Java support for specifying a server name (SNI) as a server?

Question

Java support for specifying a server name (SNI) as a server?

Java 7 brings SNI client support . Are there any known open source SNI server role implementations? Java provides transparent support for TLS connections (including handshakes), but I need to separate the handshake process so that I can send the certificate back based on the SNI hostname extension.

After you didn't find the online documentation, I looked at the OpenJDK source code, but there seems to be no point where I can track the ClientHello message before Java sends the ServerHello message.

+5

java sni

Lekensteyn Feb 26 '13 at 22:12

source share

3 answers

Marcos zolnowski · Answer 1 · 2013-07-12T03:18:10+0000

I did a quick hack some time ago: https://bitbucket.org/zmarcos/sniserversocket

If you follow the instructions: https://bitbucket.org/zmarcos/sniserversocket/wiki/Home

It will even work on Java EE servers such as Glassfish.

user314104 · Answer 2 · 2013-07-12T01:08:42+0000

I do not know the famous open source implementation for Java 7, but SNI server support is included in Java 8 . If you bring this back to Java 7, I would love to know.

Mariano barrios · Answer 3 · 2017-07-22T14:23:14+0000

: TLS Channel. : SSLEngine ( ), ByteChannel.

Regarding SNI, the library parses the first bytes before creating SSLEngine. Then, the user can provide a function to the server channel to select SSLContexts depending on the received domain name.

Java support for specifying a server name (SNI) as a server?

More articles: