Differences Between SNI and SANs
- Multiple SSL certificates can be supported on a single server using SNI or SANs. Their approaches to offering this help, nevertheless, vary. SANs are a certificate feature, whereas SNI is a server-side technique.
- SNI allows a web server to host several certificates on a single IP address, as you are already aware. Based on the domain name supplied by the client in the initial request, SNI enables the server to choose the appropriate certificate when a client connects to it.
- SANs, on the other hand, are an SSL certificate feature that enables the security of numerous domain names with a single certificate installation. A list of extra domain names (sometimes referred to as Subject Alternative Names) that you can secure with a single certificate is included in a SAN certificate.
- Regarding compatibility, the majority of servers and web browsers from today support SNI and SANs. It’s possible, though, that some legacy systems won’t work with them.
What is Server Name Indication (SNI)?
All that a server name is is the computer’s name. Unless the server hosts a single domain and the server name is the same as the domain name, this name is not displayed to end users for web servers. An addition to the Transport Layer Security computer networking protocol is called Server Name Indication, which enables the client to provide the hostname it is attempting to connect to at the outset of the handshaking procedure.