Reputation: 30901
Disable SNI in a modern browser
Is there a way to temporarily disable SNI in a modern browser?
E.g. to test a website availability for older clients. (Should one worry about them since POODLE?)
Upvotes: 6
Views: 3347
Answers (1)
Reputation:
Probably the best way to test availability for older clients is to actually try out older clients. Microsoft provides VM images for browser compatibility testing at https://www.modern.ie/, which probably covers most of the desktop-based legacy clients, at least.
Another great resource for testing web site SSL/TLS compatibility in general is the Qualys SSL Server Test, which tries all the protocols and gives a simulation of what cipher suites browsers will be negotiating, as well as other useful information.
I'm not aware of any specific modern browser setting for disabling SNI specifically. Probably it'd open up a whole bunch of code paths that would need testing for not really any benefit, and support for it is probably deep within whatever library the browser is using for SSL/TLS support.
Upvotes: 4
Related Questions
- How to simulate non-SNI browsers (without SNI support)?
- Java TLS: Disable SNI on client handshake
- Any workaround to run SNI supported sites on windows xp and IE8
- Is SNI actually used and supported in browsers?
- Redirecting non-SNI browsers to HTTP-only warning page in nginx
- Browser, s_client without SNI and expired certificate
- Force SSL and handle browsers without SNI support
- .NET SNI support
- IE on XP does not support SNI to permit multiple certificates for single server
- Detecting browser's SNI support