| setsslprofile_snienable |
Use this method to set state of the Server Name Indication (SNI) feature on the virtual server and service-based offload. SNI helps to enable SSL encryption on multiple domains on a single virtual server or service if the domains are controlled by the same organization and share the same second-level domain name. For example, *.sports.net can be used to secure domains such as login.sports.net and help.sports.net. |
Syntax |
Parameters |
name |
Name for the SSL profile. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the profile is created. This is mandatory parameter. |
snienable |
State of the Server Name Indication (SNI) feature on the virtual server and service-based offload. SNI helps to enable SSL encryption on multiple domains on a single virtual server or service if the domains are controlled by the same organization and share the same second-level domain name. For example, *.sports.net can be used to secure domains such as login.sports.net and help.sports.net. Default value = DISABLED. Possible Values : ENABLED, DISABLED. |
allowunknownsni |
Controls how the handshake is handled when the server name extension does not match any of the bound certificates. These checks are performed only if the session is SNI enabled (i.e. when profile bound to vserver has SNIEnable and Client Hello arrived with SNI extension). Available settings function as follows :
ENABLED - handshakes with an unknown SNI are allowed to continue, if a default cert is bound.
DISLABED - handshakes with an unknown SNI are not allowed to continue. Default value = DISABLED. Possible Values : ENABLED, DISABLED. |
Return Value |
Returns simpleResult |
See Also |