6456 - Does the Traffic Manager Health monitor support sending the Server Name Indication (SNI)?

This article provides information if Traffic Manager health monitor support is able to send SNI to the backend web server.

In the process of configuring SSL passthrough on the Traffic Manager, there is a requirement for the Service Name Indicator (SNI) to be sent to the backend web server to allow the client to present which host name it is attempting to connect via TLS.

The SteelApp Traffic Manger version 10.0+ supports configuring an HTTPS health monitor that will send an SNI TLS extension to the back-end server.

For this HTTPS monitor to work properly, the Pool SSL configuration option 'ssl_server_name' must be enabled.

After creating the HTTPS monitor to attach to the Pool, you need to enable the Pool SSL configuration option by following these steps:

1. Set the VS directing to this pool to: Discard
2. Navigate to Services > Pools > Pool_Name > Edit > SSL > Server Authentication: ssl_server_name: yes
3. Click Update

Note: SNI is only sent to the pool nodes when using the hostname rather than the IP address. For example, if the node in the pool is mywebnode.steelapp.local:443, then SNI will be sent. However, if the node is 192.1.2.3:443, then SNI will not be sent.