Can server_hostname in python wrap_socket holds IPv4 string value?

Question

I understand that server_hostname parameter in the wrap_socket function in the ssl.SSLContext() object as in the example below can be used to identify a hostname when a single server hosts several host names. Can the server_hostname be used or does it make sense to use the server_hostname parameter with a value that is not a string of a hostname but a string for an IPv4 address?

1) Is there is any use, or advantage that makes my connection more accurate (for the specified IP)?

2) Can a server hosts many virtual IPs such that specifying an IPv4 address in the server_hostname adds value?

This example from python websites

import socket, ssl

context = ssl.SSLContext()
context.verify_mode = ssl.CERT_REQUIRED
context.check_hostname = True
context.load_default_certs()

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
ssl_sock = context.wrap_socket(s, server_hostname='www.verisign.com')
ssl_sock.connect(('www.verisign.com', 443))

Answer 1

server_hostname is used to enable SNI "Server Name Indication", so it needs to be an hostname and can not be an IP address.

This is exactly in order to be able to provide TLS service for multiple hostnames (think websites) all running on the same server and hence IP address. TLS handshake (and hence certificates exchanges) happens before any kind of data level exchanges, where an hostname could give an hint (like the host header in HTTP), hence we need SNI in TLS to convey that information.

And all good behaving clients should provide this information during TLS handshake, otherwise they risk hitting the wrong service or getting back the wrong certificates.