sni

I was looking for a way to redirect webbrowsers with SNI support from http to https AND webbrowsers without SNI support from https to http. The second case is important, for example, if the user get a https url sent by mail and opens that with an old browser. I wanted to avoid working with user-agents, because I didn't want to keep track of new browser versions and update the config files, e.g. .htaccess, accordingly. Therefore, I use javascript to detect SNI support and redirect the webbrowser. The following code checks whether the connection is SSL secured. If not SSL secured, it checks for

This question is the equivalent of this Go question in which it was trivial (albeit rather hacky) to obtain the desired behavior: I am looking for a way to modify the TLS SNI information that ultimately ends up in the TCP segments created when using the high-level web clients in .NET. The final paragraph in this answer suggests that a hack would be to do something like static void Main(string[] args) { HttpResponseMessage response; var httpRequestMessage = new HttpRequestMessage(HttpMethod.Get, "https://desiredsni.com"); httpRequestMessage.Headers.Add("Host", "example.com"); var handler = new

Based on the JSSE examples, I'm trying to get the value of the TLS parameter "Server Name Indication" (SNI) on the server side - without success. I'm sure that the value is sent by the client since I used a network sniffer (Wireshark) that shows the value. But when I use the following code fragment, the list of server name parameters is empty (while the "protocols" are shown): public void connectionAccepted(Socket socket) { System.out.println("Connection accepted!"); try { /* get SNI parameter */ SSLSocket sslSocket = (SSLSocket)socket; SSLParameters sslParams = sslSocket.getSSLParameters();