nginx-0.7.14

CryptWizard cryptwizard at gmail.com
Wed Sep 3 17:39:00 MSD 2008 

No need to re-specify the certificates and stuff?

On Wed, Sep 3, 2008 at 11:57 PM, Igor Sysoev <is at rambler-co.ru> wrote:
> On Wed, Sep 03, 2008 at 11:53:09PM +1100, CryptWizard wrote:
>
>> So does that mean that on my non-default servers I can just add listen
>> 443; to it and it will work, and I still don't need two server blocks
>> for each actual server+
>
> Yes:
>
>  server {
>        listen 80;
>        listen 443 default ssl;
>  }
>
>  server {
>        listen 80;
>        listen 443; # it will be SSL too
>  }
>
>> On Wed, Sep 3, 2008 at 11:29 PM, Igor Sysoev <is at rambler-co.ru> wrote:
>> > On Wed, Sep 03, 2008 at 11:19:00PM +1100, CryptWizard wrote:
>> >
>> >> Aww...
>> >> Can you make it work for non-default listen directives as well?
>> >
>> > "listen default" means that you define listen(2) and bind(2) parameters.
>> > "ssl" is not listen/bind(2) parameter, but anyway all servers listening
>> > on this port must accept SSL connections only.
>> >
>> >> On Tue, Sep 2, 2008 at 5:05 PM, Igor Sysoev <is at rambler-co.ru> wrote:
>> >> > On Tue, Sep 02, 2008 at 08:45:07AM +1000, CryptWizard wrote:
>> >> >
>> >> >> That's excellent.
>> >> >> Now I don't need to have 2 almost identical server blocks and make
>> >> >> changes in 2 places every time.
>> >> >> Just waiting for the FreeBSD port to come out.
>> >> >
>> >> > This is recommended for sites where difference between HTTP and HTTPS
>> >> > is small as comprared to whole sites configuration:
>> >> >
>> >> >        server {
>> >> >            listen  80;
>> >> >            listen  443 default ssl;
>> >> >
>> >> >            server_name  www.example.com;
>> >> >
>> >> >            ssl_certificate       /path/to/cert;
>> >> >            ssl_certificate_key   /path/to/key;
>> >> >
>> >> >            location / {
>> >> >                ...
>> >> >            }
>> >> >
>> >> >            location /ssl/only/dir/ {
>> >> >                if ($scheme = http) {
>> >> >                    rewrite  ^(.+)$   https://www.example.com$1;
>> >> >                }
>> >> >                ...
>> >> >            }
>> >> >
>> >> >        }
>> >> >
>> >> >
>> >> >
>> >> >> On Tue, Sep 2, 2008 at 8:33 AM, Maxim Dounin <mdounin at mdounin.ru> wrote:
>> >> >> > Hello!
>> >> >> >
>> >> >> > On Tue, Sep 02, 2008 at 08:07:57AM +1000, CryptWizard wrote:
>> >> >> >
>> >> >> >>>   *) Feature: the "listen" directive supports the "ssl" parameter.
>> >> >> >>
>> >> >> >> How is it used? Is there an example available?
>> >> >> >
>> >> >> > In russian it's here:
>> >> >> > http://www.sysoev.ru/nginx/docs/http/ngx_http_core_module.html#listen
>> >> >> >
>> >> >> >    server {
>> >> >> >        listen  80;
>> >> >> >        listen  443 ssl;
>> >> >> >
>> >> >> >        ...
>> >> >> >    }
>> >> >> >
>> >> >> > It allows using the same server{} for http and https.
>> >> >> >
>> >> >> > Maxim Dounin
>> >> >
>> >> >
>> >> > --
>> >> > Igor Sysoev
>> >> > http://sysoev.ru/en/
>> >> >
>> >> >
>> >
>> > --
>> > Igor Sysoev
>> > http://sysoev.ru/en/
>> >
>> >
>
> --
> Igor Sysoev
> http://sysoev.ru/en/
>
>

More information about the nginx mailing list