Proxy reverse give ssl:error AH02032

#1
Hello everybody!

Due to the limitation on the number of static ips provided, I have a need to use reverse proxy to centralize multiple web applications with multiple domains through only one IP. In it I used a wordpress application with multisite feature. I then point the domain and subdomains to the proxy server using openlitespeed, then create a vituralhost to configure the reverse proxy to the wordpress app's web server which also uses openlitespeed. With the following configurations:

At vituralhost of proxy server:
External App: Type : Web Server | Name: externalapp | Address: https://ipexternalserver:443
Rewrite Control: Enable Rewrite: Yes | Auto Load from .htaccess : Not Set | Log Level : 1
Rewrite Rules:
Code:
RewriteEngine On
RewriteRule ^(.*)$ https://externalapp/$1 [P,L]
At listener of proxy server:
- One listener with port 80
- One listener with port 443 with SSL configs:
Code:
SSL Private Key & Certificate
Private Key File: Path to key file
Certificate File: Path to Cert file
Chained Certificate: Not Set
CA Certificate Path: Path to CA Cert folder
CA Certificate File: Path to CA Cert file

SSL Protocol
Protocol Version: SSL v3.0     TLS v1.0     TLS v1.1     TLS v1.2
Ciphers: Not Set
Enable ECDH Key Exchange: Yes
Enable DH Key Exchange: Yes
DH Parameter: Not Set
 
Security & Features
SSL Renegotiation Protection: Not Set
Enable Session Cache: No
Enable Session No
ALPN: SPDY/2     SPDY/3     HTTP/2     HTTP/3
Open HTTP3/QUIC (UDP) Port: Not Set
At vituralhost of web server:
Rewrite Control: Enable Rewrite: Yes | Auto Load from .htaccess : Yes | Log Level : 1
Rewrite Rules:
Code:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule blog\/([0-9]{4})\/([0-9]+)\/([0-9]+)\/(.*)$ /$4/ [QSA,P]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
At listener of web server:
- One listener with port 80
- One listener with port 443 with SSL configs:
Code:
SSL Private Key & Certificate
Private Key File: Path to key file
Certificate File: Path to Cert file
Chained Certificate: Not Set
CA Certificate Path: Path to CA Cert folder
CA Certificate File: Path to CA Cert file

SSL Protocol
Protocol Version: SSL v3.0     TLS v1.0     TLS v1.1     TLS v1.2
Ciphers: Not Set
Enable ECDH Key Exchange: Yes
Enable DH Key Exchange: Yes
DH Parameter: Not Set
 
Security & Features
SSL Renegotiation Protection: Not Set
Enable Session Cache: No
Enable Session No
ALPN: SPDY/2     SPDY/3     HTTP/2     HTTP/3
Open HTTP3/QUIC (UDP) Port: Not Set
When I move between domains and sub domains there is an 400 error:
Bad Request
Your browser sent a request that this server could not understand.
and when refreshed, it will work normally .

I check in the webserver's error log and get the same error messages with the content:
Code:
[ssl:error] AH02032: Hostname sub1.abc.com provided via SNI and hostname abc.com provided via HTTP are different
[ssl:error] AH02032: Hostname sub2.abc.com provided via SNI and hostname sub1.abc.com provided via HTTP are different
[ssl:error] AH02032: Hostname sub1.abc.com provided via SNI and hostname sub3.abc.com provided via HTTP are different
[ssl:error] AH02032: Hostname abc.com provided via SNI and hostname sub2.abc.com provided via HTTP are different
...
Hope to get help soon.
Have a good days!
 

Cold-Egg

Administrator
#2
May I know if abc.com, and sub1.abc.com ..etc all from the WordPress multi-site?
Did you set different virtual hosts for each domain including sub-domain? or you set it on the same virtual host?
For the same virtual host case, maybe you can try to put a `*` on the listener and see if it helps.
 
#3
May I know if abc.com, and sub1.abc.com ..etc all from the WordPress multi-site?
Did you set different virtual hosts for each domain including sub-domain? or you set it on the same virtual host?
For the same virtual host case, maybe you can try to put a `*` on the listener and see if it helps.
All are from wordpress Multisite, And the subdomains are configured wilcard on the same listener as the main domain and on the same virtual host.
Listener Virtural Host Mappings: Virtual Host:WpVHostName | Domains: abc.com, *.abc.com
 
Top