nginx-0.7.14

Igor Sysoev is at rambler-co.ru
Wed Sep 3 16:57:32 MSD 2008


On Wed, Sep 03, 2008 at 11:53:09PM +1100, CryptWizard wrote:

> So does that mean that on my non-default servers I can just add listen
> 443; to it and it will work, and I still don't need two server blocks
> for each actual server+

Yes:

  server {
        listen 80;
        listen 443 default ssl;
  }

  server {
        listen 80;
        listen 443; # it will be SSL too
  }

> On Wed, Sep 3, 2008 at 11:29 PM, Igor Sysoev <is at rambler-co.ru> wrote:
> > On Wed, Sep 03, 2008 at 11:19:00PM +1100, CryptWizard wrote:
> >
> >> Aww...
> >> Can you make it work for non-default listen directives as well?
> >
> > "listen default" means that you define listen(2) and bind(2) parameters.
> > "ssl" is not listen/bind(2) parameter, but anyway all servers listening
> > on this port must accept SSL connections only.
> >
> >> On Tue, Sep 2, 2008 at 5:05 PM, Igor Sysoev <is at rambler-co.ru> wrote:
> >> > On Tue, Sep 02, 2008 at 08:45:07AM +1000, CryptWizard wrote:
> >> >
> >> >> That's excellent.
> >> >> Now I don't need to have 2 almost identical server blocks and make
> >> >> changes in 2 places every time.
> >> >> Just waiting for the FreeBSD port to come out.
> >> >
> >> > This is recommended for sites where difference between HTTP and HTTPS
> >> > is small as comprared to whole sites configuration:
> >> >
> >> >        server {
> >> >            listen  80;
> >> >            listen  443 default ssl;
> >> >
> >> >            server_name  www.example.com;
> >> >
> >> >            ssl_certificate       /path/to/cert;
> >> >            ssl_certificate_key   /path/to/key;
> >> >
> >> >            location / {
> >> >                ...
> >> >            }
> >> >
> >> >            location /ssl/only/dir/ {
> >> >                if ($scheme = http) {
> >> >                    rewrite  ^(.+)$   https://www.example.com$1;
> >> >                }
> >> >                ...
> >> >            }
> >> >
> >> >        }
> >> >
> >> >
> >> >
> >> >> On Tue, Sep 2, 2008 at 8:33 AM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> >> >> > Hello!
> >> >> >
> >> >> > On Tue, Sep 02, 2008 at 08:07:57AM +1000, CryptWizard wrote:
> >> >> >
> >> >> >>>   *) Feature: the "listen" directive supports the "ssl" parameter.
> >> >> >>
> >> >> >> How is it used? Is there an example available?
> >> >> >
> >> >> > In russian it's here:
> >> >> > http://www.sysoev.ru/nginx/docs/http/ngx_http_core_module.html#listen
> >> >> >
> >> >> >    server {
> >> >> >        listen  80;
> >> >> >        listen  443 ssl;
> >> >> >
> >> >> >        ...
> >> >> >    }
> >> >> >
> >> >> > It allows using the same server{} for http and https.
> >> >> >
> >> >> > Maxim Dounin
> >> >
> >> >
> >> > --
> >> > Igor Sysoev
> >> > http://sysoev.ru/en/
> >> >
> >> >
> >
> > --
> > Igor Sysoev
> > http://sysoev.ru/en/
> >
> >

-- 
Igor Sysoev
http://sysoev.ru/en/





More information about the nginx mailing list