A few days ago our NGINX reverse proxy startet to do weird stuff - at least, I thought so. When you tried to open https://meta.it-syndikat.org you got an error message regarding the ssl certificate not matching the url you’re trying to open.
First, it seemed hat the problem fixed itself - even that shouldn’t be possible in the first place. Reason being: I opened the same website in the same browser an hour later, but on a different location.
Some investigation later - and with some input from others - I realized that same webpace is working perfectly if I tried to connect via ipv4. A little more into it, I came across the SLI plugin from NGINX, but that wasn’t responsible for the problem.
Today, after fiddeling around with the config files of the virtual hosts on the reverse proxy I finally found out what cauesd the problem: It seems, NGINX does some weird stuff, if it doesn’t know from which network interface the request came through.
Changing the line
listen [::}:443:
to the server’s own ipv6 address
listen [aaaa:bbbb:cccc::1]:443:
fixed the problem