0

I want nginx to serve as a ssl proxy but for host: "ssl.example.com"

at the same time I want nginx to serve "nginx is ok" website for host: "ssl-check.example.com" (this is just example, please don't suggest any monitoring tools here)

for other hosts pointing to my IP I want to serve 404 or whatever.
- I don't care for certificate mismatch - so SNI is not what I want here.
- I don't want to use described as pitfall solution and use something like

if ($host != $server_name) {
root /var/www/errors/404

All these on single IP.

I have working ssl

server {

with server_name ssl.example.com - working as I want.

another ssl

server {

with server_name ssl_check.example.com - showing "nginx is ok"

and last server (also ssl) without server_name (or with "_" as name) which is supposed to serve 404 but it doesn't work...

SOLVED
My config using the solution looks now (and works) like:

  1. server with "listen 443 ssl;" serving proxy
  2. server with "listen 443 ssl;" serving "nginx is ok"
  3. server with "listen 443 ssl default_server;" and with "location / return 404"

If this config can be in any way dangerous - don't hesitate to put me to shame. Thans

Arek B.
  • 317
  • 1
  • 3
  • 12
  • Ok sorry about the answer, is the last server {} config block just http? – Danie Feb 27 '13 at 13:29
  • nope - last server is also ssl, http on this IP is served by varnish and it works on completely different host http header – Arek B. Feb 27 '13 at 13:56
  • I don't know... maybe in my case I should just make one ssl vhost and inside "server" just use "if + rewrite" in some way... I have never said that what I want to achieve is possible, I just ask you, thanks for help – Arek B. Feb 27 '13 at 14:04

1 Answers1

1

You specify the default virtual host using the default_server option to the listen directive. If you don't set this nginx will choose the first server block with a matching listen directive.

server {
    listen 443 ssl default_server;
    root /var/www/errors/404;
}
mgorven
  • 30,615
  • 7
  • 79
  • 122