Server Name Indication (SNI) is an extension to the TLS computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. This allows a server to present multiple certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites (or any other Service over TLS) to be served off the same IP address without requiring all those sites to use the same certificate. It is the conceptual equivalent to HTTP/1.1 name-based virtual hosting, but for HTTPS.
To make SNI useful, as with any protocol, the vast majority of visitors must use web browsers that implement it. Users whose browsers do not implement SNI are presented with a default certificate and hence are likely to receive certificate warnings.
Please refer the below table to see which browsers/platforms did or did not implement SNI support.
Software | Type | Supported | Notes | Supported Since |
Internet Explorer | Web browser | Yes | Since version 7 on Vista (not supported on XP) | 2006 |
Mozilla Firefox | Web browser | Yes | Since version 2.0 | 2006 |
cURL | Command-line tool and library | Yes | Since version 7.18.1 | 2008 |
Safari | Web browser | Yes | Not supported on XP | |
Google Chrome | Web browser | Yes | Since 6.0 | 2010 |
BlackBerry OS | Web browser | Yes | 7.2 or later | |
Windows Mobile | Web browser | Yes | Some time after 6.5 | |
Android default browser | Web browser | Yes | Honeycomb (3.x) for tablets and Ice Cream Sandwich (4.x) for phones | 2011 |
wget | Command-line tool | Yes | Since version 1.14 | 2012 |
Nokia Browser for Symbian | Web browser | No | ||
Opera Mobile for Symbian | Web browser | No | Not supported on Series 60 | |
IBM HTTP Server | Web server | No | ||
Apache Tomcat | Web server | Yes | Not supported in 8 or earlier | |
Apache HTTP Server | Web server | Yes | Since version 2.2.12 | 2009 |
Microsoft IIS | Web server | Yes | Since version 8 | 2012 |
Qt | Library | Yes | Since version 4.8 | 2011 |
Mozilla NSS server side | Library | No | ||
Java | Library | Yes | Since version 1.7 | 2011 |
Go | Library | Yes | Since version 1.4 | 2011 |
Perl | Library | Yes | Since Net::SSLeay version 1.50 and IO::Socket::SSL version 1.56 | 2012 |
PHP | Library | Yes | Since version 5.6.x | 2014 |
Python | Library | Yes | Supported in 2.x from 2.7.9rc1 and 3.x from 3.2alpha4 (in ssl, urllib and httplib modules) |
2011 for Python 3.x and 2014 for Python 2.x |