Thanks Maxim!
This is something interesting to know.
We had an outage last year when we had bunch of virtual hosts all with
listen a.b.c.d:443 ssl;
and someone added a new virtual host with
listen a.b.c.d:443;
and caused 443 no longer doing SSL.
Based on what you said, this should not happen. I need to dig deeper into
it.
Frank
On Mon, Apr 16, 2018 at 9:49 AM, Maxim Dounin <mdounin@mdounin.ru> wrote:
> Hello!
>
> On Mon, Apr 16, 2018 at 08:13:42AM -0700, Frank Liu wrote:
>
> > Does that mean nginx will read and combine listen options from
> > all virtual hosts and use that to create listening socket?
>
> Yes. You can configure something like this:
>
> server {
> listen 443 ssl;
> ...
> }
>
> server {
> listen 443;
> ...
> }
>
> and both servers will use SSL. Moreover, currently you can do
> something like this:
>
> server {
> listen 443 ssl;
> ...
> }
>
> server {
> listen 443 http2;
> ...
> }
>
> and both servers will use SSL and HTTP/2. (The latter is actually
> very confusing, and likely will result in warnings / errors during
> configuration parsing in future versions.)
>
> --
> Maxim Dounin
> http://mdounin.ru/
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx