Hi,
We're using Nginx to front a SaaS platform where customers can white label it if they configure their own domain and upload their own SSL keys to the platform. At the moment we're having to create individual server blocks for each customer.
Is it possible to create a dynamic SSL virtualhost?
I've got this server block
server {
listen 443;
server_name $domain;
access_log "/var/log/nginx/$domain.access.log";
error_log "/var/log/nginx/$domain.error.log";
ssl on;
ssl_certificate /etc/nginx/ssl/$domain/server.crt;
ssl_certificate_key /etc/nginx/ssl/$domain/server.key;
ssl_ciphers HIGH:!aNULL:!MD5:!kEDH:!SSLv2;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:128m;
ssl_session_timeout 1440m;
location / {
root /var/www/html;
index index.html;
}
}
but it throws this error
nginx: [emerg] BIO_new_file("/etc/nginx/ssl/$domain/server.crt") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/nginx/ssl/$domain/server.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)
nginx: configuration file /etc/nginx/nginx.conf test failed
Presumably it's loading the SSL certificates on start up and failing because it's being described dynamically. Is what I'm hoping to achieve impossible?
Does anyone know a better solution for this kind of problem?