101 · Question #489
Which Transport Layer Security (TLS) extension can be used to enable a single virtual server to serve multiple HTTPS websites in different can be used to enable a single virtual server to server domai
The correct answer is C. Server Name indication. Server Name Indication (SNI) is the TLS extension that allows a single virtual server to serve multiple HTTPS websites by transmitting the target hostname during the TLS handshake.
Question
Which Transport Layer Security (TLS) extension can be used to enable a single virtual server to serve multiple HTTPS websites in different can be used to enable a single virtual server to server domains?
Options
- ASession Tickets
- BOCSP Staping
- CServer Name indication
- DCertificate Status Request
How the community answered
(57 responses)- A2% (1)
- B7% (4)
- C88% (50)
- D4% (2)
Why each option
Server Name Indication (SNI) is the TLS extension that allows a single virtual server to serve multiple HTTPS websites by transmitting the target hostname during the TLS handshake.
Session Tickets are a TLS extension used for session resumption to reduce handshake overhead and improve performance, not for hosting multiple domains.
OCSP Stapling allows the server to attach a pre-fetched certificate revocation response to the TLS handshake, which is unrelated to multi-domain virtual server hosting.
SNI is a TLS extension defined in RFC 6066 in which the client includes the desired hostname in the ClientHello message before any certificate is exchanged. This allows a single IP address or virtual server to present different TLS certificates for different domain names, enabling multi-domain HTTPS hosting on one endpoint. Without SNI, the server cannot determine which certificate to present before the TLS handshake completes.
Certificate Status Request is the TLS extension mechanism that requests OCSP revocation status from the server, not a feature for serving multiple domains on one virtual server.
Concept tested: TLS Server Name Indication for multi-domain virtual hosting
Source: https://www.rfc-editor.org/rfc/rfc6066
Topics
Community Discussion
No community discussion yet for this question.