On 3/30/23 16:35, giova...@paclan.it wrote:
On 2/7/23 12:25, giova...@paclan.it wrote:
On 1/23/23 17:12, Bambero wrote:
Hi,
This is strange problem probably LibreSSL related.
After upgrade OpenBSD to 7.2 windows clients using google chrome browser have
problems to connect to apache server.
Some requests are served correct, but periodically browser shows
NET::CERT_COMMON_NAME_INVALID and in server logs we can see:
AH02645: Server name not provided via TLS extension (using default/first
virtual host), default
There was no problem under 7.1.
The problem occurs only when using google chrome browser (not chromium) under
windows.
I compiled under 7.2 version of apache from 7.1 and from current - didn't help.
OpenBSD builtin server works correct.
Problem also submitted here:
https://bugs.chromium.org/p/chromium/issues/detail?id=1409224
Google analysis pointed to the fact that they recently enabled "Permute TLS
extensions" by default in Chrome, is this something we need to implement in LibreSSL
?
Regards
Giovanni
With latest Chrome version (111.0.5563) I cannot trigger this issue anymore, I
think they have changed their TLS code.
Giovanni
actually every now and then it still happens unfortunately.
Giovanni