Welcome! Log In Create A New Profile

Advanced

assigning different SSL cert -- per ingress/listener IP?

pgn
May 06, 2020 11:04AM
I have a single Nginx server configured to listen on two IPs on my VPS host -- an external/public IP (X.X.X.55) and an internal/LAN IP (10.10.10.55).

Atm, it's a *single* "server_name" (host.example.com) for both IPs ... handled by a split-horizon DNS that returns the IP address for that hostname depending on the query origin -- public net, or internal LAN.

It works as expected.

I'd _like_ to setup different SSL cert/key/CA handshake configs to be used -- depending on the ingress IP.

Specifically,

for ingress via internal/LAN IP (10.10.10.55), I want to use an internally generated, self-signed cert -- from my own/local CA -- with ssl verify ON,

and

for ingress via external/public IP (X.X.X.55), I want to use a LetsEncrypt-generated public cert, with ssl verify OFF.

Is this^ possible with Nginx config? Any examples?
Subject Author Posted

assigning different SSL cert -- per ingress/listener IP?

pgn May 06, 2020 11:04AM

Re: assigning different SSL cert -- per ingress/listener IP?

J.R. May 06, 2020 04:22PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 89
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready