2e8fbb8d23
to avoid unnecessary 421 errors after CVE-2025-23048 fix mod_ssl: add conf.d/snipolicy.conf to set 'SSLVHostSNIPolicy authonly' default
16 lines
579 B
Plaintext
16 lines
579 B
Plaintext
#
|
|
# Vendor override: Set the default SNI virtual host policy to "authonly"
|
|
# to preserve compatibility between virtual hosts which differ only in
|
|
# certificate or key configuration. This overrides the hard-coded
|
|
# mod_ssl default mode of "secure".
|
|
#
|
|
# See the directive documentation for more information:
|
|
# https://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslvhostsnipolicy
|
|
#
|
|
# NOTE: if this file is removed, it will be restored on upgrades.
|
|
# To disable the override, comment-out the lines below.
|
|
#
|
|
<IfDirective SSLVHostSNIPolicy>
|
|
SSLVHostSNIPolicy authonly
|
|
</IfDirective>
|