Defining a default server for when vhost does not exist for requested hostname (including blank hostname), for http and https

Jonathan Matthews contact at jpluscplusm.com
Fri Mar 28 14:53:18 UTC 2014


On 28 March 2014 14:31, Ben Johnson <ben at indietorrent.org> wrote:
> Is there any way to av,oid this certificate being presented, but still
> return the 444 response under the conditions I've described?

I'd /suspect/ not, as the 444 response can't be "delivered" (i.e. the
connection closed) until sufficient information has been passed over
the already-SSL-secured connection. In other words, the cert *has* to
be used to secure the channel over which the HTTP request will be
made, and only after its been made can the correct server{} block be
chosen and the response delivered - even if the response is simply to
close the connection.

J



More information about the nginx mailing list