IPv6, HTTPS, and SNI
Nikolai Lusan
nikolai at lusan.id.au
Mon Dec 7 10:00:40 UTC 2015
Hi,
I am having in issue using https with multiple sites on ipv6 (nominally
SNI). If I declare more than one listen directive for ipv6 on port 443
nginx refuses to start. The ipv4 configuration is fine, it's only an
issue with ipv6.
Nginx details:
nginx version: nginx/1.9.7
built by gcc 4.9.2
built with OpenSSL 1.0.1k 8 Jan 2015
TLS SNI support enabled
Configuration looks like:
server {
listen 80
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
server_name my_site.com;
ssl_certificate my_site.com.crt;
ssl_certificate_key my_site.com.key;
...
}
server {
listen 80;
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
server_name your_site.com;
ssl_certificate your_site.com.crt;
ssl_certificate_key your_site.com.key;
...
}
Does anyone have an idea on why this might be occurring? In theory ipv6
shouldn't make a difference, and it sure as heck doesn't make a
difference to the ipv4 configuration.
--
Nikolai Lusan <nikolai at lusan.id.au>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20151207/b4105c03/attachment.bin>
More information about the nginx
mailing list