Where in the TLS handshake is the Server Name Indication (SNI) value carried?

Prepare for the Wireshark Traffic Analysis Exam. Study with flashcards and multiple choice questions, each question includes hints and explanations. Ace your exam!

Multiple Choice

Where in the TLS handshake is the Server Name Indication (SNI) value carried?

Explanation:
SNI is carried by the client in the TLS handshake as a dedicated extension inside the ClientHello that specifies the host name being connected to. The server uses that server_name value, provided early in the handshake, to select the appropriate certificate before proceeding with the rest of the exchange. It isn’t placed in the ServerHello or in the Certificate messages, which carry server-selected parameters and the actual certificate after the handshake has started. This design lets a server hosting multiple domains on a single IP present the correct certificate based on the requested hostname.

SNI is carried by the client in the TLS handshake as a dedicated extension inside the ClientHello that specifies the host name being connected to. The server uses that server_name value, provided early in the handshake, to select the appropriate certificate before proceeding with the rest of the exchange. It isn’t placed in the ServerHello or in the Certificate messages, which carry server-selected parameters and the actual certificate after the handshake has started. This design lets a server hosting multiple domains on a single IP present the correct certificate based on the requested hostname.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy