By "real" I mean "really fully qualified", as in "ending in a dot". Try this: https://apache.org. Take note of the final dot. (Try https://apache.org./foo if you like.) In any case what you'll see is: 1) You get asked to accept an untrusted cert. 2) You get 400 Bad Request. Thoughts? Comments? Worth reporting? -- Fred Morris