On Tue, Jun 02, 2020 at 12:51:55PM +0300, Sergey Kandaurov wrote: Hi there,
> That means client provided TLS "server_name" extension (SNI), > then requested a different origin in the Host header. That suggests that if you choose to use "proxy_ssl_server_name on;", then you almost certainly do not want to add your own "proxy_set_header Host" value. The nginx code probably should not try to check for (and reject) that combination of directives-and-values; but might it be worth adding a note to http://nginx.org/r/proxy_ssl_server_name to say that that other directive is probably a bad idea, especially if you get a http 421 response from your upstream? Cheers, f -- Francis Daly fran...@daoine.org _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
