cannot make catch all ssl server block work

mayak mayak at
Mon Oct 13 06:46:27 UTC 2014

hi all,

i'm having trouble with nginx:

#nginx -V
nginx version: nginx/1.6.2
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-3) (GCC)
TLS SNI support enabled

so i use .conf files in the /etc/nginx/conf.d directory

<default /etc/nginx/conf.d/default.conf>
server {
     listen 443 default_server;
     server_name *;

     ssl on;
     ssl_certificate /etc/x509V6/a.crt;
     ssl_certificate_key /etc/x509V6/a.key;

and in the same directory i have

<b.conf /etc/nginx/conf.d/b.conf>
server {
     listen 443 default_server;

     ssl on;
     ssl_certificate /etc/x509V6/b.crt;
     ssl_certificate_key /etc/x509V6/b.key;

both and and c.domain resolve to the same ip address.

however, an `openssl s_client -connect` gives me b's certficate and not a's certificate.

is there a way to do a catch all for ssl virtual hosts where a request (or any any other host for that  matter) would be handled by a's container?



More information about the nginx mailing list