git.net

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: https vhosts


On Thu, May 24, 2018 at 7:23 AM, Stefan Eissing
<stefan.eissing@xxxxxxxxxxxxx> wrote:
> Do we have a configuration option to allow https://hostname/ only to matching vhosts without any default fallback?
>
> Scenario:
> - a site with vhost A and B
> - vhost B is taken out, DNS still points there (for a while)
> - browsers opening https://B/ will get the certificate of A and complain
>
> I do not want to present a "wrong" certificate, I want the SSL connection to fail. Does that make sense?

I don't think it exists for SSL or non-SSL today -- you have to
capture them in the first-listed VH for a address/port combo.