Support for SNI Extension in TLS Handshakes to Pool Servers


This article explains the support for SNI extension in TLS handshakes to pool servers.

SNI Extension in TLS Handshakes to Pool Servers

The TLS SNI is supported for connections to pool servers.

Referring to the screenshot, if you select SSL to Backend Servers checkbox, a set of fields such as the TLS SNI option, which is ON by default, will appear. Checking it enables TLS SNI for connections to servers. The SNI extension is sent as part of the handshake. Optionally, one may furnish a fully qualified DNS hostname to be used in the TLS SNI extension in server connections. If you do not specify any value, Avi Vantage will use the pool name (value of the incoming request’s Host Header) instead.

Screen Shot 2016-07-19 at 1.26.42 PM