Index: lib/loadhosts.c
===================================================================
--- lib/loadhosts.c	(revision 7340)
+++ lib/loadhosts.c	(working copy)
@@ -168,6 +168,8 @@
 	xmh_item_name[XMH_FLAG_PULLDATA]       = "XMH_FLAG_PULLDATA";
 	xmh_item_key[XMH_FLAG_MULTIHOMED]      = "MULTIHOMED";
 	xmh_item_name[XMH_FLAG_MULTIHOMED]     = "XMH_MULTIHOMED";
+	xmh_item_key[XMH_FLAG_NOSNI]           = "nosni";		// Disable SNI (Server name Indication) for TLS requests
+	xmh_item_name[XMH_FLAG_NOSNI]          = "XMH_FLAG_NOSNI";
 	xmh_item_key[XMH_LDAPLOGIN]            = "ldaplogin=";
 	xmh_item_name[XMH_LDAPLOGIN]           = "XMH_LDAPLOGIN";
 	xmh_item_key[XMH_CLASS]                = "CLASS:";
Index: lib/loadhosts.h
===================================================================
--- lib/loadhosts.h	(revision 7340)
+++ lib/loadhosts.h	(working copy)
@@ -54,6 +54,7 @@
 	XMH_FLAG_HIDEHTTP,
 	XMH_FLAG_PULLDATA,
 	XMH_FLAG_MULTIHOMED,
+	XMH_FLAG_NOSNI,
 	XMH_LDAPLOGIN,
 	XMH_IP,
 	XMH_HOSTNAME,
Index: xymonnet/httptest.c
===================================================================
--- xymonnet/httptest.c	(revision 7340)
+++ xymonnet/httptest.c	(working copy)
@@ -341,6 +341,7 @@
 	int firstcookie = 1;
 	char *decodedurl;
 	strbuffer_t *httprequest = newstrbuffer(0);
+	void *hinfo = NULL;
 
 	/* Allocate the private data and initialize it */
 	httptest = (http_data_t *) calloc(1, sizeof(http_data_t));
@@ -352,6 +353,9 @@
 		return;
 	}
 
+	hinfo = hostinfo(t->host->hostname);
+
+
 	httptest->url = strdup(decodedurl);
 	httptest->contlen = -1;
 	httptest->parsestatus = (httptest->weburl.proxyurl ? httptest->weburl.proxyurl->parseerror : httptest->weburl.desturl->parseerror);
@@ -579,10 +583,8 @@
 	}
 	{
 		char useragent[100];
-		void *hinfo;
 		char *browser = NULL;
 
-		hinfo = hostinfo(t->host->hostname);
 		if (hinfo) browser = xmh_item(hinfo, XMH_BROWSER);
 
 		if (browser) {
@@ -683,6 +685,7 @@
 						 httptest, tcp_http_data_callback, tcp_http_final_callback);
 	}
 
-	httptest->tcptest->sni = httptest->weburl.desturl->host;
+	if (!hinfo || (xmh_item(hinfo, XMH_FLAG_NOSNI) == NULL))
+		httptest->tcptest->sni = httptest->weburl.desturl->host;
 }
 
Index: common/hosts.cfg.5
===================================================================
--- common/hosts.cfg.5	(revision 7340)
+++ common/hosts.cfg.5	(working copy)
@@ -593,6 +593,23 @@
 test will go red. E.g. to check that your server only uses
 strong encryption (128 bits or better), use "sslbits=128".
 
+.IP nosni
+Disables use of SNI (Server Name Indication) for SSL tests.
+
+By default, xymonnet requests the OpenSSL library to enable SNI 
+"Server Name Indication" when performing the SSL handshake. This
+is typically used when setting up several webservers on the same
+IP-address and portnumber, but with different certificates - e.g.
+for virtual hosting with https sites.
+
+Support for this was added in Xymon 4.3.13.
+
+However, some older SSL implementations cannot handle this type
+of request, and Xymon will fail to perform an SSL handshake - so it
+reports the site as 'down' when it really is not. If you run into
+problems with https-sites, you can try disabling SNI by adding the 
+"nosni" flag to the host definition in hosts.cfg.
+
 .IP DOWNTIME=day:starttime:endtime[,day:starttime:endtime]
 .IP DOWNTIME=columns:day:starttime:endtime:cause[,columns:day:starttime:endtime:cause]
 This tag can be used to ignore failed checks during