SSL, multiple server blocks, same domain?

Phillip Oldham phill at activityhq.com
Mon Dec 14 12:05:53 MSK 2009


Igor Sysoev wrote:
> On Fri, Dec 11, 2009 at 03:03:41PM +0000, Phillip Oldham wrote:
>   
>> server {
>>     server_name www.mydomain.org;
>>     listen 80;
>> }
>>
>> server {
>>     server_name secure.mydomain.org;
>>     listen 443;
>>     ssl on;
>>     ssl_certificate /etc/ssl/mydomain.pem;
>>     ssl_certificate_key /etc/ssl/mydomain.key;
>> }
>>
>> server {
>>     server_name images.mydomain.org;
>>     listen 80;
>>     listen 443;
>>     ssl on;
>>     
>
> -     listen 443;
> -     ssl on;
> +     listen 443  ssl;
>
>   
>>     ssl_certificate /etc/ssl/mydomain.pem;
>>     ssl_certificate_key /etc/ssl/mydomain.key;
>> }
>>     
>
> Yes:
>
> http://nginx.org/en/docs/http/configuring_https_servers.html#certificate_with_several_names
> http://nginx.org/en/docs/http/configuring_https_servers.html#single_http_https_server
>   

Thanks. I've checked the docs and followed the examples, but I must be 
doing something wrong:

~# cat /etc/nginx/vhosts/mydomain.conf
ssl_certificate /etc/ssl/mydomain.pem;
ssl_certificate_key /etc/ssl/mydomain.key;
server {
  server_name "~^(css|images|js)(\d)?\.mydomain\.org$";
  listen 80;
  listen 443 ssl;
  ...
}
server {
  server_name ~(\w+)\.mydomain\.org;
  listen 80;
  listen 443 ssl; # line 58
  ...
}
server {
  server_name secure.mydomain.org;
  listen 80;
  listen 443 ssl;
  ...
}
server {
  server_name www.mydomain.org;
  listen 80;
  ...
}

~# nginx -t
[emerg]: a duplicate listen options for 0.0.0.0:443 in 
/etc/nginx/vhosts/mydomain.conf:58
configuration file /etc/nginx/nginx.conf test failed

~# nginx -V
nginx version: nginx/0.8.29
built by gcc 4.1.2 20071124 (Red Hat 4.1.2-42)
TLS SNI support disabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx 
--conf-path=/etc/nginx/nginx.conf 
--error-log-path=/var/log/nginx/error.log --pid-path=/var/run/nginx.pid 
--with-rtsig_module --with-select_module --with-poll_module 
--with-http_ssl_module --with-http_stub_status_module 
--with-http_gzip_static_module --with-http_flv_module 
--with-http_random_index_module 
--http-log-path=/var/log/nginx/access.log --with-md5=/usr/lib 
--with-sha1=/usr/lib --without-mail_pop3_module 
--without-mail_imap_module --without-mail_smtp_module 
--with-http_perl_module




More information about the nginx mailing list