Questions tagged [sni]

Server Name Indication, essential TLS extension for virtual hosting

Server Name Indication is a TLS extension benefiting virtual hosting by permitting different domain hosted on a single IP address to have a different certificate per hostname. it was first standardized in 2003 in RFC 3546. The most current version is documented in RFC 6066.

Even after ten years, support of this extension by tools and libraries can still be lacking but is becoming quasi universal.

329 questions

votes

8 answers

Is SNI actually used and supported in browsers?

I can find various information about SNI (see Wikipedia), but I can't find any statistics about actual support in browsers. The best I could find out is that it should work on Windows XP with SP3. Does anyone know if SNI can actually be used in…

ssl cross-browser sni

asked Mar 01 '11 at 12:36

Aljosa Mohorovic

votes

6 answers

using requests with TLS doesn't give SNI support

I'm using requests to communicate with a django app but When I try requests.get('https://mysite.com', verify=True) I get the error: hostname 'mysite.com' doesn't match either of '*.myhost.com', 'myhost.com' However, when I look at the browser, or…

python ssl ssl-certificate python-requests sni

asked Sep 02 '13 at 17:43

Massagran

1,781
1
20
29

votes

1 answer

How to implement Server Name Indication (SNI)

How to implement Server Name Indication(SNI) on OpenSSL in C or C++? Are there any real world examples available?

c ssl openssl sni

asked Feb 25 '11 at 03:38

2.8a8a_G

votes

2 answers

Use cURL with SNI (Server Name Indication)

I am trying to use cURL to post to an API that just started using SNI (so they could host multiple ssl certs on 1 IP address). My cURL stopped working as a result of this move to SNI. They explained that it's because cURL is getting *.domain-a.com…

php ssl curl sni

asked Oct 17 '12 at 19:16

Justin

26,443
16
111
128

votes

3 answers

curl: how to specify target hostname for https request

I have a x.example which serves traffic for both a.example and b.example. x.example has certificates for both a.example and b.example. The DNS for a.example and b.example is not yet set up. If I add an /etc/hosts entry for a.example pointing to…

ssl curl sni

asked May 10 '18 at 18:25

lf215

1,185
7
41
83

votes

6 answers

How to simulate non-SNI browsers (without SNI support)?

I'm setting up Apache with several distinct SSL certificates for different domains that reside on the same server (and thus sharing the same IP address). With Qualys SSL Test I discovered that there are clients (i.e. BingBot as of december 2013)…

ssl client sni

asked Feb 03 '15 at 10:05

watery

5,026
9
52
92

votes

2 answers

Android SSL - SNI support

I would like to know about the support for the SSL/TLS Server Name Indication (SNI) extension in the Android SDK.

android ssl sni

asked May 04 '11 at 07:19

user736435

votes

4 answers

Extended server_name (SNI Extension) not sent with jdk1.8.0 but send with jdk1.7.0

I have implemented a JAX-WS client by using ApacheCXF (v3.0.4) and everything works successfully but the problem comes when I want to use a secure connection (SSL/TLS) with java 8 (jdk1.8.0_25). I see the following exception in log…

java web-services ssl cxf sni

asked Jun 13 '15 at 11:03

hints4dev

votes

5 answers

Server Name Indication (SNI) on Java

Can anyone help me get started on carrying out HTTP connections with server name indication in Java? I'm trying to request content from a site I'm adminstering. I've been using Apache's HttpClient library, but my request for secure content fails…

java http ssl sni

asked Sep 11 '12 at 00:11

JellicleCat

28,480
24
109
162

votes

3 answers

Is it possible to use Traefik to proxy PostgreSQL over SSL?

Motivations I am a running into an issue when trying to proxy PostgreSQL with Traefik over SSL using Let's Encrypt. I did some research but it is not well documented and I would like to confirm my observations and leave a record to everyone who…

postgresql tcp proxy traefik sni

asked Aug 11 '20 at 09:00

jlandercy

7,183
1
39
57

votes

2 answers

Multiple sites per Apache server with SSL showing wrong site with HTTPS

I have a Debian server which is running a number of client sites. Most of these are not running SSL so accessing by HTTP is fine. I have one customer with an SSL certificate and accessing their site via HTTPS is fine too. The problem comes if you…

apache ssl https sni

asked Sep 28 '13 at 18:29

Rob

votes

4 answers

Using C# can I make an SSL connection using Server Name Indication (SNI)?

I currently have this code that makes an SSL connection to a server: using (client = new TcpClient()) { client.Connect(Hostname, Port); var callback = new RemoteCertificateValidationCallback(ValidateServerCertificate); using (stream =…

c# ssl sni

asked Mar 30 '12 at 15:23

TonyM

votes

3 answers

SNI client-side mystery using Java8

I have an Apache web server that runs several TLS virtualhosts with different certs and SNI. I can access the various virtual hosts just fine using curl (presumably SNI makes it work). I can also access them fine with a little command-line Java…

java ssl sni

asked Mar 31 '16 at 03:39

Johannes Ernst

3,072
3
42
56

votes

3 answers

Apache2 error: Hostname provided via SNI and HTTP do not match

In my Apache error.log, I am getting an error like the following: Hostname www.example.com provided via SNI and hostname hk.dv.nextmedia.com provided via HTTP are different I have no idea what hk.dv.nextmedia.com is. It is not related to my…

apache ubuntu ssl server sni

asked Jan 05 '15 at 01:03

Koda

votes

3 answers

How to enable SNI in HTTP request using Apache HTTPComponents HttpClient?

I am trying to figure out how to send a successful HTTP GET request to a server requiring SNI. I searched on SO and other places, and found some articles that said that SNI is now supported in JDK7, as well as Apache HTTP…

apache-httpclient-4.x sni

asked Sep 15 '14 at 18:31

feroze

7,380
7
40
57

2 3

…

21 22 Next