httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lam, Eugene" <>
Subject Re: SSLProxyCheckPeerCN / ProxyPreserveHost issue
Date Sat, 09 Mar 2013 01:27:37 GMT
Hi folks,

I came across an old issue that was discussed previously under "SSLProxyCheckPeerCN / ProxyPreserveHost

However, I think I have found a legitimate use-case where I do want Apache to behave in the
old way.  I've detailed the use case in this new bugzilla issue:

Assuming that the new behavior since 2.4.3 will be the default going forward, I'm proposing
a new directive [1] which would allow Apache in reverse proxy to use the connection hostname
for SNI and SSLProxyCheckPeerCN instead of the Host: header.  This directive will be added
when ProxyPreserveHost is on.

I'm curious what your thoughts are on the use case and this proposed directive.


[1] (I forgot to add a text extension,
so please save it before opening)

View raw message