Archives
-
Scaling SSL With IIS 8 Server Name Indication (SNI)
One of the many great new features with IIS 8 on Windows Server 2012 is Server Name Indication (SNI). SNI is a TLS extension that includes the hostname or virtual domain name during SSL negotiation. The reasoning behind this was to improve SSL scalability and minimize the need for dedicated IP addresses due to IPv4 scarcity. This means that you can now host multiple SSL certificates on a web server only 1 IP address. With previous versions of IIS you were forced to bind SSL certificates with unique IP addresses and the only workaround available for hosting multiple SSL certificates with 1 IP address was to use a wild card certificate. In this walkthrough I will show how to leverage hosting multiple certificates using SNI.