Welcome! Log In Create A New Profile

Advanced

Re: Unexpected SSL Behavior with Virtual Hosts

May 16, 2014 09:37AM
Igor Sysoev Wrote:
-------------------------------------------------------
> On 15 May 2014, at 04:01, SAH62 <nginx-forum@nginx.us> wrote:
>
> > Sorry for posting this twice. I posted it in the "How to" forum last
> week,
> > there haven't been any replies, so I thought I'd try again.
> >
> > I'm using nginx for multiple virtual hosts on the same physical
> server. The
> > issue I'm having is that a browser request for
> https://www.domain1.org/ is
> > being answered with a certificate for a different domain. Here's
> what the
> > slices from my config files look like:
> >
> > domain1.conf: (note that there's no listen directive for port 443)
> > server {
> > listen 80;
> > server_name domain1.org www.domain1.org domain1.com www.domain1.com
> > domain1.net www.domain1.net domain1.us www.domain1.us domain1.info
> > www.domain1.info;
> > root /home/domain1/public_html;
> >
> > # more stuff
> > }
> >
> > domain2.conf:
> > server {
> > listen 80;
> >
> > server_name domain2 www.domain2;
> > root /home/domain2/public_html;
> >
> > # more stuff
> > }
> >
> > server { ## SSL config for domain2
> > listen 443 ssl;
> >
> > ssl_certificate /etc/ssl/certs/domain2-chained.crt;
> > ssl_certificate_key /etc/ssl/private/domain2.key;
> > ssl_session_cache shared:SSL:10m;
> > ssl_session_timeout 10m;
> > ssl_protocols SSLv3 TLSv1;
> > ssl_ciphers
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
> > ssl_prefer_server_ciphers on;
> >
> > server_name domain2 www.domain2;
> > root /home/domain2/public_html;
> >
> > # more stuff
> > }
> >
> > server {
> > listen 80;
> >
> > server_name domain3 www.domain3;
> > root /var/www;
> >
> > access_log /var/log/nginx/access-domain3.log;
> > error_log /var/log/nginx/error-domain3.log;
> >
> > return 301 https://$host$request_uri;
> > }
> >
> > server { ## SSL config for domain3
> > listen 443 ssl;
> >
> > ssl_certificate /etc/ssl/certs/domain3-chained.crt;
> > ssl_certificate_key /etc/ssl/private/server.key;
> > ssl_session_cache shared:SSL:10m;
> > ssl_session_timeout 10m;
> > ssl_protocols SSLv3 TLSv1;
> > ssl_ciphers
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
> > ssl_prefer_server_ciphers on;
> >
> > root /var/www;
> > index index.php index.html index.htm;
> >
> > access_log /var/log/nginx/access-domain3-ssl.log;
> > error_log /var/log/nginx/error-domain3-ssl.log;
> > rewrite_log on;
> >
> > server_name www.domain3 domain3;
> >
> > # more stuff
> > }
> >
> > A browser request for https://www.domain1.org/ returns the
> certificate for
> > domain 2 and the content found in the root for domain2. Why is that
> and how
> > can I get the server to redirect to http://www.domain1.org/ instead?
> Thank
> > you…
>
> http://nginx.org/en/docs/http/configuring_https_servers.html#name_base
> d_https_servers

OK, that explains why nginx returns the default certificate. It's listening on 443, it gets a request, and it doesn't know which domain the HTTP request is for so it responds with the default certificate. Why is it sending back the content for domain2, though?

Scott
Subject Author Posted

Unexpected SSL Behavior with Virtual Hosts

SAH62 May 14, 2014 08:01PM

Re: Unexpected SSL Behavior with Virtual Hosts

GreenGecko May 14, 2014 08:28PM

Re: Unexpected SSL Behavior with Virtual Hosts

Igor Sysoev May 15, 2014 06:00AM

Re: Unexpected SSL Behavior with Virtual Hosts

SAH62 May 16, 2014 09:37AM

Re: Unexpected SSL Behavior with Virtual Hosts

Maxim Dounin May 16, 2014 09:44AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 265
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready