SNI (Server Name Indication)

SNI (Server Name Indication) is a method which enables the use of multiple domains and SSL certificates on a single web server and IP address. Thanks SNI capable server when the client connects to determine which virtual server the client wants to see, and send them the correct SSL certificate for the correct domain. Without the support SNI client would send any certificate, because they would not know which domain you want to see.

Advantages and disadvantages of SNI

With the support of SNI on the server you do not have any domain SSL certificate (virtual server) to assign a separate IP address as it was before. Server with a browser client speaks and sends him right SSL certificate.

The disadvantage is incompatibility with older systems and browsers, such as Windows XP. A complete list of frequently used software compatibility is shown below.

Software support of SNI

The method SNI is supported in all modern browsers and servers.

Browsers

Browsers with TLS server name indication support

  • Mozilla Firefox 2.0 or newer
  • Opera 8.0 or newer (TLS must be enabled)
  • Internet Explorer 7 (Vista, not XP) or newer
  • Google Chrome (Vista and newer, on XP since 6)
  • Safari 3.2.1 Mac OS X 10.5.6 and newer

Mobil browsers

  • Android - default browser on Honeycomb (v3.x+)
  • Opera Mobile since 10.1 beta
  • Windows Phone 7
  • Mobile Safari in Apple iOS 4.0 a newer

Servers with SNI support

  • Microsoft Internet Information Server IIS 8
  • Apache 2.2.12 or newer with mod_gnutls or mod_ssl
  • Cherokee, if it's compiled with TLS support
  • lighttpd 1.4.x and 1.5.x
  • Nginx with OpenSSL and SNI support

Operation systems and browsers without SNI support

Following systems do not support SNI:

Operating systems and browsers

  • Windows XP, and in this system, all versions of Internet Explorer
  • Internet Explorer version 6 or less
  • Safari on Windows XP
  • Konqueror/KDE below 4.7
  • Microsoft Internet Information Server IIS below 7
  • Android browser in version 2.x
  • Windows Mobile up to 6.5

Source: article about SNI on Wikipedia.com