Server Name Indication (SNI)

> Software Security > Cryptography - Key

1 - About

Server_Name_Indication is an extension to the TLS computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process.

SNI is more and more a requirement (all of Cloudflare FreeSSL works only with SNI)

Advertising

3 - Example

with Openssl

openssl s_client \
  -connect www.gerardnico.com:443 
  -servername gerardnico.com # sni settings

4 - Support

SNI is supported by all modern browsers, but outside of this it is not supported with older versions of:

  • Java (up to JDK6),
  • python (up to 2.7.9),
  • with some commonly used libraries on Android etc.

5 - Documentation / Reference