Describe the bug
Users periodically get a "Misdirected Request" error and apache shows a Hostname xxx provided via SNI and hostname zzzz provided via HTTP have no compatible SSL setup for policy 'secure',
Steps to reproduce
I have two different web sites sharing the same anubis instance and the same apache backend:
nginx -> anubis -> apache
Anubis is configured with:
BIND=127.0.0.1:8013
DIFFICULTY=4
SERVE_ROBOTS_TXT=0
TARGET=https://ip.addr
TARGET_SNI=auto
POLICY_FNAME=/etc/anubis/simple.yaml
METRICS_BIND=localhost:9013
METRICS_BIND_NETWORK=tcp
I periodically get a "Misdirected Request" error which corresponds with an apache error log entry:
Fri Mar 13 13:32:32.570047 2026] [ssl:error] [pid 3460143:tid 3460183] [client xx.xx.xx:0] AH02032: Hostname www.xxxxxx.com provided via SNI and hostname yyyyy.org provided via HTTP have no compatible SSL setup for policy 'secure', referer: https://yyyyyyyy.org/xyz/
I submitted the auto sni patch, so this is probably my fault. But I can't figure out where it goes wrong.
Expected behavior
Given how the code works, it seems like anubis should be sending matching host and sni domains, thus avoiding a situation where apache seems to be receiving one domain name in the SNI negotiation and one domain name in the host header.
Your operating system and its version.
debian bookworm on nginx proxy and debian trixie on apache back end
Your browser and its version.
Firefox 147
Additional context
No response
Describe the bug
Users periodically get a "Misdirected Request" error and apache shows a Hostname xxx provided via SNI and hostname zzzz provided via HTTP have no compatible SSL setup for policy 'secure',
Steps to reproduce
I have two different web sites sharing the same anubis instance and the same apache backend:
nginx -> anubis -> apache
Anubis is configured with:
I periodically get a "Misdirected Request" error which corresponds with an apache error log entry:
Fri Mar 13 13:32:32.570047 2026] [ssl:error] [pid 3460143:tid 3460183] [client xx.xx.xx:0] AH02032: Hostname www.xxxxxx.com provided via SNI and hostname yyyyy.org provided via HTTP have no compatible SSL setup for policy 'secure', referer: https://yyyyyyyy.org/xyz/I submitted the auto sni patch, so this is probably my fault. But I can't figure out where it goes wrong.
Expected behavior
Given how the code works, it seems like anubis should be sending matching host and sni domains, thus avoiding a situation where apache seems to be receiving one domain name in the SNI negotiation and one domain name in the host header.
Your operating system and its version.
debian bookworm on nginx proxy and debian trixie on apache back end
Your browser and its version.
Firefox 147
Additional context
No response