Wrong Vhost being followed when using SSL

Edho P Arief edhoprima at gmail.com
Sun Jan 11 17:41:12 MSK 2009

On Sun, Jan 11, 2009 at 9:29 PM, James Riley <lists at ruby-forum.com> wrote:
> Hello all,
> I have one server hosting two sites and am trying to set up my nginx
> vhost.conf to have both sites working with SSL.
> My vhost.conf file can be seen here (domain names have been changed):
> http://pastie.org/357919
> Everything works fine except when trying to access a secure page for
> reddomain.com, which is being picked up by the server block for
> bluedomain.com
> To clarify, despite using server_name to set which domain a server block
> applies to, the secure reddomain.com is following the first 'listen 443'
> it comes across and making use of the incorrect ssl certificate and
> giving invalid certificate errors when viewing with a browser.
> If I swap the server blocks over so ssl server block for reddomain.com
> is first, the problem is switched, with reddomain.com loading fine but
> bluedomain complaining of an invalid certificate.
> What confuses matters more is that if we agree to view the page despite
> an invalid certificate, the correct app for that domain is loaded (so
> although reddomain may get follow the server block of bluedomain, the
> outcome is the reddomain app getting loaded).
> So my question is:
> * For the domains on port 443, why are they following the first server
> block that is listening to that port, ignoring the fact that the domain
> is not listen in 'server_name'?
> and come anyone see what I may be doing wrong from my vhost.conf, or
> bring anything to my attention that may be causing this problem
> --
> Posted via http://www.ruby-forum.com/.

only one certificate per ip is allowed for ssl connection

O< ascii ribbon campaign - stop html mail - www.asciiribbon.org

More information about the nginx mailing list