Multiple ssl certs for the same IP?

Igor Sysoev is at
Mon May 5 08:58:32 MSD 2008

On Sun, May 04, 2008 at 11:07:32PM +0100, Ed W wrote:

> Grzegorz Nosek wrote:
> >On Sun, May 04, 2008 at 09:54:41AM -0700, Rt Ibmer wrote:
> >  
> >>How can I tell nginx to use the pem and keyfiles for AND 
> >> when the same "server" is listening for both FQDN 
> >>domains (remember, both FQDN's resolve to the same IP and it will stay 
> >>that way for some time to come.  Over time I may split these out).
> >>    
> >
> >AFAIK this is impossible without some new (and not widely supported)
> >extensions to the SSL protocol. 
> I heard it's coming in Firefox3?
> (Probably IE won't support it for another decade though...)

This extension is called SNI. It supported by IE7, but only under Vista,
and I'm not sure will MS add these crypto DLLs in XP. Also SNI is supported
by Opera8 and Firefox2. To support SNI from nginx side OpenSSL-0.9.9
is required, that is currently in developing stage.

Igor Sysoev

More information about the nginx mailing list