Merge HTTP & HTTPS Definition In The Same Section

Hi all,
I’m wondering if it’s possible to merge the HTTP and HTTPS definition
into one section.
The situation is like this, my server serves both HTTP and HTTPS, both
of them have the same redirecting rules. I don’t want to define them in
2 places. I looked up the document and find that it is possible to bind
both HTTP & HTTPS ports in the same “server” section like this:
listen 80;
listen 443 default ssl;
but in this way how can I define stuff related to SSL? Such as
certifications etc.? I tried
if ($server_ports = 443) {
ssl on;
ssl_certificate /etc/ssl/abc.pem;
ssl_certificate_key /etc/ssl/abc.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
}
but i’m told that
“ssl” directive is not allowed here
Could anyone tell me how to do it?
Thanks for help.

Regards,
Yaoxing

Am 03.02.2010 um 08:21 schrieb Yaoxing:

I’m wondering if it’s possible to merge the HTTP and HTTPS definition
into one section.
I would prefer a include file.
ssl_certificate /etc/ssl/abc.pem;
ssl_certificate_key /etc/ssl/abc.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
}


server.conf

server {
listen 80;
include server_def.conf;
}

server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/abc.pem;
ssl_certificate_key /etc/ssl/abc.key;

include server_def.conf;
}

server_def.conf

server_name domain.com;
index index.php;

This way I include nearly anything reusable. (eg. drupal-conf)

Micha

On Wed, Feb 03, 2010 at 03:21:12PM +0800, Yaoxing wrote:

certifications etc.? I tried
“ssl” directive is not allowed here
Could anyone tell me how to do it?

http://nginx.org/en/docs/http/configuring_https_servers.html#single_http_https_server


Igor S.
http://sysoev.ru/en/

Got your idea. Thanks to Micha and Igor.

Regards,
Yaoxing

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs