nginx-0.7.14
CryptWizard
cryptwizard at gmail.com
Wed Sep 3 17:39:00 MSD 2008
No need to re-specify the certificates and stuff?
On Wed, Sep 3, 2008 at 11:57 PM, Igor Sysoev <is at rambler-co.ru> wrote:
> On Wed, Sep 03, 2008 at 11:53:09PM +1100, CryptWizard wrote:
>
>> So does that mean that on my non-default servers I can just add listen
>> 443; to it and it will work, and I still don't need two server blocks
>> for each actual server+
>
> Yes:
>
> server {
> listen 80;
> listen 443 default ssl;
> }
>
> server {
> listen 80;
> listen 443; # it will be SSL too
> }
>
>> On Wed, Sep 3, 2008 at 11:29 PM, Igor Sysoev <is at rambler-co.ru> wrote:
>> > On Wed, Sep 03, 2008 at 11:19:00PM +1100, CryptWizard wrote:
>> >
>> >> Aww...
>> >> Can you make it work for non-default listen directives as well?
>> >
>> > "listen default" means that you define listen(2) and bind(2) parameters.
>> > "ssl" is not listen/bind(2) parameter, but anyway all servers listening
>> > on this port must accept SSL connections only.
>> >
>> >> On Tue, Sep 2, 2008 at 5:05 PM, Igor Sysoev <is at rambler-co.ru> wrote:
>> >> > On Tue, Sep 02, 2008 at 08:45:07AM +1000, CryptWizard wrote:
>> >> >
>> >> >> That's excellent.
>> >> >> Now I don't need to have 2 almost identical server blocks and make
>> >> >> changes in 2 places every time.
>> >> >> Just waiting for the FreeBSD port to come out.
>> >> >
>> >> > This is recommended for sites where difference between HTTP and HTTPS
>> >> > is small as comprared to whole sites configuration:
>> >> >
>> >> > server {
>> >> > listen 80;
>> >> > listen 443 default ssl;
>> >> >
>> >> > server_name www.example.com;
>> >> >
>> >> > ssl_certificate /path/to/cert;
>> >> > ssl_certificate_key /path/to/key;
>> >> >
>> >> > location / {
>> >> > ...
>> >> > }
>> >> >
>> >> > location /ssl/only/dir/ {
>> >> > if ($scheme = http) {
>> >> > rewrite ^(.+)$ https://www.example.com$1;
>> >> > }
>> >> > ...
>> >> > }
>> >> >
>> >> > }
>> >> >
>> >> >
>> >> >
>> >> >> On Tue, Sep 2, 2008 at 8:33 AM, Maxim Dounin <mdounin at mdounin.ru> wrote:
>> >> >> > Hello!
>> >> >> >
>> >> >> > On Tue, Sep 02, 2008 at 08:07:57AM +1000, CryptWizard wrote:
>> >> >> >
>> >> >> >>> *) Feature: the "listen" directive supports the "ssl" parameter.
>> >> >> >>
>> >> >> >> How is it used? Is there an example available?
>> >> >> >
>> >> >> > In russian it's here:
>> >> >> > http://www.sysoev.ru/nginx/docs/http/ngx_http_core_module.html#listen
>> >> >> >
>> >> >> > server {
>> >> >> > listen 80;
>> >> >> > listen 443 ssl;
>> >> >> >
>> >> >> > ...
>> >> >> > }
>> >> >> >
>> >> >> > It allows using the same server{} for http and https.
>> >> >> >
>> >> >> > Maxim Dounin
>> >> >
>> >> >
>> >> > --
>> >> > Igor Sysoev
>> >> > http://sysoev.ru/en/
>> >> >
>> >> >
>> >
>> > --
>> > Igor Sysoev
>> > http://sysoev.ru/en/
>> >
>> >
>
> --
> Igor Sysoev
> http://sysoev.ru/en/
>
>
More information about the nginx
mailing list