Answer the question
In order to leave comments, you need to log in
Connecting via IP and HTTPS, will there be any problems?
Please tell me I can't find any information.
I am now planning how everything will work and trying to understand fully with HTTPS and WSS.
The essence is that, on one domain weigh two ip. On each ip on the server.
From the user's side, everything is fine, he connects to any of them, checks the ssl certificate and everything is good.
But I need to connect these two servers to each other and also via a secure channel.
As a result, I have two questions.
1) Can I use a domain to connect to a specific ip that weighs on it (just stupidly choose one of the two)?
but after reading on the Internet, I realized that it is impossible to select a specific ip by domain. But maybe I misunderstood.
2) Against this background, another question arose. Will SSL work when connecting by ip?
That is, I have two servers on Node js, one knocks on the other by ip, will https work? just as I understand it, with https, we are verifying the domain with the data in ssl, which is issued to the domain, and we are knocking on ip at this moment. Logically, there should be a failure during the check, because here we have an ip, not a domain.
I just want to understand on the shore what to do with it. If possible, I would be grateful if you could explain in detail what and how, if so, how it works, if not why.
Thanks in advance.
Answer the question
In order to leave comments, you need to log in
You need a certificate for each domain. Or a wildcard certificate for all subdomains of your common domain. Taking a certificate for ip is very, very bad, since ip can change, there can be a bunch of ip on a domain, etc.
In fact, it is better to remove nodejs for nginx, which will manage certificates and redirect traffic to the necessary ip. Usually they make a separate server with a dedicated ip for this, all the certificates of your domains are brought to it, and then it transfers requests (proxies) already decrypted traffic to internal or external ip addresses, preferably internal ones. Many providers immediately offer such services, Amazon and other clouds such as selectel and mailru.,
1) in the hosts file, write the ip of your server and you will connect to the desired server via the domain.
2) if you have a certificate for ip, then everything will be fine, but if you follow the step from point 1, then you can connect by domain, not by ip
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question