I would like to know about the support for the SSL/TLS Server Name Indication (SNI) extension in the Android SDK.
As far as I know, there is a partial support in Android SDK. The current situation is the following:
- Since the Gingerbread release TLS connection with the
HttpsURLConnectionAPI supports SNI. - Apache HTTP client library shipped with Android does not support SNI
- The Android web browser does not support SNI neither (since using the Apache HTTP client API)
There is an opened ticket regarding this issue in the Android bug tracker.
It is also possible to test the SNI support by making a connection to this URL: https://sni.velox.ch/
Fortunately, HttpsURLConnection supports SNI since Android 2.3. One workaround if you need to support Android 2.2 (and older) is to set up an alternative virtual host on a unique port so that it's unambiguous which server certificate to return.
Please check this link for more information. Hope this will help future users.
Just for information
Newer versions of SSL, specifically
TLSv.1.0 and later, support Server Name Indication (SNI), which allows the SSL client to specify the intended hostname to the server so the proper certificate can be returned.
来源:https://stackoverflow.com/questions/5879894/android-ssl-sni-support