SSL Conflict Between Two Virtual Hosts
Andreas Schneider
a.schneider at s-webservice.de
Tue Jan 19 00:17:39 MSK 2010
Hi,
As the howto on:
http://nginx.org/en/docs/http/configuring_https_servers.html#name_based_https_servers
sais, you need one ip address per ssl vhost because the ssl handshake is done
before the connection is acknowledged. As of this, the ssl cert is already in
use before the name will be validated by nginx.
Best,
Andreas
On Monday 18 January 2010 19:01:47 jasonago wrote:
> Hello NGINX community!
>
> I am setting up multiple website in one server. Obviously I created
> different server directives for each domain that I want to serve.
>
> I set domainA to listen to 443 for ssl as well as domainB. BOTH of them
> listens to port 80 and port 443 BUT they serve different ssl certificates.
>
> The problem comes when I access domainB on ssl connection because domainB
> is sending domainA's ssl certificate! I already double checked this to
> see if the two domain really has different ssl certs and it is really is
> different.
>
> >From what I understand nginx should be able to serve different ssl certs
> > and connection to multiple domains even if they all listen to the same
> > port 443.
>
> Is this a bug or nginx is intended to work this way? Is it imperative that
> only one domain listens to port 443 or nginx is intended to serve multiple
> domain in port 443 with different certs? I hope the solution to this
> problem is not to create a single cert for all the virtual host via
> Subject Alternate Name in the cert signing request...
>
> Posted at Nginx Forum:
> http://forum.nginx.org/read.php?2,42666,42666#msg-42666
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://nginx.org/mailman/listinfo/nginx
>
More information about the nginx
mailing list