D
D
Delari2019-08-15 12:17:31
Nginx
Delari, 2019-08-15 12:17:31

Enable cloudflare on multiple subdomains when using VPS with nginx?

There is a VPS machine with configured nginx'om on which 10 sites are running
structure
tester.example.com
api-one.tester.example.com
api-two.tester.example.com
api-3.tester.example.com
api-4. tester.example.com
api-5.tester.example.com
api-6.tester.example.com the
central site is running on a separate hosting
in nginx I set the tester.example.com site to default to use ssl from the cloudflare service

server {
        listen 80 default_server;
        listen [::]:80 default_server;

        server_name tester.example.com www.tester.example.com;
        return 302 https://$server_name$request_uri;
}


server {

    # SSL configuration

      listen 443 ssl http2 default_server;
      listen [::]:443 ssl http2 default_server;
      ssl        on;
      ssl_certificate         /etc/ssl/certs/cert.pem;
      ssl_certificate_key     /etc/ssl/private/private.pem;
      ssl_client_certificate /etc/ssl/certs/cloudflare.crt;
      ssl_verify_client on;

      server_name tester.example.com www.tester.example.com;

      root /var/server/site/;
      index index.html index.htm index.nginx-debian.html;


      location / {
           # try_files $uri $uri/ =404;
            proxy_pass         http://localhost:8880;
            proxy_http_version 1.1;
            proxy_set_header   Upgrade $http_upgrade;
            proxy_set_header   Connection keep-alive;
            proxy_set_header   Host $host;
            proxy_cache_bypass $http_upgrade;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header   X-Forwarded-Proto $scheme;
       }
}

without https - opening via the usual ip:Port passes all services,
how can I make the config api-one.tester.example.com, etc. that they too opened through ssl?
tried to change the port in the subdomain config (8443 which supports cloudflare), but does not give the desired result
.....
      listen 8443 ssl http2;
      listen [::]:8443 ssl http2;
      ssl        on;
      .....

Answer the question

In order to leave comments, you need to log in

1 answer(s)
A
Andrey Gavrilov, 2019-08-15
@thexaver

Make a server for api-one.tester.example.com and cloudflare will issue the certificate itself

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question