Make Nginx fail when SSL certificate not present, instead of hopping to only available certificate
Posted
by
Oli
on Server Fault
See other posts from Server Fault
or by Oli
Published on 2013-11-12T17:12:08Z
Indexed on
2013/11/13
3:57 UTC
Read the original article
Hit count: 502
I've got a bunch of websites on a server, all hosted through nginx. One site has a certificate, the others do not. Here's an example of two sites, using (fairly accurate) representations of real configuration:
server {
listen 80;
server_name ssl.example.com;
return 301 https://ssl.example.com$request_uri;
}
server {
listen 443 ssl;
server_name ssl.example.com;
}
server {
listen 80;
server_name nossl.example.com;
}
SSL works on ssl.example.com
great. If I visit http://nossl.example.com
, that works great, but if I try to visit https://nossl.example.com
(note the SSL), I get ugly warnings about the certificate being for ssl.example.com
.
By the sounds of it, because ssl.example.com
is the only site listening on port 443, all requests are being sent to it, regardless of domain name.
Is there anything I can do to make sure a Nginx server directive only responds to domains it's responsible for?
© Server Fault or respective owner