How to add Multiple sites with ipv6 and SSL on Nginx ?

milanleon nginx-forum at forum.nginx.org
Fri Aug 30 11:45:34 UTC 2019


I have three websites on one Linode IP and I want to add ipv6 with SSL

1. Wordpress
2. Django1
3. Django2

All of them have SSL certificates from Letsencrypt and I have test them and
they working.

In testing of SSL I have an error with Mismatch and in Debugging error Curl
error: 51 (SSL_PEER_CERTIFICATE)

So my Nginx block are next :

Wordpress:

> server {
    listen 80;
    listen [::]:80;
    server_name wpexample.org www.wpexample.org;
    return 301 https://www.wpexample.org$request_uri;
}
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name www.wpexample.org;
    root /var/www/html/wpexample/src;
    index index.php;
    ssl_certificate /etc/letsencrypt/live/wpexample.org/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/wpexample.org/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/wpexample.org/chain.pem;
    include snippets/ssl.conf;
    include snippets/letsencrypt.conf;


First Django Site

>server {
    listen 80;
    listen [::]:80;
    server_name django1.org www.django1.org;
    rewrite  ^(.*) https://www.django1.org$request_uri;
}
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name django1.org www.django1.org;
    index index.html index.htm;
    ssl_certificate /etc/letsencrypt/live/django1.org/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/django1.org/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/django1.org/chain.pem;
    include snippets/ssl.conf;
    include snippets/letsencrypt.conf;


Second Django Site 

>server {
   listen 80;
   listen [::]:80;
   server_name django2.rs www.django2.rs;
   include /etc/nginx/snippets/letsencrypt.conf;
   rewrite  ^(.*) https://django2.rs$request_uri;
}
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
   server_name django2.rs www.django2.rs;
    index index.html index.htm;
    ssl_certificate /etc/letsencrypt/live/django2.rs/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/django2.rs/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/django2.rs/chain.pem;
    include snippets/ssl.conf;
    include snippets/letsencrypt.conf;


The problem is comming when I try to test both Django sites with
ssllabs.com

>Certificate #2: RSA 2048 bits (SHA256withRSA) No SNI
The error what I see is "Alternative names 	wpexample.org www.wpexample.org 
 MISMATCH"

And this error is comes for both of Django sites when i test them


I have trying to add for both of sites in Nginx blocks **listen [::]:443;
default_server and ipv6conly**  but then my sites are unavailable and it's
shows same Mismatch in testing.

Also I got all A+ for both Django sites in ssllabs.com

Does anyone have an idea how to solve this issues?

Thanks a lot in advance

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,285450,285450#msg-285450



More information about the nginx mailing list