Wrong server used in SSL request
Jonathan Matthews
contact at jpluscplusm.com
Wed Jul 10 07:54:11 UTC 2013
On 10 Jul 2013 08:41, "Jannik Zschiesche" <hello at apfelbox.net> wrote:
>
> Hi everyone,
>
> I have a rather strange issue.
>
> I have a server with 3 configured urls:
>
> example.com (+ ssl)
> shop.example.com (+ ssl)
> example2.com (- ssl)
>
> If I now open https://example2.com the server of https://shop.example.comis used.
>
>
> My config looks like this:
> https://gist.github.com/apfelbox/c13a226633a7df92e3fe
>
>
> Does anybody have an idea?
This is due to you having only one IP listening for ssl traffic. It's a
fundamental limitation of ssl when not used with SNI.
To fix it, you'll need to either use more IPs and listen explicitly on
different ones for different virtual hosts, or use SNI, or use a wildcard
(or UCC/SaN) certificate. The first fix is by far the most common for
people in your situation.
HTH,
Jonathan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20130710/bd0fd4e6/attachment.html>
More information about the nginx
mailing list