Server Name Indication (SNI) is an extension to the TLS protocol that indicates what hostname the client is attempting to connect to at the start of the handshaking process. This allows a server to present multiple certificates on the same IP address and port number and hence allows multiple secure (HTTPS) websites (or any other Service over TLS) to be served off the same IP address without requiring all those sites to use the same certificate. It is the conceptual equivalent to HTTP/1.1 virtual hosting for HTTPS.
To make use of SNI practical, it is necessary that the vast majority of users use web browsers that support it. Users whose browsers do not support SNI will be presented with a default certificate and hence are likely to receive certificate warnings. As of November 2012, the only major user bases whose browsers do not support SNI appear to be users of Android 2.x (default browser), Internet Explorer 8 or below on Windows XP and versions of Java before 1.7 on any operating system.
Read more about Server Name Indication: Background of The Problem, How SNI Fixes The Problem, Support
Famous quotes containing the word indication:
“If a man cannot do brain work without stimulants of any kind, he had better turn to hand work—it is an indication on Nature’s part that she did not mean him to be a head worker.”
—Thomas Henry Huxley (1825–95)