Hello! On Wed, Jul 30, 2014 at 10:14:05AM +0800, Matt Silverlock wrote:
> Hi all, > > Had a chat with a helpful person on IRC but both are stumped as > to why my configuration passes a check (nginx -t) but fails to > properly handle SSL. > > – I’ve split a couple of repetitive blocks out into > /etc/nginx/includes/ssl.conf (-rw-r--r-- root:root - same as > nginx.conf - should not be a problem) > – Doing so results in SSL handshake issues (and the connection > fails appropriately) [...] > If I move the include directive (effectively removing the > duplication) into the http block and put the ssl_certificate and > ssl_certificate_key directives into each of the two (2) server > blocks instead of includes/ssl.conf, all is well. But this > conflicts with the documentation (as I interpret it) and still > results in some duplicated configuration. It's good idea to show _full_ config which shows the problem. The snipped you've showed looks fine and expected to work, but it's easy to make things wrong by some hardly noticeable mistake - e.g., missing semicolon. It's also a good idea to take a look into error log - it may have something for you. BTW, as long as there is only one certificate, it's expected to work fine with all ssl options at http{} levels. You don't need to put ssl_certificate and ssl_certificate_key into server{} blocks. -- Maxim Dounin http://nginx.org/ _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx