Solution: Using ProxyPass from http to https in apache2 causes AH02032 SNI error

I got this error message on the internal.server.host when forwarding an URL from an extrernal HTTP server to an internal HTTPS server:

AH02032: Hostname internal.server.host provided via SNI and hostname external.server.host provided via HTTP are different

The problem turned out to be that the internal server was trusting the external one’s X-Forwarded- headers, a feature which was crucial to other parts of the setup and couldn’t be disabled. The solution was to disable sending of X-Forwarded- for this particular proxy URL by disabling ProxyAddHeaders.

The “fixed” config, as follows:

SSLProxyEngine on
SSLProxyCheckPeerCN on
SSLProxyCheckPeerExpire on
ProxyPass /nice/page.php https://internal.server.host/nice/page.php min=1 max=5 retry=10
ProxyPassReverse /nice/page.php https://internal.server.host/nice/page.php
ProxyAddHeaders off
ProxyPreserveHost off

Hope this helps someone 🙂

1 Comment

Leave a Reply to Muhamad Cancel reply

Your email address will not be published. Required fields are marked *