Using SNI ( server name indicator ) for a virtual-server in a host web environment that requires TLS connections , is not un-heard feature.
The combined use of layer7 host header and SNI allows for one single address to host dozens or hundred of websites. To learn more about SNI review here.
A quick means for testing support for SNI support or no-SNI , is to use the common GNUtls utility gnutls-cli without or with the --disable-extensions option.
Check out a Virtual-Server that was enabled for support in the client-side-ssl profile;
In this case my way port wifi provider intercepted my request for www.wwt.com, here's a direct request to the same size without and with SNI in the initial client-ssl hello.
If you happen to initiate a ssl-session with the SNI extension disable the end-node does not support SNI & the clientssl profile defined for the default SNI is incorrectly set for "required", you will get a ssl fatal error.
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
=( @ @ )=