Today I had the second user which got "400 Bad Request" when using mod_h2 with a wildcard certificate. So, I was thinking how to possibly fix the code in mod_ssl.
The mostly harmless approach is the addition of a configuration directive that admins may use to explicitly allow multiple host requests on a SNI connection. Which would mean that both the config of the SNI host and the config of the request host have "SSLSNIVHostMatch off". The case where no Host header is provided or no SNI is used I propose to leave unaffected, e.g. continue to fail. Any thoughts? //Stefan <green/>bytes GmbH Hafenweg 16, 48155 Münster, Germany Phone: +49 251 2807760. Amtsgericht Münster: HRB5782
