Desktop and Mobile Browsers with Server Name Indication (SNI) Support

Server Name Indication (SNI)

IIS 8 supports Server Name Indication (SNI). SNI is a transport layer security extension which enables you to use a virtual domain name or a hostname to identify the network endpoint. From a single IP address and port number, you can use multiple SSL certificates to secure various websites on a single domain (i.e. www.yourdomain.com, site2.yourdomain.com) or across multiple domains (i.e. www.domain1.com, www.domain2.com).

For more information about installing multiple certificates using SNI, see How to install and configure your SSL Certificate on Windows Server 2012 - IIS 8 and Windows Server 2012 R2 - IIS 8.5 (Multiple Certificates Using SNI).

Browser Support

Because SNI is relatively new, not all browsers support SNI. If the browser does not support SNI, it is presented with a default SSL certificate. The default certificate may cause the browser to present certificate warnings unless you have installed a wildcard certificate on that server that happens to match the name of the website.

Before you use SNI to install multiple certificates, we recommend that you review the lists of desktop and mobile browsers with SNI support below and verify that SNI meets your SSL websites’ requirements.

Desktop Browsers

  • Internet Explorer 7 and later on Windows Vista and later
    Internet Explorer (any version) on Windows XP does not support SNI
  • Mozilla Firefox 2.0 and later
  • Opera 8.0 (2005) and later
    TLS 1.1 protocol must be enabled
  • Google Chrome:
    Supported on Windows Vista and later
    Supported on Windows XP on Chrome 6 and later
    Supported on OS X 10.5.7 on Chrome v5.0.342.1 and later
  • Safari 2.1 and later
    Supported on OS X 10.5.6 and later
    Supported on Windows Vista and later

Mobile Browsers

  • Mobile Safari for iOS 4. and later
  • Android default browser on Honeycomb (v3.x) and later
  • Windows Phone 7