This allows a server to present multiple certificates on the same IP address and TCP port number and hence allows multiple secure ( HTTPS) websites (or any other Service over TLS) to be served off the same IP address without requiring all those sites to use the same certificate. Server Name Indication ( SNI) is an extension to the TLS computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. Prior to IIS 8.0, you could only bind a single certificate to an individual IP address which you could only bind to one website, due to the way that handshaking worked at the time. “Require Server Name Indication” or “ make IIS support multiple SSL/TLS certificates” as I used to call it is a feature of IIS which allows you to bind different digital certificates to different websites within IIS using the same IP address. IIS allows you to set this value when configuring HTTPS site bindings on websites, as per below: Let me start at the beginning.Īs of Internet Information Services (IIS) 8.0 (Windows Server 2012) and continuing in the latest version, 8.5 (Windows Server 2012 R2) there is now support for “ Server Name Indication”, or SNI. Today I went on an unusual journey, and it involved paying the price for configuring Microsoft’s web server (specifically, IIS 8.0 and 8.5) with scant regard for why it works the way it does.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |