|
|
|
|
|
|
by tialaramex
1780 days ago
|
|
|
TLS has a specific error "alert" unrecognised_name (112) that servers should send if the client doesn't provide a name they recognise (or indeed doesn't provide a name at all and they expected one). If a web browser connects without specifying a name and it hoped to reach some.nonsense.example your wildcard certificate doesn't help it and it won't display your 503 Service Unavailable error, you aren't some.nonsense.example, it cannot proceed, so you shouldn't bother trying to "help". |
|
|
EDIT: its really pretty easy to do apparently[0] although only unconditionally as it seems...
[0] https://cbonte.github.io/haproxy-dconv/2.4/configuration.htm...