Reported in the public chatroom.
When making HTTPS requests to virtual hosts (e.g., https://feodotracker.abuse.ch), the client receives a 421 Misdirected Request error. The server presents the wrong TLS certificate because it doesn't know which virtual host is being targeted. Adding the Host header field to the HTTP request didn't solve the issue, as caf::net probably needs to call SSL_set_tlsext_host_name() during TLS handshake to enable Server Name Indication (SNI) support, allowing the server to present the correct certificate for the requested domain.
The error returned in the reported example also links to the following documentation: https://www.fastly.com/documentation/guides/concepts/errors/#routing-errors
Reported in the public chatroom.
When making HTTPS requests to virtual hosts (e.g.,
https://feodotracker.abuse.ch), the client receives a421 Misdirected Requesterror. The server presents the wrong TLS certificate because it doesn't know which virtual host is being targeted. Adding theHostheader field to the HTTP request didn't solve the issue, ascaf::netprobably needs to callSSL_set_tlsext_host_name()during TLS handshake to enable Server Name Indication (SNI) support, allowing the server to present the correct certificate for the requested domain.The error returned in the reported example also links to the following documentation: https://www.fastly.com/documentation/guides/concepts/errors/#routing-errors