Welcome! Log In Create A New Profile

Re: Unexpected SSL Behavior with Virtual Hosts

Forum List Message List New Topic Print View

SAH62

May 16, 2014 09:37AM

Registered: 10 years ago
Posts: 10

Igor Sysoev Wrote:
-------------------------------------------------------
> On 15 May 2014, at 04:01, SAH62 <nginx-forum@nginx.us> wrote:
>
> > Sorry for posting this twice. I posted it in the "How to" forum last
> week,
> > there haven't been any replies, so I thought I'd try again.
> >
> > I'm using nginx for multiple virtual hosts on the same physical
> server. The
> > issue I'm having is that a browser request for
> https://www.domain1.org/ is
> > being answered with a certificate for a different domain. Here's
> what the
> > slices from my config files look like:
> >
> > domain1.conf: (note that there's no listen directive for port 443)
> > server {
> > listen 80;
> > server_name domain1.org www.domain1.org domain1.com www.domain1.com
> > domain1.net www.domain1.net domain1.us www.domain1.us domain1.info
> > www.domain1.info;
> > root /home/domain1/public_html;
> >
> > # more stuff
> > }
> >
> > domain2.conf:
> > server {
> > listen 80;
> >
> > server_name domain2 www.domain2;
> > root /home/domain2/public_html;
> >
> > # more stuff
> > }
> >
> > server { ## SSL config for domain2
> > listen 443 ssl;
> >
> > ssl_certificate /etc/ssl/certs/domain2-chained.crt;
> > ssl_certificate_key /etc/ssl/private/domain2.key;
> > ssl_session_cache shared:SSL:10m;
> > ssl_session_timeout 10m;
> > ssl_protocols SSLv3 TLSv1;
> > ssl_ciphers
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
> > ssl_prefer_server_ciphers on;
> >
> > server_name domain2 www.domain2;
> > root /home/domain2/public_html;
> >
> > # more stuff
> > }
> >
> > server {
> > listen 80;
> >
> > server_name domain3 www.domain3;
> > root /var/www;
> >
> > access_log /var/log/nginx/access-domain3.log;
> > error_log /var/log/nginx/error-domain3.log;
> >
> > return 301 https://$host$request_uri;
> > }
> >
> > server { ## SSL config for domain3
> > listen 443 ssl;
> >
> > ssl_certificate /etc/ssl/certs/domain3-chained.crt;
> > ssl_certificate_key /etc/ssl/private/server.key;
> > ssl_session_cache shared:SSL:10m;
> > ssl_session_timeout 10m;
> > ssl_protocols SSLv3 TLSv1;
> > ssl_ciphers
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
> > ssl_prefer_server_ciphers on;
> >
> > root /var/www;
> > index index.php index.html index.htm;
> >
> > access_log /var/log/nginx/access-domain3-ssl.log;
> > error_log /var/log/nginx/error-domain3-ssl.log;
> > rewrite_log on;
> >
> > server_name www.domain3 domain3;
> >
> > # more stuff
> > }
> >
> > A browser request for https://www.domain1.org/ returns the
> certificate for
> > domain 2 and the content found in the root for domain2. Why is that
> and how
> > can I get the server to redirect to http://www.domain1.org/ instead?
> Thank
> > you…
>
> http://nginx.org/en/docs/http/configuring_https_servers.html#name_base
> d_https_servers

OK, that explains why nginx returns the default certificate. It's listening on 443, it gets a request, and it doesn't know which domain the HTTP request is for so it responds with the default certificate. Why is it sending back the content for domain2, though?

Scott

Reply Quote

RSS

Subject	Author	Posted
Unexpected SSL Behavior with Virtual Hosts	SAH62	May 14, 2014 08:01PM
Re: Unexpected SSL Behavior with Virtual Hosts	GreenGecko	May 14, 2014 08:28PM
Re: Unexpected SSL Behavior with Virtual Hosts	Igor Sysoev	May 15, 2014 06:00AM
Re: Unexpected SSL Behavior with Virtual Hosts	SAH62	May 16, 2014 09:37AM
Re: Unexpected SSL Behavior with Virtual Hosts	Maxim Dounin	May 16, 2014 09:44AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 319

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018