2 certs, 1 domain, 1 IP

is it possible with SNI and nginx to have both an ECDSA and RSA cert
serving 1 website on 1 IP ?

best practices ?

it works with postfix
i guess not in nginx
feature request ?

nginx: [emerg] “ssl_certificate” directive is duplicate in
/etc/nginx.conf:53
nginx: configuration file /etc/nginx.conf test failed

hi rob,

Rob Stradling wrote:

On 17/09/14 16:17, [email protected] wrote:

it works with postfix
i guess not in nginx
feature request ?

Hi. You could try this patch:

http://forum.nginx.org/read.php?29,243797,244306#msg-244306

many thanks
sorry but am i missing something ?
i cant find where to download the patch on the page either as attachment
or text ?

On 19/09/14 14:14, [email protected] wrote:

http://forum.nginx.org/read.php?29,243797,244306#msg-244306

many thanks
sorry but am i missing something ?
i cant find where to download the patch on the page either as attachment
or text ?

Hmmm, neither can I.

I just forwarded the original post to you.

It’s nearly a year old so it may well need tweaking to make it apply
cleanly to the latest Nginx code. I’m afraid I don’t know when I’m
going to find time to get it into a suitable state for the Nginx team to
be happy to properly review it and (hopefully) commit it. (So if
anybody else wants to take over, please be my guest).

I’ve already had one offer of help today. :slight_smile:

nginx: [emerg] “ssl_certificate” directive is duplicate in
/etc/nginx.conf:53
nginx: configuration file /etc/nginx.conf test failed

[email protected] wrote:

is it possible with SNI and nginx to have both an ECDSA and RSA cert
serving 1 website on 1 IP ?

best practices ?


Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online

On 17/09/14 16:17, [email protected] wrote:

it works with postfix
i guess not in nginx
feature request ?

Hi. You could try this patch:

http://forum.nginx.org/read.php?29,243797,244306#msg-244306

It’s nearly a year old so it may well need tweaking to make it apply
cleanly to the latest Nginx code. I’m afraid I don’t know when I’m
going to find time to get it into a suitable state for the Nginx team to
be happy to properly review it and (hopefully) commit it. (So if
anybody else wants to take over, please be my guest).

nginx: [emerg] “ssl_certificate” directive is duplicate in
/etc/nginx.conf:53
nginx: configuration file /etc/nginx.conf test failed

[email protected] wrote:

is it possible with SNI and nginx to have both an ECDSA and RSA cert
serving 1 website on 1 IP ?

best practices ?


Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online

On Friday 19 September 2014 15:20:02 Rob Stradling wrote:

http://forum.nginx.org/read.php?29,243797,244306#msg-244306

many thanks
sorry but am i missing something ?
i cant find where to download the patch on the page either as attachment
or text ?

Hmmm, neither can I.

I just forwarded the original post to you.

http://mailman.nginx.org/pipermail/nginx-devel/2013-October/004474.html

wbr, Valentin V. Bartenev