setup multiple SSL servers in one config

Igor Sysoev is at rambler-co.ru
Tue May 12 18:59:15 MSD 2009


On Tue, May 12, 2009 at 08:54:50AM -0600, Jon Garvin wrote:

> Thanks Igor,
>    Are you saying that a single instance Nginx cannot handle multiple
> sites with different SSL certificates?  The environment I'm trying to
> emulate is working just fine with Pound right now.  In other words, one
> instance of pound is running on my server that handles multiple SSL
> certificates for multiple live domains (working like this for several
> years).  Seems to me if Pound can handle the task, Nginx ought to be
> able to as well.  Is the only option to run Pound in front of Nginx so
> that Pound can handle the SSL before passing the traffic off to Nginx? 
> I was hoping to eliminate Pound from the equation all together.

No, a single nginx instance can handle several SSL sites, but you need
several IP, one per each SSL host. Or you may use some workarounds as
decribed here
 http://wiki.cacert.org/wiki/VhostTaskForce

> Igor Sysoev wrote:
> > On Mon, May 11, 2009 at 05:57:10PM -0600, Jonathan Garvin wrote:
> >
> >   
> >> I'm in the process of trying to convert a Pound config file that manages
> >> multiple SSL sites over to Nginx.  If I just have one site setup in the
> >> nginx.conf file then everything, including the SSL, works fine. But if I
> >> add a second server block for a different domain, then the second tries
> >> to use the SSL certificate for the first, resulting in the browser
> >> raising security warnings.  My conf file is below.  Any hints at what I
> >> am doing wrong would be greatly appreciated.
> >>     
> >
> > http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#vhosts
> > http://wiki.cacert.org/wiki/VhostTaskForce
> >
> >
> >   
> 
> 
> -- 
> 
> http://www.5valleys.com/
> 
> http://www.workingwithrails.com/person/8078
> 

-- 
Igor Sysoev
http://sysoev.ru/en/





More information about the nginx mailing list