Nginx serving extra ssl certs

Fabian A. Santiago fsantiago at garbage-juice.com
Sun Mar 12 15:54:15 UTC 2017


Hello nginx world,

I hope you can help me track down my issue.

First, I'm running:

Centos 7.3.1611
Nginx 1.11.10
Openssl 1.0.1e-fips

My issue is I run 11 virtual sites, all listening on both ipv4 & 6, same two addresses, so obviously I rely on SNI. One site also listens on tor.

When I check the ssl responses using either ssllabs server test or openssl s_client, my sites work fine but also serve an extra 2nd cert meant for the wrong hostname. I'm confused as I see no issue with my config files.

I've attached a sample of my config files for one site for your perusal. 

You can also check this domain for yourself:

server1.garbage-juice.com

Thanks for your help.


-- 
Thanks.
Fabian S.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Documents.7z
Type: application/octet-stream
Size: 1304 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20170312/9e24ea74/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 870 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20170312/9e24ea74/attachment.bin>


More information about the nginx mailing list