[Bug 55782] ProxyPass'ing to HTTPS server via proxypass creates SNI failure

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
Report Content as Inappropriate

[Bug 55782] ProxyPass'ing to HTTPS server via proxypass creates SNI failure

Bugzilla from bugzilla@apache.org

Gilsberty Boscolo <[hidden email]> changed:

           What    |Removed                     |Added
            Version|2.2.25                      |2.4.6
             Status|RESOLVED                    |REOPENED
         Resolution|FIXED                       |---

--- Comment #17 from Gilsberty Boscolo <[hidden email]> ---
This issue or something really similar to it is happening with Apache 2.4.6 on
CentOS 7.

The scenario is about the same: one apache reverse proxy accepting https and
proxying it to an apache application using https as well.

When the application server has a heavy load as a result from the below "ab"
command the client trying to access an url different from the one being
heavilly used gets 400 bad request and the server logs an AH02032 error.

command -> ab -n 10000 -c 100 https://site1.com

client -> https://site2.com

error logged -> AH02032: Hostname site1.com provided via SNI and hostname
site2.com provided via HTTP are different

Without forcing the server with the heavy load the problem happens less offen
and with the heavy load it happens in 100% of the tests.

The workaround using SSLv3 between proxy <-> application is working fine so the
problem happens with TLSv1.x!

I'm happy to provide any additional information that may be needed.

You are receiving this mail because:
You are the assignee for the bug.
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]