Dec 12th, 2011
Server Name Indication
Server Name Indication
Server Name Indication (SNI) is a feature that extends the SSL and TLS protocols to indicate what hostname the client is attempting to connect to at the start of the handshaking process. By doing so it allows a server to present multiple certificates on the same IP address and port number and hence allows multiple secure (HTTPS) websites to be served off the same IP address without requiring all those sites to use the same certificate.
Unfortunately to make use of SNI practical it is necessary that the vast majority of users are using web browsers that support it. Users whose browsers do not support SNI will be presented with a default certificate and hence are likely to receive certificate warnings. As of 2011 there are still many users of browsers that do not support SNI.