https://bz.apache.org/bugzilla/show_bug.cgi?id=63925
--- Comment #5 from Yann Ylavic <[email protected]> --- So I suppose your backend has a configuration like this: <VirtualHost *:8443> ServerName server1 SSLCertificateFile /path/to/server2.pem ... </VirtualHost> and thus its certificate's CN ("server2") does not match its ServerName ("server1")? My point is that if you want the proxy to validate the backend's CN, ServerName and SSLCertificateFile need to be consistent on the backend (usually with ProxyPreserveHost the same certificate is used on the proxy and the backend). Otherwise, the proxy cannot accept that the returned certificate does not match the Host header _it_ requested. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
