Server Name Indication (SNI) is an extension to the TLS protocol that indicates what hostname the client is attempting to connect to at the start of the handshaking process. This allows a server to present multiple certificates on the same IP address and port number and hence allows multiple secure (HTTPS) websites (or any other Service over TLS) to be served off the same IP address without requiring all those sites to use the same certificate. It is the conceptual equivalent to HTTP/1.1 virtual hosting for HTTPS.
To make use of SNI practical, it is necessary that the vast majority of users use web browsers that support it. Users whose browsers do not support SNI will be presented with a default certificate and hence are likely to receive certificate warnings. As of November 2012, the only major user bases whose browsers do not support SNI appear to be users of Android 2.x (default browser), Internet Explorer 8 or below on Windows XP and versions of Java before 1.7 on any operating system.
Read more about Server Name Indication: Background of The Problem, How SNI Fixes The Problem, Support
Famous quotes containing the word indication:
“It is very certain that each man carries in his eye the exact indication of his rank in the immense scale of men, and we are always learning to read it. A complete man should need no auxiliaries to his personal presence.”
—Ralph Waldo Emerson (18031882)