Hello! On Fri, May 16, 2014 at 09:37:12AM -0400, SAH62 wrote:
> Igor Sysoev Wrote: > ------------------------------------------------------- > > On 15 May 2014, at 04:01, SAH62 <[email protected]> wrote: > > > > > Sorry for posting this twice. I posted it in the "How to" forum last > > week, > > > there haven't been any replies, so I thought I'd try again. > > > > > > I'm using nginx for multiple virtual hosts on the same physical > > server. The > > > issue I'm having is that a browser request for > > https://www.domain1.org/ is > > > being answered with a certificate for a different domain. Here's > > what the > > > slices from my config files look like: > > > > > > domain1.conf: (note that there's no listen directive for port 443) > > > server { > > > listen 80; > > > server_name domain1.org www.domain1.org domain1.com www.domain1.com > > > domain1.net www.domain1.net domain1.us www.domain1.us domain1.info > > > www.domain1.info; > > > root /home/domain1/public_html; > > > > > > # more stuff > > > } > > > > > > domain2.conf: > > > server { > > > listen 80; > > > > > > server_name domain2 www.domain2; > > > root /home/domain2/public_html; > > > > > > # more stuff > > > } > > > > > > server { ## SSL config for domain2 > > > listen 443 ssl; > > > > > > ssl_certificate /etc/ssl/certs/domain2-chained.crt; > > > ssl_certificate_key /etc/ssl/private/domain2.key; > > > ssl_session_cache shared:SSL:10m; > > > ssl_session_timeout 10m; > > > ssl_protocols SSLv3 TLSv1; > > > ssl_ciphers > > ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP; > > > ssl_prefer_server_ciphers on; > > > > > > server_name domain2 www.domain2; > > > root /home/domain2/public_html; > > > > > > # more stuff > > > } > > > > > > server { > > > listen 80; > > > > > > server_name domain3 www.domain3; > > > root /var/www; > > > > > > access_log /var/log/nginx/access-domain3.log; > > > error_log /var/log/nginx/error-domain3.log; > > > > > > return 301 https://$host$request_uri; > > > } > > > > > > server { ## SSL config for domain3 > > > listen 443 ssl; > > > > > > ssl_certificate /etc/ssl/certs/domain3-chained.crt; > > > ssl_certificate_key /etc/ssl/private/server.key; > > > ssl_session_cache shared:SSL:10m; > > > ssl_session_timeout 10m; > > > ssl_protocols SSLv3 TLSv1; > > > ssl_ciphers > > ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP; > > > ssl_prefer_server_ciphers on; > > > > > > root /var/www; > > > index index.php index.html index.htm; > > > > > > access_log /var/log/nginx/access-domain3-ssl.log; > > > error_log /var/log/nginx/error-domain3-ssl.log; > > > rewrite_log on; > > > > > > server_name www.domain3 domain3; > > > > > > # more stuff > > > } > > > > > > A browser request for https://www.domain1.org/ returns the > > certificate for > > > domain 2 and the content found in the root for domain2. Why is that > > and how > > > can I get the server to redirect to http://www.domain1.org/ instead? > > Thank > > > you… > > > > http://nginx.org/en/docs/http/configuring_https_servers.html#name_base > > d_https_servers > > OK, that explains why nginx returns the default certificate. It's listening > on 443, it gets a request, and it doesn't know which domain the HTTP request > is for so it responds with the default certificate. Why is it sending back > the content for domain2, though? Because it's the default server for the listening socket on port 443. See here for details: http://nginx.org/en/docs/http/request_processing.html -- Maxim Dounin http://nginx.org/ _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
