SNI
TLS Server Name Indication extension, routing for multi-tenant EDI hosts.
Definition
SNI adds a server_name extension to the ClientHello carrying the requested DNS hostname. The server uses it to select which X.509 certificate and TLS configuration to present when several AS2/AS4/REST endpoints share one IP address. SNI travels in cleartext (before the handshake is encrypted) and must match exactly the CN/SAN of the certificate the partner expects.
Origin
Defined in RFC 6066 (IETF, 2011), "TLS Extensions: Extension Definitions", which carries forward the server_name extension first introduced by RFC 3546 (2003).
Example in context
An EDI partner whose AS2 endpoint is multi-tenant sees the handshake fail if its client omits the SNI <server_name>edi.partner.com</server_name>: the server then returns a default certificate with the wrong CN.