Opened 9 years ago
Last modified 9 years ago
#21 new defect
SNI vhost selection fails intermittently
Reported by: | Daniel Kahn Gillmor | Owned by: | Daniel Kahn Gillmor |
---|---|---|---|
Priority: | major | Component: | code |
Version: | 5.11 | Keywords: | sni vhost test-needed mod_proxy |
Cc: |
Description
jomat reports some problems with the server at web0.jmt.gr
. it has a single IPv4 address, with several name-based vhosts. the default vhost is www.jmt.gr
. other distinct vhosts include 0.jmt.gr
and l.jmt.gr
. They use SNI to distinguish them.
Using mod_gnutls 0.5.10+lots of git revisions (close to what i'm hoping will be the 0.6 release), against gnutls 3.2.4-4 and apache 2.4.6-3, when the server starts up, everything is fine.
then, after a little while, sometimes selection via SNI starts to fail, and the default certificate is presented instead.
We haven't been able to track down what causes it yet.
It happens regardless of whether one is using openssl s_client
or refreshing a web page.
we probably need a test for this.
jomat adds: