Hello, World!
I have the following block to drop connections without a valid domain:
# --------------------------------------
server {
listen 80 default_server;
return 444;
}
server {
listen 443 ssl http2;
ssl_certificate /etc/nginx/self-signed.cer;
ssl_certificate_key /etc/nginx/self-signed.key;
return 444;
}
# --------------------------------------
and after that, the usual:
# --------------------------------------
server {
server_name example.com www.example.com;
listen 443 ssl http2;
...
# --------------------------------------
Now, the problem is that self-signed certificate is being returned *in addition* to the domain cert.
Can one still drop the "invalid" requests, but avoid sending the dummy certificate?
Thank you! :)