Updated on 2025-07-25 GMT+08:00

SNI

Definition

Server Name Indication (SNI) is an extension to TLS. It allows clients to specify which domain name of a listener they are trying to connect in the first request. Once receiving the request, the load balancer searches for the certificate based on the domain name.

Application Scenarios

If you have an application that can be accessed through multiple domain names and each domain name uses a different certificate, you can enable SNI when you add an HTTPS listener.

After SNI is enabled, you need to configure at least one SNI certificate for the listener.

The client includes the domain name in the initial SSL handshake. Once receiving the request, the load balancer searches for the certificate based on the domain name.

If an SNI certificate is found, this certificate will be used for authentication.

If no SNI certificates are found, the server certificate is used for authentication.