Package: htdig Version: 1:3.2.0b6-19 Severity: important Tags: upstream Dear Maintainer,
The htdig indexer does not use SNI when making HTTPS requests. This makes it fail when trying to index HTTPS sites that share an IP address but have different virtual host names. I am seeing the following in my Apache logs when htdig tries to index my site (hostnames and IP mildly redacted): [Sun Sep 07 12:24:52.993754 2025] [ssl:error] [pid 325518:tid 325518] [client 192.168.100.6:49344] AH02032: Hostname www.example.com (default host as no SNI was provided) and hostname www2.example.org provided via HTTP have no compatible SSL setup htdig is using: Host: www2.example.org, but not using SNI, and if there's no SNI my server defaults to www.example.com Regards, Dianne. -- System Information: Debian Release: 12.12 APT prefers oldstable-security APT policy: (500, 'oldstable-security'), (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 6.16.5 (SMP w/1 CPU thread; PREEMPT) Kernel taint flags: TAINT_UNSIGNED_MODULE Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages htdig depends on: ii debconf [debconf-2.0] 1.5.82 ii libc6 2.36-9+deb12u13 ii libssl3 3.0.17-1~deb12u2 ii libstdc++6 12.2.0-14+deb12u1 ii lockfile-progs 0.1.19 ii perl 5.36.0-7+deb12u3 ii zlib1g 1:1.2.13.dfsg-1 htdig recommends no packages. Versions of packages htdig suggests: ii apache2 [httpd] 2.4.65-1~deb12u1 pn htdig-doc <none> -- Configuration Files: /etc/htdig/footer.html changed [not included] /etc/htdig/header.html changed [not included] /etc/htdig/htdig.conf changed [not included] /etc/htdig/nomatch.html changed [not included] -- debconf information excluded
