Directadmin - Server Name Indication (SNI)

Server Name Indication is an extension of SSL and TLS which indicates which host name the client wishes to establish a connection with at the start of the handshaking process. This enables the server to present several certificates and as a consequence, it becomes possible to connect several websites with SSL security to a single IP-address and port (port 443). Using SNI eliminates the use of separate IP-addresses for each website secured with SSL on a web server.

DirectAdmin has support for SNI since version 1.36.1, but only when using compatible version of OpenSSL and Apache that also support SNI

Add the following line to your configuration file /usr/local/directadmin/conf/directadmin.conf, or modify the existing line

The default setting is:

enable_ssl_sni=0

When there are multiple certificates installed on one IP address to be used, change the setting to:

enable_ssl_sni=1

Turning on SNI disables the check whether the user has a dedicated IP address when certificates are being added. Even if a user has more than one IP address in the file user_ip.list, checking for the root domain using SSL is turned off too. This because a user could own more than one IP address. It wouldn't be usefull to force SSL for the maindomain,when this is the only domain under this useraccount.

Link to related document Apache:
NameBasedSSLVHostsWithSNI