Subtotal | $0.00 |
The previous version of TLS which we used with all our servers didn’t recognize HTTPS requests that contained a domain name. It only worked correctly only if an IP address was “asked”. Thus, it was a requirement to have a dedicated IP for each domain that used a secured connection.
Starting from the cPanel version 11.38 and higher, we are able to use SNI.
Server Name Indication (SNI) is an extension to the TLS protocol that indicates what hostname the client is attempting to connect.
This allows a server to present multiple certificates on the same IP address and port number and hence, allows multiple secure (HTTPS) websites (or any other service over TLS).
However, unfortunately, there are a few issues that might appear:
SNI is incompatible with some old versions of web browsers.*
The website will still be available via HTTPS, but a certificate mismatch error will appear.
Ways to resolve the issue: Use a different browser to access the website. Also, if the visitor agrees to use another certificate with an incompatible browser, the requested site will open up normally via HTTPS, but a different certificate will be used to establish a secured connection. On the contrary, all the visitors with incompatible browsers will see a warning message.
If you try to gain HTTPS access using a server IP address, issues might appear.
Using the IP address, the client will receive our "default" certificate which is set for each IP on the server (e.g., serverX.web-hosting.com) and reach the first site hosted on this IP, if an HTTPS request does not have the name of the site specified.
*The list of browsers that support SNI:
Need help? We're always here for you.