Desktop and Mobile Browsers with Server Name Indication (SNI) Support
Server Name Indication (SNI)
IIS 8 supports Server Name Indication (SNI). SNI is a transport layer security extension which enables you to use a virtual domain name or a hostname to identify the network endpoint. From a single IP address and port number, you can use multiple SSL certificates to secure various websites on a single domain (i.e. www.yourdomain.com, site2.yourdomain.com) or across multiple domains (i.e. www.domain1.com, www.domain2.com).
For more information about installing multiple certificates using SNI, see How to install and configure your SSL Certificate on Windows Server 2012 - IIS 8 and Windows Server 2012 R2 - IIS 8.5 (Multiple Certificates Using SNI).
Browser Support
Because SNI is relatively new, not all browsers support SNI. If the browser does not support SNI, it is presented with a default SSL certificate. The default certificate may cause the browser to present certificate warnings unless you have installed a wildcard certificate on that server that happens to match the name of the website.
Before you use SNI to install multiple certificates, we recommend that you review the lists of desktop and mobile browsers with SNI support below and verify that SNI meets your SSL websites¡¯ requirements.
Desktop Browsers
-
Internet Explorer 7 and later on Windows Vista and later
Internet Explorer (any version) on Windows XP does not support SNI - Mozilla Firefox 2.0 and later
-
Opera 8.0 (2005) and later
TLS 1.1 protocol must be enabled - Google Chrome:
Supported on Windows Vista and later
Supported on Windows XP on Chrome 6 and later
Supported on OS X 10.5.7 on Chrome v5.0.342.1 and later - Safari 2.1 and later
Supported on OS X 10.5.6 and later
Supported on Windows Vista and later
Mobile Browsers
- Mobile Safari for iOS 4. and later
- Android default browser on Honeycomb (v3.x) and later
- Windows Phone 7