I have put up a PR, 7188, which changes proxy.config.ssl.client.sni_policy to allow setting the outbound SNI literally. This is of marginal at best utility in "records.config" but is very useful for plugins such as Transaction Box or conf_remap - these would now be able to explicitly set the outbound SNI, rather than only indirectly influencing it via the request URL or Host field.
Internally this comes up because of a layer of upstream ATS instances that are used for routing. To route correctly the Host field must be set, but currently doing so causes the SNI to also be set to that value which breaks certificate verification. The host can't be set in the request URL because ATS *agressively* strips the host, which is something else I would like to fix in the future. Setting the SNI to the pre-remap host via this mechanism makes it easy to fix.
