Unable to use multiple IPs with SSL (0.7.64)
danjac
nginx-forum at nginx.us
Wed Oct 20 14:00:38 MSD 2010
I have an nginx (v0.7.64) configuration that requires a number of
virtual hosts each with their own SSL.
I have assigned different IP addresses to each vhost. All IP addresses
are available on port 443 (i.e. they are not blocked by firewall). All
certificates are from Thawte.
When I test nginx configuration (nginx -t), I get the following error:
[quote]the configuration file /usr/local/nginx/conf/nginx.conf syntax is
ok
[emerg]: bind() to IP1:443 failed (99: Cannot assign requested address)
configuration file /usr/local/nginx/conf/nginx.conf test failed[/quote]
(where IP1 is one of our IP addresses)
This is the abridged configuration:
[code]
user apache;
worker_processes 4;
worker_rlimit_nofile 4112;
events {
worker_connections 4112;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
send_timeout 300;
upstream webapp {
server UPSTREAM_IP1;
server UPSTREAM_IP2;
}
server {
listen 843;
server_name localhost;
location / {
rewrite ^(.*)$ /crossdomain.xml;
}
error_page 400 /crossdomain.xml;
location /crossdomain.xml {
root /var/www/html;
}
}
server {
listen 80;
server_name localhost;
location /media {
access_log off;
root /var/www/html;
index index.html index.htm;
expires 24h;
}
location / {
access_log off;
proxy_connect_timeout 15;
proxy_next_upstream error;
proxy_pass http://webapp;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_redirect off;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ /\.ht {
deny all;
}
}
server {
listen IP1:443;
server_name *.firstdomain.com;
ssl on;
ssl_certificate /var/ssl/firstdomain.crt;
ssl_certificate_key /var/ssl/firstdomain.key;
location /media {
root /var/www/html;
index index.html index.htm;
}
location / {
access_log off;
proxy_connect_timeout 15;
proxy_next_upstream error;
proxy_pass http://webapp;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Protocol https;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_redirect off;
}
}
server {
listen IP2:443;
server_name *.seconddomain.com;
ssl on;
ssl_certificate /var/ssl/seconddomain.crt;
ssl_certificate_key /var/ssl/seconddomain.key;
location /media {
root /var/www/html;
index index.html index.htm;
}
location / {
access_log off;
proxy_connect_timeout 15;
proxy_next_upstream error;
proxy_pass http://webapp;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Protocol https;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_redirect off;
}
}
server {
listen IP3:443;
server_name *.thirddomain.com;
ssl on;
ssl_certificate /var/ssl/thirddomain.crt;
ssl_certificate_key /var/ssl/thirddomain.key;
location /media {
root /var/www/html;
index index.html index.htm;
}
location / {
access_log off;
proxy_connect_timeout 15;
proxy_next_upstream error;
proxy_pass http://webapp;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Protocol https;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_redirect off;
}
}
[/code]
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,142634,142634#msg-142634
More information about the nginx
mailing list