Gaming industry under DDoS attack. Get DDoS protection now. Start onboarding
Under attack? Log in
Sign up for free

Products

Solutions

Pricing

Resources

Partners

Why Gcore

Under attack?
Log in
Contact us
Contact us Sign up for free
  1. Home
  2. Blog
  3. nonSNI: A Special Feature Not Everyone Has
Network
Expert insights

nonSNI: A Special Feature Not Everyone Has

  • May 14, 2018
  • 2 min read
nonSNI: A Special Feature Not Everyone Has

In modern systems many services are frequently hosted on the same IP address. And each service must have its own security certificate. To differentiate certificates on one IP, SNI standard was invented (in addition to SSL).

What is SNI?

SNI (Server Name Identification) is an extension of the TLS protocol indicating which site a visitor tries to reach at establishing a connection.

Even prior to SSL handshake, SNI allows to specify the needed certificate. But in order to get everything working, the web browser a client is using must support SNI.

However, SNI technology is not supported by all browsers. And in such case an alert message will pop up indicating that the SSL certificate is invalid.

How to deal with systems not supporting SNI?

Old versions of server software and browsers do not support SNI (for example, Internet Explorer 6 and 7 for Windows XP or Android 2.0).

Some software is using old frameworks, and the customers don’t want to abandon it. They are definitely not going to update it, but the availability of services is critical.

In such case for those customers who are using older versions of browsers and frameworks it is possible to allocate a specific address and, provided there is no SNI, issue only a certificate that this customer’s software is expecting. But it is expensive and inconvenient to administer.

What have we offered?

If SNI is not requested, we issue *.gcdn.co as a default certificate. There remains just one requirement: client’s CNAME must be on *.gcdn.co domain. Then SNI will not be requested and it will be given a default certificate.

We call this feature nonSNI. And for some of our customers this nonSNI availability in CDN is an important advantage.

Browsers supporting SNI:

  • Internet Explorer 7 or later
  • Microsoft Edge
  • Mozilla Firefox 2.0 or later
  • Google Chrome 6 or later
  • Opera 8 or later with TLS 1.1 support enabled
  • Yandex Browser
  • Safari 2.1 or later

Mobile platforms supporting SNI:

  • iOS 4.0
  • Android 3.0 (Honeycomb)
  • Windows Phone 7
null

Gcore Team

Content Team

Table of contents

Try Gcore Network

Gcore all-in-one platform: cloud, AI, CDN, security, and other infrastructure services.

Try for free

Related articles

Four e-commerce takeaways from the Berlin Expo

E-commerce is moving fast — and the conversations at E-commerce Berlin Expo reflected just how much has changed in the last few years.Now that the event is over, here are four things I took away from speaking with key players across the ind

Gcore partners with AVEQ to elevate streaming performance monitoring

At Gcore, delivering exceptional streaming experiences to users across our global network is at the heart of what we do. We're excited to share how we're taking our CDN performance monitoring to new heights through our partnership with AVEQ

How we engineered a single pipeline for LL-HLS and LL-DASH

Viewers in sports, gaming, and interactive events expect real-time, low-latency streaming experiences. To deliver this, the industry has rallied around two powerful protocols: Low-Latency HLS (LL-HLS) and Low-Latency DASH (LL-DASH).While th

Gcore CDN updates: Dedicated IP and BYOIP now available

We’re pleased to announce two new premium features for Gcore CDN: Dedicated IP and Bring Your Own IP (BYOIP). These capabilities give customers more control over their CDN configuration, helping you meet strict security, compliance, and bra

Smart caching and predictive streaming: the next generation of content delivery

As streaming demand surges worldwide, providers face mounting pressure to deliver high-quality video without buffering, lag, or quality dips, no matter where the viewer is or what device they're using. That pressure is only growing as audie

Protecting networks at scale with AI security strategies

Network cyberattacks are no longer isolated incidents. They are a constant, relentless assault on network infrastructure, probing for vulnerabilities in routing, session handling, and authentication flows. With AI at their disposal, threat

Subscribe to our newsletter

Get the latest industry trends, exclusive insights, and Gcore updates delivered straight to your inbox.

Subscribe