Welcome! Log In Create A New Profile

Advanced

Rewrites for sites without SSL on same IP address as those using SSL

April 09, 2012 09:41AM
I have a few sites on a single IP and a single nginx instance. Some domains have SSL certificates (and listen on ports 80 and 443) and some don't (and only listen on port 80).

For those domains that don't have an SSL certificate, including a server block listening on port 443 to rewrite to port 80 does not work. I understand this is because the SSL exchange happens prior to the server name being inspected.

When browsing over https to one of the sites without an SSL certificate, the current behaviour is that a security warning is presented to the client that lists the certificate for the default_server and not the appropriate domain.

Is there a way to rewrite https requests to http (for the domains with an SSL certificate) while retaining the appropriate domain?

If not, is the best way to resolve this to add an additional IP and use one for those sites requiring ports 80 and 443 and another for those only using port 80?

Thanks.
Subject Author Posted

Rewrites for sites without SSL on same IP address as those using SSL

auxbuss April 09, 2012 09:41AM

Re: Rewrites for sites without SSL on same IP address as those using SSL

Igor Sysoev April 09, 2012 09:56AM

Re: Rewrites for sites without SSL on same IP address as those using SSL

auxbuss April 09, 2012 09:57AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 188
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready