Server Name Indication (SNI)


Server_Name_Indication 1) is an extension to the TLS computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process.

It's the TLS’s equivalent of the HTTP Host header and is used in case of virtual host to select the server certificate to serve.

SNI is more and more a requirement (all of Cloudflare FreeSSL works only with SNI) because it's part the ACME challenge


with Openssl

openssl s_client \
  -servername # sni settings



SNI is supported by all modern browsers, but outside of this it is not supported with older versions of:

  • Java (up to JDK6),
  • python (up to 2.7.9),
  • with some commonly used libraries on Android etc.


Nginx supports it 2). The name is saved in the variable $ssl_server_name


Powered by ComboStrap