Forum: NGINX Merge HTTP & HTTPS Definition In The Same Section

Merge HTTP & HTTPS Definition In The Same Section
Posted by Yaoxing (Guest)
on 2010-02-03 08:22
(Received via mailing list) 
Hi all,
I'm wondering if it's possible to merge the HTTP and HTTPS definition
into one section.
The situation is like this, my server serves both HTTP and HTTPS, both
of them have the same redirecting rules. I don't want to define them in
2 places. I looked up the document and find that it is possible to bind
both HTTP & HTTPS ports in the same "server" section like this:
listen 80;
listen 443 default ssl;
but in this way how can I define stuff related to SSL? Such as
certifications etc.? I tried
if ($server_ports = 443) {
ssl on;
ssl_certificate /etc/ssl/abc.pem;
ssl_certificate_key /etc/ssl/abc.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
}
but i'm told that
"ssl" directive is not allowed here
Could anyone tell me how to do it?
Thanks for help.
--

Regards,
Yaoxing
Edit | Move | Delete topic | Reply with quote
Re: Merge HTTP & HTTPS Definition In The Same Section
Posted by Micha Glave (Guest)
on 2010-02-03 14:51
(Received via mailing list) 
Am 03.02.2010 um 08:21 schrieb Yaoxing:

> I'm wondering if it's possible to merge the HTTP and HTTPS definition
> into one section.
I would prefer a include file.
> ssl_certificate /etc/ssl/abc.pem;
> ssl_certificate_key /etc/ssl/abc.key;
> ssl_session_timeout 5m;
> ssl_protocols SSLv2 SSLv3 TLSv1;
> ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
> ssl_prefer_server_ciphers on;
> }
----
server.conf

server {
  listen 80;
  include server_def.conf;
}

server {
  listen 443;
  ssl on;
  ssl_certificate /etc/ssl/abc.pem;
  ssl_certificate_key /etc/ssl/abc.key;
  ...
  include server_def.conf;
}
----
server_def.conf

server_name   domain.com;
index      index.php;
...
----

This way I include nearly anything reusable. (eg. drupal-conf)

Micha
Edit | Delete | Reply with quote
Re: Merge HTTP & HTTPS Definition In The Same Section
Posted by Igor Sysoev (Guest)
on 2010-02-03 14:53
(Received via mailing list) 
On Wed, Feb 03, 2010 at 03:21:12PM +0800, Yaoxing wrote:

> certifications etc.? I tried
> "ssl" directive is not allowed here
> Could anyone tell me how to do it?

http://nginx.org/en/docs/http/configuring_https_servers.html#single_http_https_server


--
Igor Sysoev
http://sysoev.ru/en/
Edit | Delete | Reply with quote
Re: Merge HTTP & HTTPS Definition In The Same Section
Posted by Yaoxing (Guest)
on 2010-02-05 03:48
(Received via mailing list) 
Got your idea. Thanks to Micha and Igor.

Regards,
Yaoxing
Edit | Delete | Reply with quote
Enable email notification | Enable multi-page view
Please log in before posting. Registration is free and takes only a minute.
Existing account (Switch to SSL-encrypted connection)
NEW: Do you have a Google/GoogleMail or Yahoo account? No registration required!
Log in with Google account | Log in with Yahoo account
No account? Register here.
Powered by RForum and Captchator. Contact information - E-Mail: webmaster (at) ruby-forum (dot) com.