Multiple server definitions with SSL
mdounin at mdounin.ru
Tue Jul 26 18:12:43 UTC 2011
On Tue, Jul 26, 2011 at 05:44:32PM +0100, Ben Lancaster wrote:
> We recently had a problem where we created a new server
> configuration (for http with and without ssl on ports 443 and 80
> respectively) on a shared web server which also included a
> number of other nginx servers similarly configured.
> Unfortunately, we neglected to include the ssl_certificate and
> ssl_certificate_key directives for the new server. So, the
> configurations looked something like this:
> Is this expected behaviour? Should nginx -t not have flagged
> that there was no default ssl_certificate(_key) directives
Probably yes, but this isn't currently done when you define
ssl servers with
listen ... ssl;
Using "ssl on;" in separate server definition will give you
expected config test error.
> Why was the first server affected?
Most likely because you used something like "include
/path/to/files/*;" to include individual config files, and new
server you added was picked up first and become default one.
More information about the nginx