On Sun, August 16, 2020 1:49 am, hisacro wrote: > Aug 16, 2020, 7:50 AM by tro...@kagu-tsuchi.com: > >>>On Sat, Aug 15, 2020 at 04:13:51PM -0700, hisacro wrote: >> >>> $ doas httpd -nv >>> server "sub.domain.tld": tls configuration mismatch on same >>> address/port >>> >>> instead of defining same cipher and ecdhe, uncommenting >>> "listen on 0.0.0.0 port 8080" >>> bypasses this error >>> >>> I'm unsure what causes this, can someone shed some light? >> >>It's what the error says. You're listening twice on the same ip and port >>but with different tls blocks. > > Though I have emphasized enough (even on title), re-stating > > Why does having a listen statement on <some_addres> port <rand_port> > bypasses tls misconfiguration. >
Because it's not the same IP and port anymore. You can only have one thing listening on an ip+port. Httpd allows you to configure multiple "servers" for subdomains but in reality there is one actual server listening and it has to know what parameters to use.
