Menu
I would like to know about the support for the SSL/TLS Server Name Indication (SNI) extension in the Android SDK.
236
SNI (server name indication) works with TLS 1.2, but rejected by server on TLS 1.0.
Because SNI is relatively new, not all browsers support SNI. If the browser does not support SNI, it is presented with a default SSL certificate.
Server Name Indication (SNI) is not currently supported. However, there is an open request for this feature. Users can't use multiple sign-in access if TLS inspection is enabled.
As far as I know, there is a partial support in Android SDK. The current situation is the following:
HttpsURLConnection API supports SNI.There is an opened ticket regarding this issue in the Android bug tracker.
It is also possible to test the SNI support by making a connection to this URL: https://sni.velox.ch/
52
Fortunately, HttpsURLConnection supports SNI since Android 2.3. One workaround if you need to support Android 2.2 (and older) is to set up an alternative virtual host on a unique port so that it's unambiguous which server certificate to return.
Please check this link for more information. Hope this will help future users.
Just for information
Newer versions of SSL, specifically
TLSv.1.0 and later, support Server Name Indication (SNI), which allows the SSL client to specify the intended hostname to the server so the proper certificate can be returned.
33
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
