On Wed, Jul 26, 2017 at 01:04:05PM -0700, Kevin McArthur wrote: > Here: > > In the first example, a valid host, valid sni. Second is valid sni broken > host. Third is totally made up sni with broken host. Fourth is a valid Host > with a made up sni. The apache vhosts have separate log files. The > ssltest.example.ca sni with ssltest-broken.example.ca properly logs to the > ssltest log. The valid host ssltest.example.ca made-up-sni, logs to the app2 > vhost (default) logfile. So pretty sure the Host header is being totally > ignored here.
That's very strange. However the test captures only show what is negociated at the cert level. What matters is what is done at the HTTP layer. But as long as you're happy with your setup... :-) Willy
