SSL port other than 443

Hi,

I have 2 server sections in my config. One runs on port 80 and SSL on
443.
The other on port 83 and its SSL on 444:
listen 83 default ;
## SSL directives might go here
listen 444 ssl;
Once I restart nginx and run netstat -a I see port 443 being used but
not
port 444. What might be the issue?

Regards,
Yash

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,230326,230326#msg-230326

Hi,

On 2012/08/30, at 20:50, “yashgt” [email protected] wrote:

I have 2 server sections in my config. One runs on port 80 and SSL on 443.
The other on port 83 and its SSL on 444:
listen 83 default ;
## SSL directives might go here
listen 444 ssl;
Once I restart nginx and run netstat -a I see port 443 being used but not
port 444. What might be the issue?

Are you trying to use the same IP address for both server sections?

Regards,


Javi Lavandeira

Twitter: @javilm
Blog: http://www.lavandeira.net/blog

Yes. Same IP address. With no SSL, this works fine . I can access one
app as
http://myserver/ and the other as http://myserver:83/.

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,230326,230329#msg-230329

On Aug 30, 2012, at 15:50 , yashgt wrote:

Hi,

I have 2 server sections in my config. One runs on port 80 and SSL on 443.
The other on port 83 and its SSL on 444:
listen 83 default ;
## SSL directives might go here
listen 444 ssl;
Once I restart nginx and run netstat -a I see port 443 being used but not
port 444. What might be the issue?

What does “nginx -t” show ?


Igor S.

Hi,

On 2012/08/30, at 22:07, “yashgt” [email protected] wrote:

Yes. Same IP address. With no SSL, this works fine . I can access one app as
http://myserver/ and the other as http://myserver:83/.

When working with SSL you need to use a different IP address for each
SSL host.

Regards,

[email protected]:/usr/local/pnp4nagios# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,230326,230333#msg-230333

Here is my nginx detail:

nginx -V

nginx: nginx version: nginx/1.0.5
nginx: TLS SNI support enabled
nginx: configure arguments: --prefix=/etc/nginx
–conf-path=/etc/nginx/nginx.conf
–error-log-path=/var/log/nginx/error.log
–http-client-body-temp-path=/var/lib/nginx/body
–http-fastcgi-temp-path=/var/lib/nginx/fastcgi
–http-log-path=/var/log/nginx/access.log
–http-proxy-temp-path=/var/lib/nginx/proxy
–http-scgi-temp-path=/var/lib/nginx/scgi
–http-uwsgi-temp-path=/var/lib/nginx/uwsgi
–lock-path=/var/lock/nginx.lock
–pid-path=/var/run/nginx.pid --with-debug --with-http_addition_module
–with-http_dav_module --with-http_geoip_module
–with-http_gzip_static_module --with-http_image_filter_module
–with-http_realip_module --with-http_stub_status_module
–with-http_ssl_module --with-http_sub_module --with-http_xslt_module
–with-ipv6 --with-sha1=/usr/include/openssl
–with-md5=/usr/include/openssl
–with-mail --with-mail_ssl_module
–add-module=/build/buildd/nginx-1.0.5/debian/modules/nginx-echo
–add-module=/build/buildd/nginx-1.0.5/debian/modules/nginx-upstream-fair

This doc says that it should be possible to share the same IP address. I
use
latest browsers. I intend to have multiple server sections in the
config,
each for a different app. I am using a self-signed certificate. Anything
special needs to be done to the cert?

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,230326,230335#msg-230335

On Aug 30, 2012, at 17:13 , Javi Lavandeira wrote:

Hi,

On 2012/08/30, at 22:07, “yashgt” [email protected] wrote:

Yes. Same IP address. With no SSL, this works fine . I can access one app as
http://myserver/ and the other as http://myserver:83/.

When working with SSL you need to use a different IP address for each SSL host.

If server ports are different, you can use one IP address.


Igor S.

Here is the doc:
http://nginx.org/en/docs/http/configuring_https_servers.html#sni

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,230326,230336#msg-230336

I am having the same issue.
Here is the server block of my nginx.conf -
#########
server{
listen 8090 ssl;
server_name foo.bar.com;

            ssl_certificate conf.d/ssl/foo.bar.com.crt;
            ssl_certificate_key conf.d/ssl/foo.bar.com.key;

            keepalive_timeout 60;

            location  / {
                    proxy_pass https://127.0.0.1:8010;

                    ### force timeouts if one of backend is died ##
                    proxy_next_upstream error timeout invalid_header

http_500 http_502 http_503;

                    ### Set headers ####
                    proxy_set_header Host $host;
                    proxy_set_header X-Real-IP $remote_addr;
                    proxy_set_header X-Forwarded-For

$proxy_add_x_forwarded_for;

                    ### Most PHP, Python, Rails, Java App can use 

this
header ###
proxy_set_header X-Forwarded-Proto https;

                    ### By default we don't want to redirect it ####
                    proxy_redirect     off;

            }
            location ~ /\.ht {
                    deny  all;
            }
    }

#########
As you can see I am using other port than 443. How do I make it work?

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,230326,232049#msg-232049

On Sat, Oct 20, 2012 at 2:30 PM, hussain [email protected] wrote:

#########
As you can see I am using other port than 443. How do I make it work?

You forgot to mention what the problem you’re having. I’m guessing
your backend server isn’t using ssl but you configured it as https
(proxy_pass https://). Try using http:// instead.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs