Wrong server used in SSL request

Jonathan Matthews contact at jpluscplusm.com
Wed Jul 10 07:54:11 UTC 2013

On 10 Jul 2013 08:41, "Jannik Zschiesche" <hello at apfelbox.net> wrote:
> Hi everyone,
> I have a rather strange issue.
> I have a server with 3 configured urls:
> example.com (+ ssl)
> shop.example.com (+ ssl)
> example2.com (- ssl)
> If I now open https://example2.com the server of https://shop.example.comis used.
> My config looks like this:
> https://gist.github.com/apfelbox/c13a226633a7df92e3fe
> Does anybody have an idea?

This is due to you having only one IP listening for ssl traffic. It's a
fundamental limitation of ssl when not used with SNI.

To fix it, you'll need to either use more IPs and listen explicitly on
different ones for different virtual hosts, or use SNI, or use a wildcard
(or UCC/SaN) certificate. The first fix is by far the most common for
people in your situation.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20130710/bd0fd4e6/attachment.html>

More information about the nginx mailing list