On 22/7/25 14:23, Frédéric Goudal wrote:
I have had the same problem with the last version of apache on ubuntu. My configuration was a front reverse proxy nginx on an host and the apache server on another one. So in the proxy I redirected the trafic to the apache server with https://server.network But on the apache server I had a virtual host named service.network So.. when the SSL connexion is established, the SNI is sent in the SSL negoctiation with the nams server.network, but the apache server is waiting for service.netwok as it is the virtual hostname. Si it sends the error :Misdirected Request The client needs a new connection for this request as the requested host name does not match the Server Name Indication (SNI) in use for this connection."Clearly this is a new behavior and it is very problematic when you do virtual hosting. I could correct the problem by editing the nginx configuration : I add the two following lines : proxy_ssl_server_name on; proxy_ssl_name $host; which means that during SSL negotiation it the $host name (so service.network) that is sent. And apache is happy. I don’t know how to correct the problem on your situation. I have read that this behavior has been corrected in the 2.4.62 version (but I have not tested it). f.g.
Where is the problem exactly? If DNS is server.network but virtualhost is service.network there is clearly a name mismatch there. Apache httpd always replies with first virtualhost of there are no matches in the virtualhost list, so the error is correctly placed and there is nothing new there.---
Daniel Help at #httpd in Libera.chat --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|