Welcome! Log In Create A New Profile

Advanced

Don't send extra cert with default_server

Posted by Lott 
Don't send extra cert with default_server
March 30, 2022 06:37AM
Hello, World!

I have the following block to drop connections without a valid domain:

# --------------------------------------
server {
listen 80 default_server;
return 444;
}
server {
listen 443 ssl http2;
ssl_certificate /etc/nginx/self-signed.cer;
ssl_certificate_key /etc/nginx/self-signed.key;
return 444;
}
# --------------------------------------

and after that, the usual:

# --------------------------------------
server {
server_name example.com www.example.com;
listen 443 ssl http2;
...
# --------------------------------------

Now, the problem is that self-signed certificate is being returned *in addition* to the domain cert.

Can one still drop the "invalid" requests, but avoid sending the dummy certificate?

Thank you! :)
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 156
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready