<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div>Actually, I can work around this issue by adding:</div><div><br></div><div><div> if ($host !~* ^(<a href="http://my.example.net">my.example.net</a>)$ ) {</div><div> rewrite ^(.*) <a href="https://my.example.net$1">https://my.example.net$1</a> permanent;</div><div> }</div></div><div><br></div><div>I am curious however this does not work when I put the redirect in the default ( '_' ) server config</div><br><div><div>On Sep 22, 2011, at 5:17 AM, Adam Tistler wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Hi,<div><br></div><div>I have an ssl nginx setup which was working fine with one server { ssl on }. However I have legacy ssl server_names that I would like to have a 'catch all' for that should be redirected back to the 'main' ssl server name. Config is pasted here.</div><div><br></div><div><a href="http://pastebin.com/dXU7BHaB">http://pastebin.com/dXU7BHaB</a> ( I removed some sections for brevity )</div><div><br></div><div><br></div><div>When the following lines are enabled:</div><div><br></div><div><li class="li2"><div class="de2"> server {</div></li>
<li class="li1"><div class="de1"> listen 443 default;</div></li>
<li class="li2"><div class="de2"> server_name _;</div></li>
<li class="li1"><div class="de1"> rewrite ^(.*) <a href="https://my.example.net$1">https://my.example.net$1</a> permanent;</div></li>
<li class="li2"><div class="de2"> }</div></li><div><br></div></div><div>I will get:</div><div><br></div><div><div>SSL received a record that exceeded the maximum permissible length.</div><div>(Error code: ssl_error_rx_record_too_long)</div></div><div><br></div><div>If i comment those lines out, the request will go thru just fine. However since:</div><div><br></div><div><li class="li2"><div class="de2"> server {</div></li>
<li class="li1"><div class="de1"> listen 443;</div></li>
<li class="li2"><div class="de2"> server_name <a href="http://my.example.net/">my.example.net</a>;</div></li><div><br></div></div><div><br></div><div>is treated as the default vhost, even ssl requests for <a href="http://myold.example.net/">myold.example.net</a> are serviced by this server {} and are not redirected to <a href="https://my.example.net/">https://my.example.net</a> (obviously not what I want).</div><div><br></div><div>Thanks for the help in advanced.</div></div></blockquote></div><br></body></html>