ssl_get_servername return null

Explanation of ssl_get_servername return null

The ssl_get_servername function is used to retrieve the server name from the SSL/TLS handshake. If this function returns null, it indicates that the server name could not be retrieved for some reason. Here's an explanation of each step involved in this process:

1. SSL/TLS Handshake: During the SSL/TLS handshake, the client sends the server name in the "Server Name Indication" (SNI) extension of the ClientHello message. The server uses this information to select the appropriate certificate for the connection.

2. Server Configuration: The server must be configured to support the SNI extension. This typically involves setting up the server to handle incoming connections based on the server name provided in the SNI extension.

3. Certificate Matching: Once the server name is received, the server needs to match it with the available certificates to establish a secure connection. If the server name cannot be matched with any of the available certificates, the ssl_get_servername function may return null.

4. Error Handling: If there are any errors in the SSL/TLS handshake process, such as failure to retrieve the server name or match it with a certificate, the ssl_get_servername function may return null to indicate the failure.

In summary, the ssl_get_servername function returns null when there are issues with retrieving the server name from the SSL/TLS handshake, configuring the server to handle SNI, matching the server name with available certificates, or encountering errors during the handshake process.

[1]