421 Misdirected Request

[JorgeGama]

Hi everyone. I hope someone can point me in the right direction.

As the title suggests, after an update to Apache (maybe) every time I try a to access a website on my homelab I always get this error.

Apache logs says:
[ssl:error] [pid 2013861:tid 140388841018944] [client 192.168.2.180:36498] AH02032: Hostname xxxxxx.xxxxx.xxx (default host as no SNI was provided) and hostname yyyyyy.yyyyyy.yyy provided via HTTP have no compatible SSL setup

I found this article but I don't know if it's relevant: https://support.plesk.com/hc/en-us/articles/33500191748887-Websites-hosted-in-Plesk-are-not-accessible-after-a-recent-Apache-update-421-Misdirected-Request

From the article:

In recent Apache version, Apache team has released fixes for CVEs that affected Apache + nginx functionality: new changes do not allow Apache process requests from nginx without the server name (by default, nginx does not pass the server name through SNI when establishing a connection with a proxied HTTPS server).

I tried my best to add those options to nginx-proxy-manager but after a restart they are lost.

I'm currently using the latest release, but I have tried with older versions but with no success.

Any advice?

[JorgeGama]

After some fiddling and opening my eyes, I was able to get it working again.

The solution is to add
proxy_ssl_server_name on; proxy_ssl_name $host; proxy_ssl_session_reuse off;

to the advanced section of each proxy host.

I was at a loss for a few days and I didn't even notice that that could be done.