What is SNI and when do I need it?

SNI stands for Server Name Indication. SNI is an additional protocol to the SSL/TLS protocol that was developed as a solution to the problem of the diminishing supply of IPv4 addresses. By including the hostname with which the client wishes to set up a connection during the handshake process, a server can host multiple HTTPS-protected websites, each with their own SSL certificate, on the same IP address and TCP port number.

In order to use the SNI protocol, the SSL/TLS library must support SNI. The SNI protocol has been supported by the OpenSSL library since 2004, but since this library can be used on both a browser- and OS- level, some browsers have decided to not support SNI on every OS. This is mostly older software.

The following browsers or browser/OS combinations do not support SNI:

Internet Explorer (all versions) on Windows XP
Safari on Windows XP
BlackBerry Browser
Windows Mobile versions 6.5 and older
Android Browser on Android 2.X
The IBM HTTP server also does not offer support for SNI.