNAME hostname is properly protected and recognized by the client on every request.

Now I'm working on the proxy side, and I'm trying to find a way to load the right certificate dynamically before the SSL handshake with the client. The workflow is:

1. A new request is received by the server
2. Get the hostname requested by the client (that is the DNS CNAME alias set by the user)
3. Load the right certificate belonging to that hostname
4. Use the loaded certificate in the current request (need help here)
5. Handshake (with the loaded certificate - which varies from request to request)

Is there a way to do that?

Answer 1

Here we go: using SNI in node should make it work.

The problem is that not all the clients (browsers or libraries) support it yet.