We have multiple sites exposed on the same IP and port over TLS, with clients using SNI to indicate which site (which host) they are intending to connect to. When testing APIs with SoapUI the TLS connection always fails with an EOFException / "javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake" immediately after the TLS ClientHello has been sent.
The reason seems to be that the ClientHello does not include the SNI server_name extension, so the negotiation fails because the server does not know the intended host. The problem with SoapUI is that although Java has supported SNI since v7 (2011) it can only be set programatically:
SNIHostName serverName = new SNIHostName("www.example.com"); List<SNIServerName> serverNames = new ArrayList<>(1); serverNames.add(serverName); sslParameters.setServerNames(serverNames);
Is there any workaround for configuring SNI in SoapUI (e.g. a system property that forces the server_name)? If not, please can you consider adding support for SNI server_name extension either in the global SSL preferences or the project security settings? Thanks.