Nginx is Even Better Than I Thought

Wed 09 September 2009 · misc · Tags:

So for quite a few months I was pretty sure having HTTPS on multiple domains with the same IP was a no-go on nginx. I was wrong.

If you have a OpenSSL version >= 0.9.8f with SNI support compiled in and a half-way recent nginx version you are good to go. Just set up as many virtual domains as needed.

Quick example from memory (I'm quite positive it is correct though):

server {
  server_name somedomain.example.com;
  listen 443;

  keepalive_timeout 70;
  ssl on;
  ssl_protocols SSLv3;
  ssl_certificate /some/file.pem;
  ssl_certificate_key /some/file.key;
}
server {
  server_name someotherdomain.example.com;
  listen 443;

  keepalive_timeout 70;
  ssl on;
  ssl_protocols SSLv3;
  ssl_certificate /some/other/file.pem;
  ssl_certificate_key /some/other/file.key;
}
server {
  server_name evenotherdomain.example.com;
}

Keep in mind though, that enabling SSL in any way leads to a kind of catch-all situation. Meaning if you access https://evenotherdomain.exmaple.com you will most likely end up on one of your SSL-enabled domains (domedomain.example.com or someotherdomain.example.com).

Here is what I did to prevent that:

server {
  listen 443;
  server_name evenotherdomain.example.com;
  rewrite ^(.*) http://example.com$1 permanent;
}

Want to talk about it?

Photo of Christian Kaula

I make stuff simple.
Code, interfaces, things.
You can hire me.

Christian Kaula · Thieraufstrasse 2 · 95028 Hof · Germany
Twitter · Xing · GitHub · BitBucket · Django People · Djangogigs
· Mobile +49 179 9709833
http://christiankaula.com

Archive

  1. RESTful Web Applications: Code Less, Do More

    code · Tags:

  2. How to Handle Database Views in Django/South

    code · Tags:

  3. Entrepreneurship Summit 2011 Thoughts

    misc · Tags:

  4. Improving Copy: EntryDNS

    misc · Tags:

  5. How to Come Up With a Good Product Idea (As a Coder)

    misc · Tags:

  6. Siri is from the Future

    interfaces · Tags:

  7. How to Make a Better Analog Watch

    interfaces · Tags:

  8. Where to Not Put Django Templates

    code · Tags:

  9. Camila-overload.de

    projects · Tags:

  10. Studi-tools.de

    projects · Tags:

  11. On CSS Structure

    code · Tags:

  12. My Take on Indention

    code · Tags:

  13. Why Web Development is Done in PHP or Java

    misc · Tags:

  14. Yay for Lanyon

    misc · Tags:

  15. Why My Mac Made My Sansa Clip+ Hang

    misc · Tags:

  16. Python: Decorate a Method That Gets Passed the Class Instance

    code · Tags:

  17. Django Template Tag to Shorten URLs Like Google

    code · Tags:

  18. Studi-tools.de is Online

    projects · Tags:

  19. Nice to Know About Virtualenvwrapper

    tools · Tags:

  20. Having been at Tschitschereengreen

    misc · Tags:

  21. A Howto on Django Syndication

    code · Tags:

  22. The Difference Between Work and Play

    tools · Tags:

  23. Nginx is Even Better Than I Thought

    misc · Tags:

  24. Clear Up Gelato CMS' Gibberish

    code · Tags:

  25. Don't Listen to the Idiot

    misc · Tags:

  26. Snow Leopards' Bad Sides

    misc · Tags:

  27. Make Django Send Mails to Admins Only

    code · Tags:

  28. How to Fix Portage

    code · Tags:

  29. Archive Twitter Stuff With Python

    code · Tags:

  30. Wee Free Icons

    tools · Tags:

  31. The Problem With Django, Nginx and FCGI

    misc · Tags:

  32. New Design

    misc · Tags:

  33. Pink Ponies for Everybody!

    misc · Tags:

  34. Whoosh Makes the Haystack

    tools · Tags:

  35. Selenium is Pretty Neat

    tools · Tags:

  36. OpenID for Free

    tools · Tags:

  37. Multi-Object-Edit With Django FormSets

    code · Tags:

  38. CSS is the New C - Sass is the Future

    tools · Tags:

  39. Where Asimov was Right

    misc · Tags:

  40. The Webdesigners Arch Fiend: IE6

    misc · Tags:

  41. Die Cache, Die

    code · Tags:

  42. What if Twitter Stopped to be Tomorrow?

    misc · Tags:

  43. Django Performance Tuning - Speed Up!

    code · Tags:

