Overview#Server Name Indication (SNI) is an TLS extension computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process.
Server Name Indication allows a server to present multiple certificates on the same IP Address and TCP port number and hence allows multiple secure (HTTPS) websites (or any other Service over TLS) to be served off the same IP address without requiring all those sites to use the same certificate. Server Name Indication is the conceptual equivalent to HTTP/1.1 name-based virtual hosting, but for HTTPS.
To make use of Server Name Indication practical, the vast majority of users must use web browsers that implement it. Users whose browsers do not implement Server Name Indication are presented with a default certificate and hence are likely to receive certificate warnings, unless the server is equipped with a wildcard certificate that matches the name of the website.
More Information#There might be more information for this subject on one of the following:
- Encrypted Server Name Indication
- Issues and Requirements for SNI Encryption in TLS
- TLS Client Authentication
- TLS Protocol Limitations
- Web Blog_blogentry_031115_1