Link between BYOIP and SSL for non-SNI (#18801)

cicku · web-flow · commit 7b8e7acc21a4 · 2024-12-19T11:27:50.000Z
* Mention BYOIP in non-SNI support

* Also update BYOIP page

* Fix format
diff --git a/src/content/docs/byoip/troubleshooting.mdx b/src/content/docs/byoip/troubleshooting.mdx
@@ -22,4 +22,10 @@ If you are experiencing packet loss as a result of an upstream ISP implementing
 
 ## Non-SNI support
 
+:::caution
+
 Currently, BYOIP cannot be used with [legacy custom certificates](/ssl/edge-certificates/custom-certificates/uploading/) to support <GlossaryTooltip term="Server Name Indication (SNI)" link="/ssl/reference/browser-compatibility/#non-sni-support">non-SNI</GlossaryTooltip> requests.
+
+:::
+
+An Address map can set the default SNI to enable non-SNI support, the default SNI can be any valid zone or subdomain owned by the account holding the BYOIP prefix. Refer to [Update Address Map API](/api/resources/addressing/subresources/address_maps/methods/edit/) for more information.
diff --git a/src/content/docs/ssl/reference/browser-compatibility.mdx b/src/content/docs/ssl/reference/browser-compatibility.mdx
@@ -25,14 +25,14 @@ Refer to [Certificate authorities](/ssl/reference/certificate-authorities/) for
 
 ## Non-SNI support
 
-Although [SNI extensions](https://www.cloudflare.com/learning/ssl/what-is-sni/) to the TLS protocol were standardized in 2003, some browsers and operating systems only implemented this extension when TLS 1.1 was released in 2006 (or 2011 for mobile browsers).
-
-If your visitors use devices that have not been updated since 2011, they may not have SNI support.
+Although [SNI extensions](https://www.cloudflare.com/learning/ssl/what-is-sni/) to the TLS protocol were standardized in 2003, some browsers and operating systems only implemented this extension when TLS 1.1 was released in 2006 (or 2011 for mobile browsers). If your visitors use devices that have not been updated since 2011, they may not have SNI support.
 
 To support non-SNI requests, you can:
 
 * [Upload a custom certificate](/ssl/edge-certificates/custom-certificates/uploading/#upload-a-custom-certificate) and specify a value of `Legacy` for its client support.
 
   Note that `Legacy` custom certificates are not compatible with [BYOIP](/byoip/) and that, unlike [Universal SSL](/ssl/edge-certificates/universal-ssl/) or [advanced certificates](/ssl/edge-certificates/advanced-certificate-manager/), Cloudflare does not manage issuance and renewal for [custom certificates](/ssl/edge-certificates/custom-certificates/).
 
+* (BYOIP customers only) Enterprise customers can choose to bring your own IP prefix to Cloudflare Network and [specify the default SNI used for any handshake in the address map](/byoip/troubleshooting/#non-sni-support).
+
 * (Paid plans only) [Contact Cloudflare Support](/support/contacting-cloudflare-support/) and request a set of dedicated IPs for your zone.
