SNI Certificate
Scenarios
If you have an application that can be accessed through multiple domain names and each domain name uses a different certificate, you can enable Server Name Indication (SNI) when you add an HTTPS listener.
SNI, an extension to Transport Layer Security (TLS), enables a server to present multiple certificates on the same IP address and port number. SNI allows the client to indicate the domain name of the website while sending an SSL handshake request. Once receiving the request, the load balancer queries the right certificate based on the hostname or domain name and returns the certificate to the client. If no certificate is found, the load balancer will return the default certificate.
You can enable SNI only when you add HTTPS listeners. Load balancers can have multiple SNI certificates bound.
Constraints
An HTTPS listener can have up to 30 SNI certificates.
Prerequisites
- You have created an SNI certificate by performing the operations in Adding, Modifying, or Deleting a Certificate.
- You have added an HTTPS listener to the load balancer by performing the operations in Adding an HTTPS Listener.
- You need to specify a domain name for an SNI certificate. The domain name must be the same as that in the certificate.
- A domain name can be used by both an ECC certificate and an RSA certificate. If there are two SNI certificates that use the same domain name, the ECC certificate is displayed preferentially.
- If a certificate has expired, you need to manually replace or delete it by following the instructions in Adding, Modifying, or Deleting a Certificate.
Procedure
- Log in to the management console.
- In the upper left corner of the page, click and select the desired region and project.
- Hover on in the upper left corner to display Service List and choose Network > Elastic Load Balance.
- Locate the load balancer and click its name.
- Click Listeners, locate the listener, and click its name.
- On the Summary tab page, click Edit on the top right.
- Enable SNI and select an SNI certificate.
- Click OK.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot