Unable to use multiple IPs with SSL (0.7.64)

danjac nginx-forum at nginx.us
Wed Oct 20 14:00:38 MSD 2010


I have an nginx (v0.7.64) configuration that requires a number of
virtual hosts each with their own SSL.

I have assigned different IP addresses to each vhost. All IP addresses
are available on port 443 (i.e. they are not blocked by firewall). All
certificates are from Thawte. 

When I test nginx configuration (nginx -t), I get the following error:

[quote]the configuration file /usr/local/nginx/conf/nginx.conf syntax is
ok
[emerg]: bind() to IP1:443 failed (99: Cannot assign requested address)
configuration file /usr/local/nginx/conf/nginx.conf test failed[/quote]

(where IP1 is one of our IP addresses)

This is the abridged configuration:

[code]
user  apache;
worker_processes  4;
worker_rlimit_nofile 4112;

events {
    worker_connections  4112;
}


http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    send_timeout 300;

    upstream webapp {
	server UPSTREAM_IP1;
        server UPSTREAM_IP2;
    }

    server {
	listen	     843;
	server_name  localhost;

	location / {
		rewrite ^(.*)$ /crossdomain.xml;
	}
	
	error_page 400 /crossdomain.xml;

	location /crossdomain.xml {
		root /var/www/html;
	}
    }
       
    server {
        listen       80;
        server_name  localhost;

        location /media {
            access_log   off;
            root   /var/www/html;
            index  index.html index.htm;
            expires 24h;
        }

	location / {
            access_log off;
            proxy_connect_timeout 15;
	    proxy_next_upstream error;
	    proxy_pass http://webapp;
	    proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
            proxy_redirect off;

	}

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        location ~ /\.ht {
            deny  all;
        }
    }

server {
        listen       IP1:443;
        server_name  *.firstdomain.com;

        ssl                  on;
        ssl_certificate      /var/ssl/firstdomain.crt;
        ssl_certificate_key  /var/ssl/firstdomain.key;
 
        location /media {
            root   /var/www/html;
            index  index.html index.htm;
        }
	
	location / {
            access_log off;
            proxy_connect_timeout 15;
	    proxy_next_upstream error;
	    proxy_pass http://webapp;
	    proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-Protocol https;
            proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
            proxy_redirect off;
	}

}
    server {
        listen        IP2:443;
        server_name  *.seconddomain.com;

        ssl                  on;
        ssl_certificate      /var/ssl/seconddomain.crt;
        ssl_certificate_key  /var/ssl/seconddomain.key;

        location /media {
            root   /var/www/html;
            index  index.html index.htm;
        }
	

	location / {
            access_log off;
            proxy_connect_timeout 15;
	    proxy_next_upstream error;
	    proxy_pass http://webapp;
	    proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-Protocol https;
            proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
            proxy_redirect off;
	}
  
}
 
server {
        listen       IP3:443;
        server_name  *.thirddomain.com;

        ssl                  on;
        ssl_certificate      /var/ssl/thirddomain.crt;
        ssl_certificate_key  /var/ssl/thirddomain.key;

        location /media {
            root   /var/www/html;
            index  index.html index.htm;
        }
	
	location / {
            access_log off;
            proxy_connect_timeout 15;
	    proxy_next_upstream error;
	    proxy_pass http://webapp;
	    proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-Protocol https;
            proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
            proxy_redirect off;
	}
   
}
[/code]

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,142634,142634#msg-142634




More information about the nginx mailing list