ssl, (no) default and sni
Maxim Dounin
mdounin at mdounin.ru
Wed Dec 2 13:33:00 MSK 2009
Hello!
On Wed, Dec 02, 2009 at 01:15:11PM +0300, Igor Sysoev wrote:
> On Wed, Dec 02, 2009 at 04:20:14AM -0500, GerMalaz wrote:
>
> > Any chance to allow
> >
> > listen 443 ssl;
> >
> > this is, NO "default", if SNI is available?
>
> I do not understand what do you want to reach, but since 0.8.21 nginx
> allows to set listen socket options and features not in default server:
>
> server {
> listen 443 ssl;
> server_name name;
> }
>
> server {
> listen 443 default_server;
> server_name _;
> }
BTW, the problem with listen ... ssl that bugs me is that one
can't do something like this:
server {
listen 8443 ssl;
server_name x;
}
server {
listen 8443 ssl;
server_name y;
}
We use distinct ips in production, but on testing server there is
only 1 ip available and our configuration flattens to something
like the above. So we have to use separate ssl servers and
activate ssl via ssl on; instead.
Maxim Dounin
More information about the nginx
mailing list