Hi.
After disabling SSLv3 I've got the same problem as:
https://www.stunnel.org/pipermail/stunnel-users/2014-October/004814.html
Sadly, he never got an answer.
So I ask again, is it possible that stunnel could set the HTTP Host header to match the "connect = " setting? This way, Apache would accept that request instead of returning BAD REQUEST with AH02032.
Thanks Veit
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 19.04.2015 09:54, Veit Guna wrote:
So I ask again, is it possible that stunnel could set the HTTP Host header to match the "connect = " setting? This way, Apache would accept that request instead of returning BAD REQUEST with AH02032.
Do I guess correctly that you have configured a stunnel client ("client = yes") to connect an SSL-enabled Apache server? An accurate description of your configuration, including stunnel.conf, would really help to diagnose your issue. Also, presenting *your* solution, instead of the problem you're trying to solve, does not really help. See: http://www.chiark.greenend.org.uk/~sgtatham/bugs.html "I think the tachyon modulation must be wrongly polarised."
AH02032 suggest that you need to set your SNI to match your "Host:" header. See: https://www.stunnel.org/static/stunnel.html
Mike
-
Michal Trojnara -
Veit Guna