IBM Support

SNI supports non-critical SNI requests



The IWS client supports non-critical Server Name Indication (SNI) requests.


You are in: IBM i Technology Updates > Welcome to IBM Integrated Web Services for i Technology Updates >  SNI supports non-critical SNI requests

What is it?

Server Name Indication is an extension to the SSL and TLS protocols that indicates what host name the client is attempting to connect to at the start of the handshaking process. This allows a server to present multiple certificates on the same IP address and port number and hence allows multiple secure (HTTPS) websites to be served off the same IP address without requiring all those sites to use the same certificate.
The IWS client library now supports non-critical SNI requests.  This can be done when using the transport APIs by setting the AXISC_PROPERTY_HTTP_SSL_SNI_CRITICAL property to a value of "false" before issuing the call to set the AXISC_PROPERTY_HTTP_SSL property:
critical = 'false' + X'00';                                    
rc = axiscTransportSetProperty(tHandle:AXISC_PROPERTY_HTTP_SSL_SNI_CRITICAL:%addr(critical));       
rc = axiscTransportSetProperty(t, AXISC_PROPERTY_HTTP_SSL_SNI_CRITICAL, "false");

Why use it?

To give users the option to specify SNI and still have the connection established if the server does not understand or support SNI.


The support is enabled in the following PTFs:

V7R2M0 SI76933, SI76961
V7R3M0 SI76932, SI76960
V7R4M0 SI76931, SI76959

[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"HW1A1","label":"IBM Power Systems"},"Component":"","Platform":[{"code":"PF012","label":"IBM i"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]

Document Information

Modified date:
06 September 2021