On Thu, May 24, 2018 at 1:57 PM, Stefan Eissing
<stefan.eiss...@greenbytes.de> wrote:
>
>> Am 24.05.2018 um 13:51 schrieb Yann Ylavic <ylavic....@gmail.com>:
>>
>> That'd work (and looks better than Stefan's SNI oriented proposal),
>> but I wish we had something working for non-SSL vhosts too,
>> UseDefaultVHost OFF|ON?
>
> Could work also, if this means that SSL connections with SNI are then
> aborted right away.

Yes, I think that mod_ssl could handle the OFF case earlier, depending
on SNI vs vhost's ServerName/Alias.

> As explained, I do want such hosts to simply not
> work with https:, and avoid a "not secure" warning first.

Yes SSL is special, the "plain" case is worth it too IMHO (checked
elsewhere, but still based on the same directive).

Reply via email to