hello,i am come from china. i use NGINX in a short period of time. i have some confuse about NGINX's ssl_* directive.
i have two vhost conf file, the above is my configuration:
a.conf:
server {
listen 443 ssl;
server_name a.example.com;
ssl_protocols TLSv1.2;
...
}
b.conf {
listen 443 ssl;
server_name b.example.com;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
...
}
my problem:
i test these two web site use curl tools, "a.example.com" is using TLSv1.2 protocol, this is ok, but when i testing "b.example.com" that only support TLS1.2 too, it seems like b.conf 's ssl_protocols directive is not effective, only a.conf's ssl_protools directive effective.
my question:
1.Dose ssl_protocols directive is only be parser once by NGINX? something like NGINX read config file, that find out a.conf's ssl_protocols directive and record it, the below ssl_protocol directive will be pass?
2.if question 1 is yes, how can i write difference ssl_* directive in multi vhost?
i have two vhost conf file, the above is my configuration:
a.conf:
server {
listen 443 ssl;
server_name a.example.com;
ssl_protocols TLSv1.2;
...
}
b.conf {
listen 443 ssl;
server_name b.example.com;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
...
}
my problem:
i test these two web site use curl tools, "a.example.com" is using TLSv1.2 protocol, this is ok, but when i testing "b.example.com" that only support TLS1.2 too, it seems like b.conf 's ssl_protocols directive is not effective, only a.conf's ssl_protools directive effective.
my question:
1.Dose ssl_protocols directive is only be parser once by NGINX? something like NGINX read config file, that find out a.conf's ssl_protocols directive and record it, the below ssl_protocol directive will be pass?
2.if question 1 is yes, how can i write difference ssl_* directive in multi vhost?