How can I configure SNI to set up shared IP SSL certificates?

Server Name Indication (SNI) is a TLS computer networking protocol extension that allows a user to indicate which hostname it is attempting to connect to at the start of the handshaking process.  

This is why the server can provide a large number of certificates, allowing multiple websites with SSL security to be linked to a single IP address and port (port 443). 

With SNI enabled, you can reduce the number of IP addresses necessary to provide encrypted pages using https, both internal and external.  

Set up SNI on DirectAdmin 

Connect via SSH to your server and access the DirectAdmin configuration file with a file editor to enable SNI: 

vi /usr/local/directadmin/conf/directadmin.conf 

In the case of a standard DirectAdmin setup, enable_ssl_sni is set to 0, to enable SNI, change the following to the configuration file: 

enable_ssl_sni=1 

Restart DirectAdmin 

To make the modifications take effect, restart the DirectAdmin service 

systemctl restart directadmin

Finally, when signed in as a user on the User Level, you will be able to produce and / or install an SSL certificate without requiring a dedicated IP address from DirectAdmin. 

 

 

Was this article helpful?
1 out of 1 found this helpful

Comments

0 comments

Article is closed for comments.

Articles in this section

See more