Hi there,
we configured NGINX 1.2.1 on debian 7.1u1 with 5 virtual host, set up a private certification authority, generated keys for all the the virt. host and configured the hosts similar to
server {
listen 443;
server_name server1.foo.baz.bar;
ssl on;
ssl_certificate /etc/nginx/ssl/server1.foo.baz.bar.pem;
ssl_certificate_key /etc/nginx/ssl/server1.foo.baz.bar.key;
ssl_protocols SSLv3 TLSv1 SSLv2;
ssl_ciphers ALL:!ADH:!EXPORT56:!kEDH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 5m;
...
}
However if we try to access server1 via curl -v -k https://server1.foo.baz.bar
we get a wrong server certificate:
Connected to server1.baz.bar(...) port 443 (#0)
* TLS 1.0 connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
* Server certificate: server2.baz.bar
* Server certificate: OUR CA
> GET / HTTP/1.1
> User-Agent: curl/7.30.0
> Host: server1.baz.bar
> Accept: */*
What is wrong in our config?
Thanks in advance
--ukr
we configured NGINX 1.2.1 on debian 7.1u1 with 5 virtual host, set up a private certification authority, generated keys for all the the virt. host and configured the hosts similar to
server {
listen 443;
server_name server1.foo.baz.bar;
ssl on;
ssl_certificate /etc/nginx/ssl/server1.foo.baz.bar.pem;
ssl_certificate_key /etc/nginx/ssl/server1.foo.baz.bar.key;
ssl_protocols SSLv3 TLSv1 SSLv2;
ssl_ciphers ALL:!ADH:!EXPORT56:!kEDH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 5m;
...
}
However if we try to access server1 via curl -v -k https://server1.foo.baz.bar
we get a wrong server certificate:
Connected to server1.baz.bar(...) port 443 (#0)
* TLS 1.0 connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
* Server certificate: server2.baz.bar
* Server certificate: OUR CA
> GET / HTTP/1.1
> User-Agent: curl/7.30.0
> Host: server1.baz.bar
> Accept: */*
What is wrong in our config?
Thanks in advance
--ukr