Thanks Maxim!

This is something interesting to know.

We had an outage last year when we had bunch of virtual hosts all with
listen a.b.c.d:443 ssl;
and someone added a new virtual host with
listen a.b.c.d:443;
and caused 443 no longer doing SSL.
Based on what you said, this should not happen. I need to dig deeper into
it.

Frank


On Mon, Apr 16, 2018 at 9:49 AM, Maxim Dounin <mdou...@mdounin.ru> wrote:

> Hello!
>
> On Mon, Apr 16, 2018 at 08:13:42AM -0700, Frank Liu wrote:
>
> > Does that mean nginx will read and combine listen options from
> > all virtual hosts and use that to create listening socket?
>
> Yes.  You can configure something like this:
>
>    server {
>        listen 443 ssl;
>        ...
>    }
>
>    server {
>        listen 443;
>        ...
>    }
>
> and both servers will use SSL.  Moreover, currently you can do
> something like this:
>
>    server {
>        listen 443 ssl;
>        ...
>    }
>
>    server {
>        listen 443 http2;
>        ...
>    }
>
> and both servers will use SSL and HTTP/2.  (The latter is actually
> very confusing, and likely will result in warnings / errors during
> configuration parsing in future versions.)
>
> --
> Maxim Dounin
> http://mdounin.ru/
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply via email to