Changes between Version 1 and Version 2 of Ticket #848, comment 7


Ignore:
Timestamp:
04/27/16 12:19:08 (5 years ago)
Author:
hostmaster.myevo.net@…

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #848, comment 7

    v1 v2  
    33If someone has a valid certificate and then changes subdomain to access a different project, authentication is required again and everything works fine.
    44If someone hasn't any valid certificate, he can access the first subdomain without problems, but if he changes subdomain, he gets a 400 error (client attempted to request the server name different from that one was negotiated while reading client request headers).
    5 I think that the server should simply authenticate again if subdomain changes in order to solve this.
     5
     6''I think that the server should simply authenticate again if subdomain changes in order to solve this.''
     7Edit: I think that the server should simply accept connections for different subdomains if the server certificate is valid for both subdomains, since this is what it does when ssl_verify_client is turned off.
     8
    69If ssl_verify_client is set to on or off, the problem disappears but I have to make changes to my web application to use only/avoid certificate authentication.
    710This happens with both Firefox and Chrome so I think I can't complain to browser vendors.