Unknown SSL Subdomain bypasses the VIRTUAL_HOST variable

[toussa]

Hello,

I'm facing a problem regarding the routing of SSL domains, that could be an issue of nginx-proxy:

I have a back-end nginx serving only on port 80 (HTTP), with the following config:

nginx:
    image: nginx
    volumes:
      - "./www:/usr/share/nginx/html:ro"
      - "./conf/nginx/:/nginx:ro"
      - "./conf/tools:/tools:ro"
    networks:
      - middle-end
    environment:
      - "VIRTUAL_HOST=a.com,sub.a.com,b.com"
      - "CERT_NAME=shared_certif"
    command: "/bin/bash /nginx/start-nginx.sh"

It works well with nginx-proxy when using it with http:
"http://a.com" and "http://sub.a.com" get redirected to "https://a.com" and "https://sub.a.com"

The problem comes when I try to access something like "https://fake.a.com" => nginx-proxy redirects the request to my upstream, even if "fake.a.com" wasn't written in VIRTUAL_HOST.

Note that when I try to access with HTTP (http://fake.a.com), I get the logical error 503

[toussa]

Looks like it can be related to the pull request: #614

[buchdag]

This was fixed in #2186