Contact
Site: US UK AU |

What is SNI?

What is SNI?

Overview
Standing for server name indication, SNI is an TLS protocol extension that allows a server to connect multiple SSL certificates a single IP address.

Definition

Standing for server name indication (SNI), this extension to the TLS protocol allows a server to connect multiple SSL certificates to a single IP address.

Function

TLS connections require the client to request a digital certificate from the web server. The client then compares the target name to the name on the certificate; this is often referred to as the SSL or TLS “handshake.” This operation functions as a useful safeguard against security breaches, but in practice, this restricts all HTTPS servers to serving only one domain per IP address because TLS does not permit name-based virtual hosting.

Name-based virtual hosting allows a web server to host multiple sites on a single IP address by using the client’s hostname HTTP header to select the appropriate site. HTTPS servers traditionally refuse virtual hosting because the TLS handshake occurs before the server can read the hostname header.   

SNI allows a web server to host multiple sites on a single IP address through an extension to this handshake. This extension enables a client to specify the requested domain in the initial TLS request, thereby allowing the server to select the appropriate SSL certificate to send back to the client for verification.

Supported browsers

Most popular web browsers and modern operating systems support SNI. Unsupported browsers will receive a default certificate and will often issue a certificate warning. Some notable exceptions include Internet Explorer 6 and earlier and Windows versions older than Vista.

Application

Name-Based SSL with SNI is an extension to SSL that allows shared IPs to serve SSL-enabled web sites in an efficient way. As such, sites on a dedicated IP are no longer required to use SSL. SSL certificates can be installed for the primary and all secondary domains in a SiteWorx account, even if they use the server's primary shared IP. Installing the SSL certificates no longer requires extra workarounds or troubleshooting; simply installing the certificate through SiteWorx for the appropriate domain is sufficient.

Article Rating (1 Votes)
Rate this article
  • Icon PDFExport to PDF
  • Icon MS-WordExport to MS Word
 
Attachments Attachments
There are no attachments for this article.
Related Articles RSS Feed
How to renew your SSL certificate
Added on Mon, Feb 23, 2015
What is a standard SSL certificate?
Added on Thu, Feb 5, 2015
How to cancel a SSL certificate
Added on Wed, Oct 17, 2018
How to import SSL certificates in your Client Portal
Added on Thu, Sep 13, 2018
How to generate a CSR
Added on Thu, Jun 7, 2018
What is a self-signed SSL certificate?
Added on Mon, May 18, 2015
What are the benefits of dedicated IP addresses?
Added on Thu, Jan 14, 2016
How to purchase standard SSL certificates
Added on Fri, Sep 14, 2018
How to resolve the SSL warning when logging in to SiteWorx
Added on Wed, Mar 11, 2015
What is a chain of SSL certificates?
Added on Tue, Feb 24, 2015