TLS Server Name Indicator using the Server Name parameter

Question

TLS Server Name Indicator: 
When using a SAN Cert Must use create a separate Client SSL profiles for each name that is in the SAN certificate you want to use?  
&nbsp;
Would I then need Client_SSL_1 with Server Name =  then create Client_SSL_2 with Server Name = investor.xyz.com ?  When no name is given I know the default is Common Name?&nbsp;
For instance you have a 
Certificate 1
SAN certificate:
Common Name = 
Subject Alt = xyz.com&nbsp;
Certificate 2
SAN certificate:
Common Name = 
Subject Alt = investor.com&nbsp;
Client_SSL_base
Client_SSL_fallback Certificate 1 default checked
Client_SSL_1a Certificate 1 ServerName = 
Client_SSL_1b Certificate 1 ServerName = xyz.com
Client_SSL_2a Certificate 2 ServerName = 
Client_SSL_2b Certificate 2 ServerName = investor.com&nbsp;

stanislas_piro2 · Answer

Hi,
Default sni behavior when multiple clientssl profile is assigned to a vs is to read subject and SAN values and use these values as condition.
Don't configure Server Name field but only check default for SNI in one of profiles.

Forum Discussion

TLS Server Name Indicator using the Server Name parameter

Recent Discussions

NetScaler to F5 Migration

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

Application only need to access from 2 uris

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

AS3 Limitations

Related Content

TLS Server Name Indication

Lightboard Lessons: TLS Server Name Indication

Multiple Certs, One VIP: TLS Server Name Indication via iRules

Server Name Indication (SNI) based RDP Proxy

Brute Force protection for single parameter like OTP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS