secret
Last active

Unable to get SNI Working with nginx v1.4.1

  • Download Gist
nginx.conf
Nginx
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
user www-data;
worker_processes 4;
pid /run/nginx.pid;
 
events {
worker_connections 768;
}
 
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
 
include /etc/nginx/mime.types;
default_type application/octet-stream;
 
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
 
gzip on;
gzip_disable "msie6";
 
include /etc/nginx/sites-enabled/*;
}
ssl.nginx.conf
1 2
ssl on;
ssl_ciphers AES256-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
vhost1.nginxconf
Nginx
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37
#
# HTTPS/SSL Server #########################################################
#
 
upstream foo {
server app-01.private.example.com:1000;
}
 
server {
listen 1.2.3.4:443 ssl;
server_name foo.com;
 
include conf.d/ssl.conf;
ssl_certificate /etc/nginx/certs/foo.com-combined.crt;
ssl_certificate_key /etc/nginx/certs/foo.com.key;
 
location / {
proxy_pass https://foo;
}
}
 
server {
listen 1.2.3.4:443 ssl;
server_name www.foo.com;
 
include conf.d/ssl.conf;
ssl_certificate /etc/nginx/certs/foo.com-combined.crt;
ssl_certificate_key /etc/nginx/certs/foo.com.key;
 
rewrite ^ $scheme://foo.com$request_uri? permanent;
}
 
server {
listen 1.2.3.4:80;
server_name foo.com www.foo.com;
rewrite ^ https://$server_name$request_uri? permanent;
}
vhost2.nginxconf
Nginx
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37
#
# HTTPS/SSL Server #########################################################
#
 
upstream bar {
server app-01.private.example.com:1001;
}
 
server {
listen 1.2.3.4:443 ssl;
server_name bar.com;
 
include conf.d/ssl.conf;
ssl_certificate /etc/nginx/certs/bar.com-combined.crt;
ssl_certificate_key /etc/nginx/certs/bar.com.key;
 
location / {
proxy_pass https://bar;
}
}
 
server {
listen 1.2.3.4:443 ssl;
server_name www.bar.com;
 
include conf.d/ssl.conf;
ssl_certificate /etc/nginx/certs/bar.com-combined.crt;
ssl_certificate_key /etc/nginx/certs/bar.com.key;
 
rewrite ^ $scheme://bar.com$request_uri? permanent;
}
 
server {
listen 1.2.3.4:80;
server_name bar.com www.bar.com;
rewrite ^ https://$server_name$request_uri? permanent;
}

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.