Hi,

We're using Nginx to front a SaaS platform where customers can white label it if they configure their own domain and upload their own SSL keys to the platform. At the moment we're having to create individual server blocks for each customer.

Is it possible to create a dynamic SSL virtualhost?

I've got this server block

server {
listen 443;
server_name $domain;

access_log "/var/log/nginx/$domain.access.log";
error_log "/var/log/nginx/$domain.error.log";

ssl on;
ssl_certificate /etc/nginx/ssl/$domain/server.crt;
ssl_certificate_key /etc/nginx/ssl/$domain/server.key;

ssl_ciphers HIGH:!aNULL:!MD5:!kEDH:!SSLv2;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:128m;

ssl_session_timeout 1440m;

location / {
root /var/www/html;
index index.html;
}
}

but it throws this error

nginx: [emerg] BIO_new_file("/etc/nginx/ssl/$domain/server.crt") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/nginx/ssl/$domain/server.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)
nginx: configuration file /etc/nginx/nginx.conf test failed

Presumably it's loading the SSL certificates on start up and failing because it's being described dynamically. Is what I'm hoping to achieve impossible?

Does anyone know a better solution for this kind of problem?

I have a same issue with SSL.

I am wondering if you found solution.



Edited 2 time(s). Last edit at 01/03/2014 06:34AM by mishatatinets.

As far as I can tell, Nginx reads the config at start up and loads the SSL certs as it starts up, not as the requests come in, so as it's currently written, I'm not sure this is possible.

Thank you.