How to make nginx work over IPv6 with multiple domains?

A

appplemac2012-06-13 01:09:02

Nginx

appplemac, 2012-06-13 01:09:02

Good day.
I decided to make access to a couple of my domains via IPv6 . To do this, in nginx 0.7.67, built with IPv6 support, running on Debian , I added the following lines, as advised here , and now my config looks like this:

<pre><code class="bash">server {

  listen 	        80 default;
  listen		[::]:80 default ipv6only=on;
  server_name 	a****y.ch;

  access_log 	/var/log/nginx/a****y.ch.access.log;

  location / {
    add_header Strict-Transport-Security max-age=31556926;
    rewrite     ^/(.*) https://a****y.ch/$1;
  }
}

server {

  listen 		443 default;
  listen		[::]:443 default ipv6only=on;
  server_name 	a****y.ch;
  ssl 		on;
  ssl_certificate 	/var/www/ssl.crt;
  ssl_certificate_key	/var/www/ssl.key;

  access_log /var/log/nginx/a****y.ch.https.access.log;
  
  location / {
    root 		/var/www/a****y.ch;
    index 		index.html;
  }
}

server {

  listen 		80;
  listen		[::]:80;
  server_name         ad.a****y.ch;

    access_log      	/var/log/nginx/ad.a****y.ch.https.access.log;

    location / {                
    add_header Strict-Transport-Security max-age=31556926;
    rewrite ^/(.*) https://ad.a****y.ch/$1;
  }
}

server {

  listen   		443;
  listen		[::]:443;
  server_name  	ad.a****y.ch;
  ssl			on;
  ssl_certificate	/var/www/ssl.crt;
  ssl_certificate_key	/var/www/ssl.key;
  

  access_log  /var/log/nginx/ad.a****y.ch.https.access.log;
  
  location / {
    root 		/var/www/ad.a****y.ch;
    index 		index.html;
  }

  location /download {
    alias 		/var/www/ad.a****y.ch;
    add_header 	Content-Disposition &quot;attachment&quot;;
  }
}

a****y.ch and ad.a****y.ch resolve to the same IPv4 and IPv6 addresses.

With this configuration, only a ****y.ch over http is given over IPv6, that is, neither a ****y.ch over https, nor ad.a ****y.ch in both variations over IPv6 are available .

Please tell me what am I doing wrong.
Thanks in advance for your replies.

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

K

KawaiDesu, 2012-06-13
@KawaiDesu

SSL enabled on https hosts?

ssl                                 on;
ssl_certificate                     /path/to/ssl.pem;
ssl_certificate_key                 /path/to/ssl.key;
ssl_protocols                       SSLv3 TLSv1; 
                                    #TLSv1 уязвим! Но версии выше поддерживаются клиентами слабо.

In general, would you post the real config, wiping out, for example, domains and paths.

S

sn00p, 2012-06-13
@sn00p

What operating system? If Linux, then you
listen [::]:80;
can remove it enough listen 80;, by default ipv6 socket accepts ipv4 traffic.
Yes, post the entire config.

R

rPman, 2012-06-13
@rPman

and what do you resolve on bin.mysite.com?

K

KawaiDesu, 2012-06-13
@KawaiDesu

First, you forgot to remove the paths from the config :) so the domain is known.

host ad.a****y.ch

tells me that the domain was not found, check the DNS with the registrar.
Try to redirect from http to https hosts via

return        301 https://a****y.ch$request_uri;

Direct access to https does not work at all? Or does it give any errors?