On the client side, you use SSL_set_tlsext_host_name(ssl, servername)before initiating the SSL connection.

在客户端，您SSL_set_tlsext_host_name(ssl, servername)在启动 SSL 连接之前使用。

On the server side, it's a little more complicated:

在服务器端，它有点复杂：

• Set up an additional SSL_CTX()for each different certificate;
• Add a servername callback to each SSL_CTX()using SSL_CTX_set_tlsext_servername_callback();
• In the callback, retrieve the client-supplied servername with SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name). Figure out the right SSL_CTXto go with that host name, then switch the SSLobject to that SSL_CTXwith SSL_set_SSL_CTX().

• SSL_CTX()为每个不同的证书设置一个附加的；
• 为每个SSL_CTX()使用添加一个 servername 回调SSL_CTX_set_tlsext_servername_callback()；
• 在回调中，使用 检索客户端提供的服务器名SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name)。找出SSL_CTX使用该主机名的权利，然后将SSL对象切换到SSL_CTX使用SSL_set_SSL_CTX().

The s_client.cand s_server.cfiles in the apps/directory of the OpenSSL source distribution implement this functionality, so they're a good resource to see how it should be done.

该s_client.c和s_server.c中的文件apps/OpenSSL的源代码发布的目录实现此功能，所以他们是一个很好的资源，看看它应该怎么做。