{"id":1083,"date":"2017-03-21T07:30:00","date_gmt":"2017-03-21T07:30:00","guid":{"rendered":"https:\/\/fir3netwp.gmsrrpobkbd.com\/2017\/03\/21\/what-is-sni-server-name-indication\/"},"modified":"2021-07-24T15:06:15","modified_gmt":"2021-07-24T15:06:15","slug":"what-is-sni-server-name-indication","status":"publish","type":"post","link":"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html","title":{"rendered":"What is SNI (Server Name Indication)?"},"content":{"rendered":"

What is SNI?<\/h2>\n

SNI (Server Name Indication) is an extension to the TLS protocol, that provides the ability to host multiple HTTPS-enabled sites on a single IP.<\/p>\n

How does it work?<\/h2>\n

Prior to SNI the client (i.e browser) would send the requested hostname to the webserver within the HTTPS payload (Figure 1). Due to the hostheader being encrypted the SSL handshake and certificate retrieval had to be completed before it could be read. As a a result, websites hosted on the same IP address were forced to use the same SSL certificate, or they needed to each have their own IP address.<\/p>\n

Figure 1<\/strong> – TLS Handshake without SNI.<\/p>\n

\"no_sni\" <\/picture><\/a><\/p>\n

(Source: devcentral.f5.com<\/a>)<\/p>\n

SNI allows the client to include the requested hostname in the first message (CLIENT_HELLO) of the SSL handshake (Figure 2). The webserver can then use this hostname to present the correct certificate the client. This, in turn allows multiple certificates to be hosted onto a single IP address.<\/p>\n

Figure 2<\/strong> – TLS Handshake with SNI<\/p>\n

\"with_sni\" <\/picture><\/a><\/p>\n

(Source: devcentral.f5.com<\/a>)<\/p>\n

How is this different to SAN?<\/h2>\n

Unlike SNI, a TLS extension, SAN (Subject Alternative Name)<\/strong> is a property of the X509 certification specification. The Subject Alternative Name field lets you specify alternative names that are also valid for the subject (in addition to Common Name that lets you specify a single hostname).<\/p>\n

NOTE <\/span> Subject Alternative Name and wildcard names are the 2 main ways of using a single certificate for multiple hostnames.<\/p>\n

References<\/h2>\n

https:\/\/www.kinamo.be\/en\/support\/faq\/what-is-server-name-indication-sni<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

