0

I have configured my nginx virtual server as follows:

server {
    listen 443 ssl;

    server_name #server_name_value;
    ssl on;
    ssl_certificate /etc/nginx/ssl/nginx.crt;
    ssl_certificate_key /etc/nginx/ssl/private/nginx.key;

    location / {
            proxy_set_header X-Forwarded-Host $host;
            proxy_set_header X-Forwarded-Server $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass http://127.0.0.1:9001/;
    }        
}

now for this server i have nginx.crt file, but there is another server with another configuration file for which I have another certificate.
Now i created the csr using openssl on my machine, and then verified it using tinyca2. Then I use the certificate by specifying the path.
Now there is another, certificate i created on the same machine, and have put both those certs in the same dir, but specified the cert to be used for a particular server.
So my question is, when I access the above server, it shows the add exception, but when i view the certificate, it doesnt use the one specified, but the other certificate I created after I created the certificate I am using above.

So is it that I can have only one certificate in the ssl dir of nginx, or is there something that i have overlooked while reading nginx docs.Because I really dont know whats happening here.

Improve this question
2
  • did you restart nginx after changing the configuration?
    – Gerald Schneider
    Commented Jan 9, 2017 at 13:34
  • You may want to test the configuration using nginx -T to ensure that nginx is reading the configuration files you expect it to be reading.
    – Richard Smith
    Commented Jan 9, 2017 at 14:00

1 Answer 1

Reset to default
0

Does the server_name #server_name_value match the certificate CN in subject? If it doesn't SNI fails to match it.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .