Starting from 8.3R1 release, PCS supports the use of Server Name Indication (SNI) SSL extension when communicating to a backend resource. SNI is typically enabled on backend servers (i.e. Atlassian Cloud login, Office 365 login page, etc) to support multiple hostnames on the same IP address without having to resort to wildcard certificates.
SNI support is enabled for
- Rewriter
- PTP
- SAML
- JSAM
- WSAM
- Pulse One
- License server
- CRL
- ActiveSync
- Syslog
- SCEP
For more information, refer to the
admin guide.
SNI is not supported until the following scenarios:
- OCSP
- LDAPS
- PushConfig
- Pulse Desktop Client connecting to load balancer, proxy or other intermediate software that required SNI (i.e CloudFlare Proxy, etc)