Weird SSL Issue

I use nginx to host multiple websites, and one of them has a valid SSL
certificate. I’ve noticed recently (from early November 2012 according
to
Google Webmaster Tools), that if I make an SSL connection to one of the
sites which does not have a valid SSL cert, I get the content of the
site
that does.

That is, is example.com has the SSL cert, and I host example2.com
without,
if I go to https://example2.com I will get the homepage for example.com.

This is despite the fact that the configuration file for
example2.comdoesn’t have anything concerning SSL in it (not even
listening on port
443), and the configuration file for example.com doesn’t have anything
concerning example2.com.

If configuration files are needed, I can provide them. However this was
definitely not an issue before November. I suspect it started happening
after I upgraded to the latest stable release of nginx.

Any help is appreciated.

On Thu, Jan 10, 2013 at 6:20 PM, Adrian H. [email protected]
wrote:

doesn’t have anything concerning SSL in it (not even listening on port 443),
and the configuration file for example.com doesn’t have anything concerning
example2.com.

Because there’s something listening on port 443. When there’s no
matching server_name but there’s something listening on that port,
that block will handle the request.

If you have dedicated ip for ssl host, set the ip. Otherwise, just
create a default fallback server block for ssl and handle redirect
from there.

Ok, so how do I prevent that? I only want the content of example.com to
be
sent when example.com is given as the host in the HTTP request. Can you
give examples?

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs