SNI (Server Name Indication) was originally not part of the SSL protocol. However, in 2003 it was added as an extension to SSL/TLS and used in HTTPS. The SNI is included as part of an SSL/TLS handshake to let the client device know the name of the SSL host it's trying to connect to.
The SNI specification enables a web browser to connect securely via https to an Internet host, even when that host is sharing an IP address with other hosts to which it is not the primary destination. So, if you have a domain name, https://example.com, and other websites like https://example2.com and https://example3.com on the same IP, SNI helps the browser create a secure connection.
The Server Name Indication is a crucial function of the SSL protocol. Without it, each website would require a dedicated IP address for an SSL certificate to be installed. Server Name Indication (SNI) reduces the IP addresses needed to host multiple websites with SSL on a single machine.
Let's understand the SNI concept by referring to the following image.
If you have hosted multi-domains in the same IP, you must enable the SNI option. Otherwise, you do not need to enable it.
SNI Support Browsers and Tools:
- Android Phones Default Browser - version 4.x and above (Ice Cream Sandwich)
- Android Tablet Default Browser - version 3.x and above (Honeycomb)
- Google Chrome - version 6.0 and above.
- Internet Explorer - version 7 and above
- Mozilla Firefox - version 2.0 and above
SNI Support Servers:
- Apache - version 2.2.12 and above.
- Apache Tomcat - version 9 and above.
- IBM HTTP Server - version 9.0.0 and above.
- Jetty - starting with version 9.3.0.
- Microsoft Internet Information Services (IIS) - IIS 8 and above versions.
- NGINX - version 0.5.23 and above.
SNI Supported Languages:
- Perl - version 1.56 and above
- PHP - version 5.6 and above
- Python - version 3.2alpha4 and above
- Ruby - version 2.0 and above