Using variables in certificate path names

Hello!

Is it possible and correct something like:

server {
listen 1.1.1.1:443 ssl;

server_name     sitename.de sitename.fr  sitename.nl;

root /var/www/vhosts/Live/public_html;

ssl_certificate /etc/ssl/web/$host.pem;
ssl_certificate_key /etc/ssl/web/$host.key;


#commont part for all sites

}

On Tuesday 15 December 2015 09:44:45 Aleksey Portnov wrote:

ssl_certificate /etc/ssl/web/$host.pem;
ssl_certificate_key /etc/ssl/web/$host.key;


#commont part for all sites

}

Currently it’s not possible. Certificates and keys
are loaded while reading configuration.

wbr, Valentin V. Bartenev

On 12/15/15 12:53 PM, Valentin V. Bartenev wrote:

are loaded while reading configuration.

… and we are working on a similar feature.


Maxim K.

Am 15-12-2015 11:01, schrieb Maxim K.:

root /var/www/vhosts/Live/public_html;

ssl_certificate /etc/ssl/web/$host.pem;
ssl_certificate_key /etc/ssl/web/$host.key;

[snipp]

Currently it’s not possible. Certificates and keys
are loaded while reading configuration.

… and we are working on a similar feature.

Due to the fact that I’m not sure if it’s possible I ask :wink:

Is it possible to load the certificates from $ENV{‘CERT_PATH’}?

Sorry if I missed it in the doc.

BR aleks

Generating a separate server block for every certificate is the
solution.
Since you are probably not managing the configuration by hand at this
scale, use your favourite configuration management tool with a
well-cooked
template to generate nginx’ configuration.

B. R.

On Tue, Dec 15, 2015 at 01:01:15PM +0300, Maxim K. wrote:

root /var/www/vhosts/Live/public_html;
Currently it’s not possible. Certificates and keys
are loaded while reading configuration.

… and we are working on a similar feature.

I have similar problem.
There is:
server {
listen 1.1.1.1
listen 1.1.1.1:443
server_name _ ;

}

and many locations there. Number of different hostnames might be
thousands.
Some of them, (hundreds) might have certificates. How to serve them with
nginx.
Generate separate server block {} for every certificate is not a
solution.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs