SSL port other than 443

aris · August 30, 2012, 1:51pm

Hi,

I have 2 server sections in my config. One runs on port 80 and SSL on
443.
The other on port 83 and its SSL on 444:
listen 83 default ;
## SSL directives might go here
listen 444 ssl;
Once I restart nginx and run netstat -a I see port 443 being used but
not
port 444. What might be the issue?

Regards,
Yash

Posted at Nginx Forum:

yashgt · August 30, 2012, 3:05pm

Hi,

On 2012/08/30, at 20:50, “yashgt” [email protected] wrote:

I have 2 server sections in my config. One runs on port 80 and SSL on 443.
The other on port 83 and its SSL on 444:
listen 83 default ;
## SSL directives might go here
listen 444 ssl;
Once I restart nginx and run netstat -a I see port 443 being used but not
port 444. What might be the issue?

Are you trying to use the same IP address for both server sections?

Regards,

–
Javi Lavandeira

Twitter: @javilm
Blog: lavandeira.net – Blog

yashgt · August 30, 2012, 3:08pm

Yes. Same IP address. With no SSL, this works fine . I can access one
app as
http://myserver/ and the other as http://myserver:83/.

Posted at Nginx Forum:

yashgt · August 30, 2012, 3:25pm

On Aug 30, 2012, at 15:50 , yashgt wrote:

Hi,

I have 2 server sections in my config. One runs on port 80 and SSL on 443.
The other on port 83 and its SSL on 444:
listen 83 default ;
## SSL directives might go here
listen 444 ssl;
Once I restart nginx and run netstat -a I see port 443 being used but not
port 444. What might be the issue?

What does “nginx -t” show ?

–
Igor S.

yashgt · August 30, 2012, 3:14pm

Hi,

On 2012/08/30, at 22:07, “yashgt” [email protected] wrote:

Yes. Same IP address. With no SSL, this works fine . I can access one app as
http://myserver/ and the other as http://myserver:83/.

When working with SSL you need to use a different IP address for each
SSL host.

Regards,

yashgt · August 30, 2012, 3:27pm

root@v-enterprise15:/usr/local/pnp4nagios# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Posted at Nginx Forum:

yashgt · August 30, 2012, 3:54pm

Here is my nginx detail:

nginx -V

nginx: nginx version: nginx/1.0.5
nginx: TLS SNI support enabled
nginx: configure arguments: --prefix=/etc/nginx
–conf-path=/etc/nginx/nginx.conf
–error-log-path=/var/log/nginx/error.log
–http-client-body-temp-path=/var/lib/nginx/body
–http-fastcgi-temp-path=/var/lib/nginx/fastcgi
–http-log-path=/var/log/nginx/access.log
–http-proxy-temp-path=/var/lib/nginx/proxy
–http-scgi-temp-path=/var/lib/nginx/scgi
–http-uwsgi-temp-path=/var/lib/nginx/uwsgi
–lock-path=/var/lock/nginx.lock
–pid-path=/var/run/nginx.pid --with-debug --with-http_addition_module
–with-http_dav_module --with-http_geoip_module
–with-http_gzip_static_module --with-http_image_filter_module
–with-http_realip_module --with-http_stub_status_module
–with-http_ssl_module --with-http_sub_module --with-http_xslt_module
–with-ipv6 --with-sha1=/usr/include/openssl
–with-md5=/usr/include/openssl
–with-mail --with-mail_ssl_module
–add-module=/build/buildd/nginx-1.0.5/debian/modules/nginx-echo
–add-module=/build/buildd/nginx-1.0.5/debian/modules/nginx-upstream-fair

This doc says that it should be possible to share the same IP address. I
use
latest browsers. I intend to have multiple server sections in the
config,
each for a different app. I am using a self-signed certificate. Anything
special needs to be done to the cert?

Posted at Nginx Forum:

yashgt · August 30, 2012, 3:25pm

On Aug 30, 2012, at 17:13 , Javi Lavandeira wrote:

Hi,

On 2012/08/30, at 22:07, “yashgt” [email protected] wrote:

Yes. Same IP address. With no SSL, this works fine . I can access one app as
http://myserver/ and the other as http://myserver:83/.

When working with SSL you need to use a different IP address for each SSL host.

If server ports are different, you can use one IP address.

–
Igor S.

yashgt · August 30, 2012, 3:55pm

Here is the doc:
http://nginx.org/en/docs/http/configuring_https_servers.html#sni

Posted at Nginx Forum:

yashgt · October 20, 2012, 9:30am

I am having the same issue.
Here is the server block of my nginx.conf -
#########
server{
listen 8090 ssl;
server_name foo.bar.com;

            ssl_certificate conf.d/ssl/foo.bar.com.crt;
            ssl_certificate_key conf.d/ssl/foo.bar.com.key;

            keepalive_timeout 60;

            location  / {
                    proxy_pass https://127.0.0.1:8010;

                    ### force timeouts if one of backend is died ##
                    proxy_next_upstream error timeout invalid_header

http_500 http_502 http_503;

                    ### Set headers ####
                    proxy_set_header Host $host;
                    proxy_set_header X-Real-IP $remote_addr;
                    proxy_set_header X-Forwarded-For

$proxy_add_x_forwarded_for;

                    ### Most PHP, Python, Rails, Java App can use

this
header ###
proxy_set_header X-Forwarded-Proto https;

                    ### By default we don't want to redirect it ####
                    proxy_redirect     off;

            }
            location ~ /\.ht {
                    deny  all;
            }
    }

#########
As you can see I am using other port than 443. How do I make it work?

Posted at Nginx Forum:

yashgt · October 21, 2012, 4:29am

On Sat, Oct 20, 2012 at 2:30 PM, hussain [email protected] wrote:

#########
As you can see I am using other port than 443. How do I make it work?

You forgot to mention what the problem you’re having. I’m guessing
your backend server isn’t using ssl but you configured it as https
(proxy_pass https://). Try using http:// instead.