On Tue, Jan 02, 2018 at 11:27:07AM -0500, Kurogane wrote: Hi there,
> >http://nginx.org/en/docs/http/configuring_https_servers.html > > I'm not sure what is your point here? nginx have built SNI a decade ago even > CentOS have nginx updated version. > > If my nginx not have enabled or not SNI support then why works with www? Ah, sorry - I had missed that https://www.domain.com, https://domain.com, and https://www.domain2.com all worked ok on IPv4. It is only https://domain2.com that presents an unwanted certificate. (And it presents the certificate for domain.com, even though www.domain.com is configured as the default_server.) Do you have four separate ssl certificate files, each of which is valid for a single server name? Or do you have one ssl certificate file which is valid for multiple server names? > Can you enlighten me what i do wrong or what is the "special" configuration > to use SNI with shared IPv4 address. One guess - is there any chance that the contents of the ssl_certificate file that applies in the domain2.com server{} block is actually the domain.com certificate? (Probably not, because the IPv6 connection should be using the same ssl_certificate, and no error was reported there.) Other than that, I don't know. Can you provide a complete config and test commands that someone else can use to recreate the problem? Or, to rule out any strange IPv4/IPv6 interaction -- do you see the same behaviour when you remove all of the IPv6 config? Good luck with it, f -- Francis Daly [email protected] _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
