Default ssl server and sni
rthur
nginx-forum at nginx.us
Wed Dec 17 17:06:57 UTC 2014
I have a bunch of https websites available over a single IP working with sni
on nginx 1.0.15.
Currently, anyone accessing a domain name that resolves to the same IP is
greeted with a certificate mismatch error due to nginx choosing the first
server as the default.
Instead of using the first server as the default, I'd like to create a
catch-all https server that drops/resets the tcp connection. As such all
domain names that have an associated server block would still work using
sni, but IPs or other domain names would simply result in a dropped
connection.
Unfortunately, I can't seem to get this to work. If I define the server
block below, all requests are handled by the catch-all server, and all the
websites become inaccessible. Here is the server block I've defined:
server {
listen 443 default_server;
return 443;
}
Does anyone know how I could achieve this?
Thanks!
Arthur
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,255583,255583#msg-255583
More information about the nginx
mailing list