What is SNI? SNI (Server Name Indication) is an extension to the TLS protocol, that provides the ability to host multiple HTTPS-enabled sites on a single IP. How does it work? Prior to SNI the client (i.e browser) would send the requested hostname to the webserver within the HTTPS payload (Figure 1). Due to the … Read more<\/a><\/p>\n","protected":false},"author":2,"featured_media":1078,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[],"yoast_head":"\nWhat is SNI (Server Name Indication)? - Fir3net<\/title>\n<meta name=\"description\" content=\"What is SNI? SNI (Server Name Indication) is an extension to the TLS protocol, that provides the ability to host multiple HTTPS-enabled sites on a single\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is SNI (Server Name Indication)? - Fir3net\" \/>\n<meta property=\"og:description\" content=\"What is SNI? SNI (Server Name Indication) is an extension to the TLS protocol, that provides the ability to host multiple HTTPS-enabled sites on a single\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html\" \/>\n<meta property=\"og:site_name\" content=\"Fir3net\" \/>\n<meta property=\"article:published_time\" content=\"2017-03-21T07:30:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-07-24T15:06:15+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.fir3net.com\/wp-content\/uploads\/2017\/03\/images_1489894300_33.png\" \/>\n\t<meta property=\"og:image:width\" content=\"128\" \/>\n\t<meta property=\"og:image:height\" content=\"128\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Rick Donato\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Rick Donato\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html\"},\"author\":{\"name\":\"Rick Donato\",\"@id\":\"https:\/\/www.fir3net.com\/#\/schema\/person\/ab35009601b7687ee1c5310be6038037\"},\"headline\":\"What is SNI (Server Name Indication)?\",\"datePublished\":\"2017-03-21T07:30:00+00:00\",\"dateModified\":\"2021-07-24T15:06:15+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html\"},\"wordCount\":256,\"publisher\":{\"@id\":\"https:\/\/www.fir3net.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.fir3net.com\/wp-content\/uploads\/2017\/03\/images_1489894300_33.png\",\"articleSection\":[\"Security Concepts\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html\",\"url\":\"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html\",\"name\":\"What is SNI (Server Name Indication)? - Fir3net\",\"isPartOf\":{\"@id\":\"https:\/\/www.fir3net.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.fir3net.com\/wp-content\/uploads\/2017\/03\/images_1489894300_33.png\",\"datePublished\":\"2017-03-21T07:30:00+00:00\",\"dateModified\":\"2021-07-24T15:06:15+00:00\",\"description\":\"What is SNI? SNI (Server Name Indication) is an extension to the TLS protocol, that provides the ability to host multiple HTTPS-enabled sites on a single\",\"breadcrumb\":{\"@id\":\"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html#primaryimage\",\"url\":\"https:\/\/www.fir3net.com\/wp-content\/uploads\/2017\/03\/images_1489894300_33.png\",\"contentUrl\":\"https:\/\/www.fir3net.com\/wp-content\/uploads\/2017\/03\/images_1489894300_33.png\",\"width\":128,\"height\":128},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.fir3net.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\/\/www.fir3net.com\/security\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Security Concepts\",\"item\":\"https:\/\/www.fir3net.com\/security\/concepts-security\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"What is SNI (Server Name Indication)?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.fir3net.com\/#website\",\"url\":\"https:\/\/www.fir3net.com\/\",\"name\":\"Fir3net\",\"description\":\"Keeping you in the know\",\"publisher\":{\"@id\":\"https:\/\/www.fir3net.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.fir3net.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.fir3net.com\/#organization\",\"name\":\"Fir3net\",\"url\":\"https:\/\/www.fir3net.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.fir3net.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.fir3net.com\/wp-content\/uploads\/Fir3net-Background-Logo-compressed.png\",\"contentUrl\":\"https:\/\/www.fir3net.com\/wp-content\/uploads\/Fir3net-Background-Logo-compressed.png\",\"width\":390,\"height\":88,\"caption\":\"Fir3net\"},\"image\":{\"@id\":\"https:\/\/www.fir3net.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.fir3net.com\/#\/schema\/person\/ab35009601b7687ee1c5310be6038037\",\"name\":\"Rick Donato\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.fir3net.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d75d69a54c0ca3b32c24c3a9703b623c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d75d69a54c0ca3b32c24c3a9703b623c?s=96&d=mm&r=g\",\"caption\":\"Rick Donato\"},\"description\":\"Rick Donato is a Network Automation Architect\/Evangelist and the founder of Packet Coders.\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"What is SNI (Server Name Indication)? - Fir3net","description":"What is SNI? SNI (Server Name Indication) is an extension to the TLS protocol, that provides the ability to host multiple HTTPS-enabled sites on a single","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html","og_locale":"en_US","og_type":"article","og_title":"What is SNI (Server Name Indication)? - Fir3net","og_description":"What is SNI? SNI (Server Name Indication) is an extension to the TLS protocol, that provides the ability to host multiple HTTPS-enabled sites on a single","og_url":"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html","og_site_name":"Fir3net","article_published_time":"2017-03-21T07:30:00+00:00","article_modified_time":"2021-07-24T15:06:15+00:00","og_image":[{"width":128,"height":128,"url":"https:\/\/www.fir3net.com\/wp-content\/uploads\/2017\/03\/images_1489894300_33.png","type":"image\/jpeg"}],"author":"Rick Donato","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Rick Donato","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html#article","isPartOf":{"@id":"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html"},"author":{"name":"Rick Donato","@id":"https:\/\/www.fir3net.com\/#\/schema\/person\/ab35009601b7687ee1c5310be6038037"},"headline":"What is SNI (Server Name Indication)?","datePublished":"2017-03-21T07:30:00+00:00","dateModified":"2021-07-24T15:06:15+00:00","mainEntityOfPage":{"@id":"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html"},"wordCount":256,"publisher":{"@id":"https:\/\/www.fir3net.com\/#organization"},"image":{"@id":"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html#primaryimage"},"thumbnailUrl":"https:\/\/www.fir3net.com\/wp-content\/uploads\/2017\/03\/images_1489894300_33.png","articleSection":["Security Concepts"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html","url":"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html","name":"What is SNI (Server Name Indication)? - Fir3net","isPartOf":{"@id":"https:\/\/www.fir3net.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html#primaryimage"},"image":{"@id":"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html#primaryimage"},"thumbnailUrl":"https:\/\/www.fir3net.com\/wp-content\/uploads\/2017\/03\/images_1489894300_33.png","datePublished":"2017-03-21T07:30:00+00:00","dateModified":"2021-07-24T15:06:15+00:00","description":"What is SNI? SNI (Server Name Indication) is an extension to the TLS protocol, that provides the ability to host multiple HTTPS-enabled sites on a single","breadcrumb":{"@id":"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html#primaryimage","url":"https:\/\/www.fir3net.com\/wp-content\/uploads\/2017\/03\/images_1489894300_33.png","contentUrl":"https:\/\/www.fir3net.com\/wp-content\/uploads\/2017\/03\/images_1489894300_33.png","width":128,"height":128},{"@type":"BreadcrumbList","@id":"https:\/\/www.fir3net.com\/Security\/Concepts-and-Terminology-Security\/what-is-sni-server-name-indication.html#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.fir3net.com\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.fir3net.com\/security"},{"@type":"ListItem","position":3,"name":"Security Concepts","item":"https:\/\/www.fir3net.com\/security\/concepts-security"},{"@type":"ListItem","position":4,"name":"What is SNI (Server Name Indication)?"}]},{"@type":"WebSite","@id":"https:\/\/www.fir3net.com\/#website","url":"https:\/\/www.fir3net.com\/","name":"Fir3net","description":"Keeping you in the know","publisher":{"@id":"https:\/\/www.fir3net.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.fir3net.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.fir3net.com\/#organization","name":"Fir3net","url":"https:\/\/www.fir3net.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.fir3net.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.fir3net.com\/wp-content\/uploads\/Fir3net-Background-Logo-compressed.png","contentUrl":"https:\/\/www.fir3net.com\/wp-content\/uploads\/Fir3net-Background-Logo-compressed.png","width":390,"height":88,"caption":"Fir3net"},"image":{"@id":"https:\/\/www.fir3net.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.fir3net.com\/#\/schema\/person\/ab35009601b7687ee1c5310be6038037","name":"Rick Donato","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.fir3net.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d75d69a54c0ca3b32c24c3a9703b623c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d75d69a54c0ca3b32c24c3a9703b623c?s=96&d=mm&r=g","caption":"Rick Donato"},"description":"Rick Donato is a Network Automation Architect\/Evangelist and the founder of Packet Coders."}]}},"_links":{"self":[{"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/posts\/1083"}],"collection":[{"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/comments?post=1083"}],"version-history":[{"count":0,"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/posts\/1083\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/media\/1078"}],"wp:attachment":[{"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/media?parent=1083"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/categories?post=1083"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/tags?post=1083"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}