> Hi Lukas, > > frontend cluster:443 > bind 1.2.3.4:443 ssl strict-sni crt /home/provisionning/0.pem crt > /home/provisionning/cluster.d > default_backend cluster > capture request header Host len 255
Can you confirm there is no SSL intercepting device in front of the webserver, like hardware firewalls/UTM and whatnot? Could you try with just a single certificate (single crt config pointing to a single certificate file, not a directory)? Can you make the openssl tests from the server, connecting locally without any intermediate devices? Thanks, Lukas