java.lang.IllegalArgumentException: Duplicated server name of type 0

Question

I am trying a client side SNI implementation where I see that I can pass multiple host names(producing same cert) to the SSLParameters , snippet below.

SSLSocketFactory factory =(SSLSocketFactory)SSLSocketFactory.getDefault();
SSLSocket socket =(SSLSocket)factory.createSocket("www.verisign.com", 443);     
SNIHostName serverName1 = new SNIHostName("www.verisign.co.in");
SNIHostName serverName2 = new SNIHostName("www.verisign.co.uk");
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName1);
serverNames.add(serverName2);
SSLParameters params = socket.getSSLParameters();
params.setServerNames(serverNames);
socket.setSSLParameters(params);

but before making the SSL handshake I receive the below exception.

java.lang.IllegalArgumentException: Duplicated server name of type 0
at java.base/javax.net.ssl.SSLParameters.setServerNames(SSLParameters.java:343)
at SSLSocketClient.main(SSLSocketClient.java:69)

Inspecting in eclipse shows that the type is host_name (0) for both the SNI host names. [type=host_name (0), value=www.verisign.co.in, type=host_name (0), value=www.verisign.co.uk]

If it doesn't allow multiple host names then why could there be a provision to pass a List of serverNames.

Answer 1

It appears that the standard once supported multiple host names, but the support was dropped.

According to the RFC for SNI (https://datatracker.ietf.org/doc/html/rfc6066)

The ServerNameList MUST NOT contain more than one name of the same name_type.

...

Note: Earlier versions of this specification permitted multiple names of the same name_type. In practice, current client implementations only send one name, and the client cannot necessarily find out which name the server selected. Multiple names of the same name_type are therefore now prohibited.

One might be tempted to try adding additional names with different name_types. However, it appears that the only name_type that has ever been defined is "host_name", which is 0.