Virtual hosts sharing same port
Frank Liu
gfrankliu at gmail.com
Mon Apr 16 21:16:12 UTC 2018
Thanks Maxim!
This is something interesting to know.
We had an outage last year when we had bunch of virtual hosts all with
listen a.b.c.d:443 ssl;
and someone added a new virtual host with
listen a.b.c.d:443;
and caused 443 no longer doing SSL.
Based on what you said, this should not happen. I need to dig deeper into
it.
Frank
On Mon, Apr 16, 2018 at 9:49 AM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> Hello!
>
> On Mon, Apr 16, 2018 at 08:13:42AM -0700, Frank Liu wrote:
>
> > Does that mean nginx will read and combine listen options from
> > all virtual hosts and use that to create listening socket?
>
> Yes. You can configure something like this:
>
> server {
> listen 443 ssl;
> ...
> }
>
> server {
> listen 443;
> ...
> }
>
> and both servers will use SSL. Moreover, currently you can do
> something like this:
>
> server {
> listen 443 ssl;
> ...
> }
>
> server {
> listen 443 http2;
> ...
> }
>
> and both servers will use SSL and HTTP/2. (The latter is actually
> very confusing, and likely will result in warnings / errors during
> configuration parsing in future versions.)
>
> --
> Maxim Dounin
> http://mdounin.ru/
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20180416/4d1db12a/attachment-0001.html>
More information about the nginx
mailing list