SSL, multiple server blocks, same domain?
Igor Sysoev
igor at sysoev.ru
Mon Dec 14 12:15:46 MSK 2009
On Mon, Dec 14, 2009 at 09:05:53AM +0000, Phillip Oldham wrote:
> Igor Sysoev wrote:
> > On Fri, Dec 11, 2009 at 03:03:41PM +0000, Phillip Oldham wrote:
> >
> >> server {
> >> server_name www.mydomain.org;
> >> listen 80;
> >> }
> >>
> >> server {
> >> server_name secure.mydomain.org;
> >> listen 443;
> >> ssl on;
> >> ssl_certificate /etc/ssl/mydomain.pem;
> >> ssl_certificate_key /etc/ssl/mydomain.key;
> >> }
> >>
> >> server {
> >> server_name images.mydomain.org;
> >> listen 80;
> >> listen 443;
> >> ssl on;
> >>
> >
> > - listen 443;
> > - ssl on;
> > + listen 443 ssl;
> >
> >
> >> ssl_certificate /etc/ssl/mydomain.pem;
> >> ssl_certificate_key /etc/ssl/mydomain.key;
> >> }
> >>
> >
> > Yes:
> >
> > http://nginx.org/en/docs/http/configuring_https_servers.html#certificate_with_several_names
> > http://nginx.org/en/docs/http/configuring_https_servers.html#single_http_https_server
> >
>
> Thanks. I've checked the docs and followed the examples, but I must be
> doing something wrong:
>
> ~# cat /etc/nginx/vhosts/mydomain.conf
> ssl_certificate /etc/ssl/mydomain.pem;
> ssl_certificate_key /etc/ssl/mydomain.key;
> server {
> server_name "~^(css|images|js)(\d)?\.mydomain\.org$";
> listen 80;
> listen 443 ssl;
> ...
> }
> server {
> server_name ~(\w+)\.mydomain\.org;
> listen 80;
> listen 443 ssl; # line 58
> ...
> }
> server {
> server_name secure.mydomain.org;
> listen 80;
> listen 443 ssl;
> ...
> }
> server {
> server_name www.mydomain.org;
> listen 80;
> ...
> }
>
> ~# nginx -t
> [emerg]: a duplicate listen options for 0.0.0.0:443 in
> /etc/nginx/vhosts/mydomain.conf:58
> configuration file /etc/nginx/nginx.conf test failed
You should define the "ssl" once, and then use it without the "ssl":
listen 443 ssl;
listen 443;
listen 443;
--
Igor Sysoev
http://sysoev.ru/en/
More information about the nginx
mailing list