Re: [users@httpd] apache/mod_ssl block IP connection attempt?

2025-03-04 Thread Yann Ylavic
On Mon, Mar 3, 2025 at 10:20 PM Schuler, Laurence wrote: > > It appears that the HelloClient message has the target hostname within it, so > mod_ssl should be able to say "ok, this hostname is *not* in my server > cert(s), I'm not going to talk to this guy. reject. Setting "SSLStrictSNIVHostChec

[users@httpd] Re: [EXTERNAL] [BULK] Re: [users@httpd] apache/mod_ssl block IP connection attempt?

2025-03-04 Thread Schuler, Laurence (GSFC-606.4)[ADNET SYSTEMS INC]
I have that line in my ssl.conf file. It was initially set to "off", but even after I changed it to "on" I get the same results. I actually don't think this is an apache issue exactly. I'm going to check with the openssl group, I think that is where the refusal should come into play. Thanks, --La