Welcome! Log In Create A New Profile

Advanced

Multi wildcard certificates for multi wildcard domains

Posted by rocklee44 
Forum List Message List New Topic
rocklee44
Multi wildcard certificates for multi wildcard domains
January 28, 2018 10:57PM
Hi all,
This is my environment :
CentOS release 6.4 (Final) , nginx-1.8.1-1.el6.ngx.x86_64
[quote]
nginx -V
nginx version: nginx/1.8.1
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-16) (GCC)
built with OpenSSL 1.0.1e-fips 11 Feb 2013
TLS SNI support enabled
[/quote]
I have 2 web sites : website1 (multi sub domain abc.website1.com , xyz.website1.com) and website2 (single domain website2.com) , this is nginx configuration:
[quote]
server {
# website1 redirect http to https
listen ip:80;
server_name *.website1.com;
return 301 https://$host$request_uri;
}

server {
# website2 redirect http to https
listen ip:80;
server_name website2.com;
return 301 https://$host$request_uri;
}

server {
listen ip:443 ssl;
ssl_certificate path-to-website1-wildcard-certificate-file;
ssl_certificate_key path-to-website1-pricatekey-file;
ssl_session_cache shared:SSL:10m;
server_name *.website1.com;
...
}

server {
listen ip:443 ssl;
ssl_certificate path-to-website2-single-domain-certificate-file;
ssl_certificate_key path-to-website2-pricatekey-file;
ssl_session_cache shared:SSL:10m;
server_name website2.com;
...
}
[/quote]
Everything works fine. Now I purchased wildcard certificate for website2, so I change configuration :
[quote]
server {
# website1 redirect http to https
listen ip:80;
server_name *.website1.com;
return 301 https://$host$request_uri;
}

server {
# website2 redirect http to https
listen ip:80;
server_name *.website2.com;
return 301 https://$host$request_uri;
}

server {
listen ip:443 ssl;
ssl_certificate path-to-website1-wildcard-certificate-file;
ssl_certificate_key path-to-website1-pricatekey-file;
ssl_session_cache shared:SSL:10m;
server_name *.website1.com;
...
}

server {
listen ip:443 ssl;
ssl_certificate path-to-website2-wildcard-certificate-file;
ssl_certificate_key path-to-website2-pricatekey-file;
ssl_session_cache shared:SSL:10m;
server_name *.website2.com;
...
}
[/quote]
After reload, I can access to https://website1.com successfully but when I access to https://website2.com I get error about certificate points to wrong domain. I add exception and find out that nginx use website1 wildcard certificate for website2 requests/response.
I don't understand why nginx doesn't handle 2 different wildcard certificates for 2 different wildcard domains, is it normal ? Or I did something wrong ?
Now I have to change configuration with website2 to :
[quote]
server {
# website2 redirect http to https
listen ip:80;
server_name website2.com abc.website2.com xyz.website2.com;
return 301 https://$host$request_uri;
}

server {
listen ip:443 ssl;
ssl_certificate path-to-website2-wildcard-certificate-file;
ssl_certificate_key path-to-website2-pricatekey-file;
ssl_session_cache shared:SSL:10m;
server_name website2.com abc.website2.com xyz.website2.com;
...
}
[/quote]
to pass through problem temporary.
Can anyone give me some advice ? Thank you very much.



Edited 2 time(s). Last edit at 01/28/2018 11:04PM by rocklee44.
Reply Quote
rocklee44
Re: Multi wildcard certificates for multi wildcard domains
February 06, 2018 08:48PM
Hello ? Anyone gets same problem ?
Reply Quote
Newer Topic Older Topic
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 259
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready