On 3/30/23 16:35, giovanni@paclan.it wrote:
> On 2/7/23 12:25, giovanni@paclan.it wrote:
>> On 1/23/23 17:12, Bambero wrote:
>>>
>>> Hi,
>>>
>>> This is strange problem probably LibreSSL related.
>>>
>>> After upgrade OpenBSD to 7.2 windows clients using google chrome browser have problems to connect to apache server.
>>> Some requests are served correct, but periodically browser shows NET::CERT_COMMON_NAME_INVALID and in server logs we can see:
>>>
>>> AH02645: Server name not provided via TLS extension (using default/first virtual host), default
>>>
>>> There was no problem under 7.1.
>>>
>>> The problem occurs only when using google chrome browser (not chromium) under windows.
>>>
>>> I compiled under 7.2 version of apache from 7.1 and from current - didn't help.
>>> OpenBSD builtin server works correct.
>>>
>>> Problem also submitted here:
>>> https://bugs.chromium.org/p/chromium/issues/detail?id=1409224
>>>
>> Google analysis pointed to the fact that they recently enabled "Permute TLS extensions" by default in Chrome, is this something we need to implement in LibreSSL ?
>> Regards
>> Giovanni
>>
> With latest Chrome version (111.0.5563) I cannot trigger this issue anymore, I think they have changed their TLS code.
> Giovanni
>
actually every now and then it still happens unfortunately.
Giovanni
No comments:
Post a Comment