Welcome! Log In Create A New Profile

Advanced

Re: Why can't I use the "ssl" modified on more than one listen statement?

Maxim Dounin
September 21, 2010 12:10PM
Hello!

On Tue, Sep 21, 2010 at 11:39:46AM -0400, portante wrote:

> Hi,
>
> The following is an example of how we would like to run our
> configuration.
>
> [code]
> ssl_certificate common.crt;
> ssl_certificate_key common.key;
>
> server {
> listen 80;
> server_name www.nginx.org;
> ...
> }
>
> server {
> listen 443 default ssl;
> server_name secure.nginx.org;
> ...
> }
>
> server {
> listen 80;
> listen 443 ssl;
> server_name images.nginx.org;
> include images.location;
> }
> [/code]
>
> We encounter the following error trying to install the configuration:
> [code]
> [emerg]: a duplicate listen options for 0.0.0.0:443 in
> /usr/local/etc/nginx/projects/proj.conf:19
> [/code]
>
> All of the server names are CNAMEs of one IP address.
>
> If I do the following, it works:
>
> [code]
> ssl_certificate common.crt;
> ssl_certificate_key common.key;
>
> server {
> listen 80;
> server_name www.nginx.org;
> ...
> }
>
> server {
> listen 443 default ssl;
> server_name secure.nginx.org;
> ...
> }
>
> server {
> listen 80;
> server_name images.nginx.org;
> include images.location;
> }
>
> server {
> listen 443;
> ssl on;
> server_name images.nginx.org;
> include images.location;
> }
> [/code]
>
> Why can I not specify like the first example above?

Socket can't be in ssl mode for some servers and in non-ssl for
others, so there is no need to specify "ssl" argument for
non-default servers. I.e. this will work with ssl in both
servers:

server {
listen 443 default ssl;
...
}

server {
listen 443;
...
}

In your first configuration nginx was able to detect that you used
meaningless "ssl" argument in second server and complained. In
second configuration it wasn't able to detect meaningless "ssl
on;" statement. This is the only difference.

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx
Subject Author Posted

Why can't I use the "ssl" modified on more than one listen statement?

portante September 21, 2010 11:39AM

Re: Why can't I use the "ssl" modified on more than one listen statement?

Maxim Dounin September 21, 2010 12:10PM

Re: Why can't I use the "ssl" modified on more than one listen statement?

portante September 21, 2010 01:42PM

Re: Why can't I use the "ssl" modified on more than one listen statement?

portante September 21, 2010 01:44PM

Re: Why can't I use the "ssl" modified on more than one listen statement?

portante September 25, 2010 11:00AM

Re: Why can't I use the "ssl" modified on more than one listen statement?

Igor Sysoev September 27, 2010 06:14AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 89
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready