Last week Google made an announcement about its use of SSL/TLS with advice to customers on how to ensure the can continue to connect to Google’s services.Duck wrote an excellent overview of the big change – the switch to 2048-bit certificates – but a less prominent aspect of the announcement should also be a concern to IT administrators, particularly those managing the 33% of desktops that are still running Windows XP*.The key information appeared towards the end of the announcement: SNI is an extension to the SSL/TLS protocol that allows a browser to specify explicitly the name of the website it’s trying to connect to.It allows a single web server to host multiple HTTPS web sites.04/14/2010 - Added note to step 1, explaining network adapter change.
It would need to select the right certificate to return so that the browser sees the name it expects.
The workaround is to manually create the network profile, setting it to use WPA2-Enterprise, then use the command line to fix the profile.
Note: There have been reports of Android devices corrupting network profiles; when this happens, the device keeps trying and failing to connect to FVCCNET.
This practice, known as virtual hosting, is already widely used for hosting regular, non-secure websites.
When your browser connects to an HTTPS site, the very first thing the server does is send a copy of its certificate so your browser can validate its identity.