  44. Django Members That are in Fact Raw SQL

    code · Tags:

  45. What to Do if You Have to 'Make All Strings Editable'

    code · Tags:

  46. Twitter is Even Worse Than I Thought

    misc · Tags:

  47. A Little Birdy Told Me…

    misc · Tags:

  48. With Django Debug Toolbar You Can Debug Django… Duh

    tools · Tags:

  49. Lackeying Some Trading Card Fun?

    tools · Tags:

  50. By the Power of CSS… I Revisit You

    code · Tags:

  51. Jabberbot is Coming

    projects · Tags:

  52. MacS are Like Tools

    misc · Tags:

  53. Jabber With Me Over XMPP

    projects · Tags:

  54. By the Power of CSS…

    code · Tags:

  55. Why I Barely Ever Read Comments

    misc · Tags:

  56. Internet Explorer 6 on Mac - Actually Easier Than IE on Windows

    misc · Tags:

  57. Bash and the Secret of the Lost Folders

    misc · Tags:

  58. MAME on Mac - Already Like the Sound

    misc · Tags:

  59. Python - Strings Very Much Attached

    code · Tags:

  60. Fun With Forms in Django

    code · Tags:

  61. Subversion: Ignore More

    code · Tags:

  62. It's Time for Python Dateutils

    tools · Tags:

  63. That is Why Developers Aren't Called Testers

    misc · Tags:

  64. Now With Legacy Tag-URLs

    misc · Tags:

  65. Html Validator - Valid HTML - Profit

    tools · Tags:

  66. More Fun With Tracebacks

    tools · Tags:

  67. jQuery That Python

    misc · Tags:

  68. Django Can be Too Convenient

    code · Tags:

  69. Long Live the South

    code · Tags:

  70. Get Windows for Free (For Internet Explorer Testing on Mac)

    misc · Tags:

  71. Viva! Vista! Worms Armageddon!

    misc · Tags:

  72. Fun With Python Stracktraces

    tools · Tags:

  73. So Sweet the Crons - Sweetcron

    tools · Tags:

  74. News From the South

    code · Tags:

  75. VoodooPad - Its a Wiki on Your Desktop

    tools · Tags:

  76. Heeyoo, SEO

    misc · Tags:

  77. Take a Note on the Side With Sidenote

    tools · Tags:

  78. Piwik Even Sounds Cooler Than Google Analytics

    tools · Tags:

  79. Pixen, Pixel… Editor

    tools · Tags:

  80. Long Hard Road Out of Hell

    misc · Tags:

  81. Suspicious SuspiciousOperation Exceptions

    code · Tags:

  82. Apple Mail AKA Hides-Best-Things

    misc · Tags:

  83. Don't Bring Me Down…

    misc · Tags:

  84. Me and the Boys

    misc · Tags:

  85. I Have a Dream

    misc · Tags:

  86. Compress This Mess

    tools · Tags:

  87. Ack, Knowledged

    tools · Tags:

  88. Plug in TextMate

    tools · Tags:

  89. Put Into Grand Perspective

    tools · Tags:

  90. Code-A-Robot

    misc · Tags:

  91. Sub Fine Mecum Nemo Non Consentiet

    misc · Tags:

  92. DNS - the DNA of the Web

    misc · Tags:

  93. Open a Can of Worms

    misc · Tags:

  94. You Don't Print the Web Do You?

    misc · Tags:

  95. Postgres on Mac Revisted

    misc · Tags:

  96. What the Heck is a KeePass?

    tools · Tags:

  97. Saving and Its Massive Effects

    misc · Tags:

  98. I'm Too Cheap for .Mac

    tools · Tags:

  99. You Can Even Calibrate Batteries These Days

    misc · Tags:

  100. Don't Mind Me - Just Passing Through

    misc · Tags:

  101. Virtual Python Revisited

    misc · Tags:

  102. Going South

    code · Tags:

  103. These Windows Aren't Clear at All

    misc · Tags:

  104. Database Switcheroo

    code · Tags:

  105. Django? Isn't That Something Like Rails?

    misc · Tags:

  106. Magical Ponies

    misc · Tags:

  107. Yay for Automatic Deployment

    misc · Tags:

  108. A Quick Comparison of JavaScript Frameworks

    misc · Tags:

  109. Apples and Pears

    misc · Tags:

  110. What I Forgot to Mention…

    misc · Tags:

  111. Good Friends

    misc · Tags:

  112. Me vs Virtualenv

    misc · Tags:

  113. Where to Buy Apples Cheap

    misc · Tags:

  114. First Post!

    misc · Tags:

  115. MacGre

    misc · Tags: