Questions tagged [sni]

Server Name Indication, essential TLS extension for virtual hosting

Server Name Indication is a TLS extension benefiting virtual hosting by permitting different domain hosted on a single IP address to have a different certificate per hostname. it was first standardized in 2003 in RFC 3546. The most current version is documented in RFC 6066.

Even after ten years, support of this extension by tools and libraries can still be lacking but is becoming quasi universal.

329 questions

votes

0 answers

Even after setting jsse.enableSNIExtension to true, enableSNIExtension in ClientHandshaker has value false

I am trying to enable the SNI extension in my project. I set jsse.enableSNIExtension property by following ways: 1. Writing System.setProperty("jsse.enableSNIExtension", "true"); 2. Passing -Djsse.enableSNIExtension=true as VM argument I printed…

asked Nov 28 '19 at 23:15

ABHITRNG

votes

1 answer

Why doesn't libcurl set SNI for IPs?

I just noticed libcurl does not set SNI field when I use an IP for an HTTPS call. I found this: https://github.com/curl/curl/blame/master/lib/vtls/openssl.c #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME if((0 == Curl_inet_pton(AF_INET, hostname, &addr))…

libcurl sni

asked Oct 30 '19 at 18:37

Igor Gatis

4,648
10
43
66

votes

1 answer

How to set TLS/SNI option in gRPC client of Python/C++?

How do I set the TLS/SNI (https://en.wikipedia.org/wiki/Server_Name_Indication) in the Python/C++ gRPC client API? In other words, what's the equivalent of setting the -servername in openssl s_client? I have verified my TLS server works by using the…

ssl grpc sni

asked Sep 21 '18 at 00:58

steveyang

9,178
8
54
80

votes

1 answer

Configure Netty SSL client sockets to send SNI header in Android

I'd like to create an SSL/TLS connection using the Netty framework which will send a SNI header together during handshake. My current code looks like this: SslContext creation: TrustManagerFactory trustManagerFactory =…

sockets ssl netty sni

asked Sep 12 '16 at 15:11

georgeatkins

votes

2 answers

SSL+ Java 8 + OpenJDK + SNI + HTTPClient = Handshake Failure

I have some code that's been working for a long time that gets data from webapps over HTTP. It uses Apache HTTPClient (v. 4.5.2) and works great for sites with and without SSL. Recently, I've tried to use if for another site that happens to use SNI.…

java amazon-web-services ssl jce sni

asked Aug 05 '16 at 16:55

Sander Smith

1,371
4
20
30

votes

1 answer

Disable SNI in a modern browser

Is there a way to temporarily disable SNI in a modern browser? E.g. to test a website availability for older clients. (Should one worry about them since POODLE?)

ssl sni

asked Mar 10 '15 at 14:14

sanmai

29,083
12
64
76

votes

1 answer

How to set Hostname in SSL Handshake (SNI) in JDK 1.7.x

JDK 1.8 seems to be providing the following option to explicitly set Hostname for connecting to SNI enabled sites, SNIHostName serverName = new SNIHostName("www.example.com"); List serverNames = new ArrayList<>(1); …

java ssl sni

asked Feb 24 '15 at 05:16

Janaki Sathiyamurthy

votes

1 answer

Android HTTPS SNI support using SSLCertificateSocketFactory

I am trying to add SNI support using SSLCertificateSocketFactory.setHostname, With wireshark i see the communication between client and SNI enabled server, The CLIENT HELLO goes to the server(with the correct hostname set), Server responds with…

android sockets ssl sni

asked Jun 24 '14 at 22:31

baboo

1,983
17
23

votes

3 answers

Any workaround to run SNI supported sites on windows xp and IE8

This question is asked multiple time and there are well briefed answers, IE on XP does not support But we have problem that we have not enough public ips to assign for individual ssl based url. I have very basic question that can we run SNI…

ssl sni

asked May 02 '14 at 10:00

Mudasar Yasin

votes

3 answers

Apache SNI: multiple SSL certificates on one IP address

Today I'm trying to configure Apache to run two domains each with their own SSL certificate. From what I have read this is supported by SNI as long as my Apache is configured with a recent version of OpenSSL. I verified that it is: [notice]…

apache ssl sni

asked Jul 31 '13 at 21:30

Dan Pouliot

votes

1 answer

Https connection, differences between Android 2.3 and 4

I'm working on a project that retrieves images from different servers (http and https). I found this usefull Q/A to avoid the problem of No peer certificate error in Android 2.3, but i can't understand why in Android 4 (>3) this problem ("No peer…

android ssl https handshake sni

asked Mar 01 '13 at 10:49

StarsSky

6,721
6
38
63

votes

0 answers

Getting "403 Client Error: SNI is required" in Python requests

Unexpectedly, the API "requests" on python code started giving this error: Traceback (most recent call last): File "", line 1, in File "/usr/lib/python2.7/dist-packages/requests/api.py", line 55, in get return request('get', url,…

python ssl amazon-ec2 openssl sni

asked Jul 19 '21 at 09:05

Harshita

votes

1 answer

Is there a way to enable/setup ESNI in Nginx?

I was looking around for a way but I've only got that Nginx does implement the normal SNI and that's it. Can it be that ESNI is still a "not yet ready" feature for Nginx?

nginx sni

asked Aug 09 '20 at 12:48

Eugene

votes

2 answers

Java 8 https connection fails on some sites

I cannot access some of https resources. Please help to make https calls reliable. Examples I put here tested from Firefox browser, to ensure they are works properly. $ java -version openjdk version "1.8.0_121" OpenJDK Runtime Environment (build…

java ssl https sslhandshakeexception sni

asked Feb 22 '18 at 07:51

P_M

2,723
4
29
62

votes

1 answer

TIdHTTP and TLS SNI doesnt work

On my attempt the TLS SNI extension is missing. I don't know why. Can someone point me in the right direction? Embarcadero® RAD Studio 10 Seattle Version 23.0.21418.4207 Indy version: 10.6.2.5311 OpenSSL:…

delphi ssl indy sni idhttp

asked Sep 17 '16 at 09:18

complete_stranger

Prev 1 2

…

21 22 Next