Java support for Server Name Indication (SNI) in server role?

Question

Java 7 brings client support for SNI. Are there known open-source implementations of the SNI server role? Java provides "transparant support" TLS connections (including the handshake), but I need to decouple the handshake process so I can send a certificate back based on the SNI host_name extension.

After failing to find online documentation, I looked in the OpenJDK source code, but there does not seem to be a point where I can monitor the ClientHello message before Java sends the ServerHello message.

Answer 1

I made a quick hack some time ago: https://bitbucket.org/zmarcos/sniserversocket

If you follow the instructions: https://bitbucket.org/zmarcos/sniserversocket/wiki/Home

It will work even on Java EE servers, like Glassfish.

Answer 2

I don't know of a known open-source implementation for for Java 7, but server SNI support is coming in Java 8. If you back-port this to Java 7, I'd love to know.