Older servers with an openssl version earlier than 0.9.8f will have no
'SSL_set_tlsext_host_name' support, BUT those web servers will also not support SSLs hosted on a shared IP anyway. They all still require dedicatd IPs for hosting SSL certificates on them.
My question here is, how much re-engeering or effort would it take for the current “letsencrypt-auto” to detect those older servers such as the whole RHEL 5.x (and CenOS 5.x and all it’s other RHEL derivatives) which still run on openssl 0.9.8e with all applicable security CVEs backported to it, the ‘redhat’ enterpsie way.
There are still thousands of web servers that are hosted on those older OSs, and their 10 years enterpise support has a few years left on them and they won’t simply disappear anytime soon.
This stream of letsencrypt-auto would really help those web servers to also get SSL certifciates for their single dedicated IP hosted domains.