What is SNI?
Article Number: 1314 | Rating: 5/5 from 1 votes | Last Updated: Thu, Jan 26, 2017 at 3:48 PM
What is SNI?
TLS connections require the client to request a digital certificate from the web server. The client then compares the target name to the name on the certificate; this is often referred to as the SSL or TLS “handshake.” This operation functions as a useful safeguard against security breaches, but in practice, this restricts all HTTPS servers to serving only one domain per IP address because TLS does not permit name-based virtual hosting.
Name-based virtual hosting allows a web server to host multiple sites on a single IP address by using the client’s hostname HTTP header to select the appropriate site. HTTPS servers traditionally refuse virtual hosting because the TLS handshake occurs before the server can read the hostname header.
SNI allows a web server to host multiple sites on a single IP address through an extension to this handshake. This extension enables a client to specify the requested domain in the initial TLS request, thereby allowing the server to select the appropriate SSL certificate to send back to the client for verification.
Most popular web browsers and modern operating systems support SNI. Unsupported browsers will receive a default certificate and will often issue a certificate warning. Some notable exceptions include Internet Explorer 6 and earlier and Windows versions older than Vista.
Name-Based SSL with SNI is an extension to SSL that allows shared IPs to serve SSL-enabled web sites in an efficient way. As such, sites on a dedicated IP are no longer required to use SSL. SSL certificates can be installed for the primary and all secondary domains in a SiteWorx account, even if they use the server's primary shared IP. Installing the SSL certificates no longer requires extra workarounds or troubleshooting; simply installing the certificate through SiteWorx for the appropriate domain is sufficient.
There are no attachments for this article.
What are SSL certificates?
Added on Tue, Aug 5, 2014
What is a Wildcard SSL certificate?
Added on Tue, Feb 3, 2015
What is a chain of SSL certificates?
Added on Tue, Feb 24, 2015
How to resolve the SSL warning when logging in to SiteWorx
Added on Wed, Mar 11, 2015
How to purchase a Wildcard SSL certificate
Added on Wed, Jan 14, 2015
What is an extended validation (EV) multi-domain SSL certificate?
Added on Thu, Feb 5, 2015
How to install SSL certificates in SiteWorx
Added on Fri, Jun 28, 2013
How to manage SSL certificates for system services
Added on Wed, Apr 15, 2015
How to purchase an extended validation (EV) standard SSL certificate
Added on Mon, Dec 22, 2014
How to renew your SSL certificate
Added on Mon, Feb 23, 2015