how do I run multiple https web sites on a single IP address
Francis Daly
francis at daoine.org
Tue Jan 2 22:53:59 UTC 2018
On Tue, Jan 02, 2018 at 11:27:07AM -0500, Kurogane wrote:
Hi there,
> >http://nginx.org/en/docs/http/configuring_https_servers.html
>
> I'm not sure what is your point here? nginx have built SNI a decade ago even
> CentOS have nginx updated version.
>
> If my nginx not have enabled or not SNI support then why works with www?
Ah, sorry - I had missed that https://www.domain.com, https://domain.com,
and https://www.domain2.com all worked ok on IPv4. It is only
https://domain2.com that presents an unwanted certificate.
(And it presents the certificate for domain.com, even though
www.domain.com is configured as the default_server.)
Do you have four separate ssl certificate files, each of which is valid
for a single server name?
Or do you have one ssl certificate file which is valid for multiple
server names?
> Can you enlighten me what i do wrong or what is the "special" configuration
> to use SNI with shared IPv4 address.
One guess - is there any chance that the contents of the ssl_certificate
file that applies in the domain2.com server{} block is actually the
domain.com certificate? (Probably not, because the IPv6 connection should
be using the same ssl_certificate, and no error was reported there.)
Other than that, I don't know. Can you provide a complete config and
test commands that someone else can use to recreate the problem?
Or, to rule out any strange IPv4/IPv6 interaction -- do you see the same
behaviour when you remove all of the IPv6 config?
Good luck with it,
f
--
Francis Daly francis at daoine.org
More information about the nginx
mailing list