SSL on/off on same port and IP
Ingo Lafrenz
lists at der-ingo.de
Tue Jun 23 14:43:23 UTC 2015
Hi,
consider the following very simple nginx config:
http {
server {
listen 127.0.0.1:123;
server_name abc;
}
server {
listen 127.0.0.1:123 ssl;
server_name xyz;
ssl_certificate...;
}
}
In words:
I instruct nginx to listen on the same port and IP, one time without
ssl, one time with ssl. IMHO this is a broken config, however nginx
accepts it.
What would you say? Should nginx reject such a config? Right now you
only get an error at request time.
It gets even worse, if the 2nd server is configured with the ssl
directive instead of "listen ssl":
server {
listen 127.0.0.1:123;
server_name xyz;
ssl on;
ssl_certificate...;
}
In that case you don't even see an error in the logs anymore and clients
can't connect via https anymore.
Cheers, Ingo =;->
More information about the nginx
mailing list