Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
3
3
3epo2021-10-12 14:14:09
Nginx
3epo, 2021-10-12 14:14:09

How to set up SSL certificates on nginx on the same host?

Hello! I have a question about setting up nginx to set up different SSL certificates on the same host.
One SSL certificate for the main domain - example.com
Second wildcard certificate for subdomains - sub.example.com
Here are the nginxa settings:
1. These are the settings for the main domain example.com

server {
    listen 127.0.0.1:8443 ssl http2;

    server_name example.com www.example.com;
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/nginx/snippets/ssl-params.conf;

    location / {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;
        proxy_pass http://127.0.0.1:1024;

    }

    location ~ /.well-known {
        allow all;
    }

    client_max_body_size 1m;


}


2. And these are the nginx settings for the sub.example.com subdomain:
server {
    listen 8443 ssl;
    server_name sub.example.com www.sub.example.com;
    ssl_certificate /etc/letsencrypt/live/sub.example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/sub.example.com/privkey.pem; # managed by Certbot
    location / {
            root /var/www/goaccess;
            index  index.html;
            auth_basic "Restricted Area";
            auth_basic_user_file  htpasswd;

}
}


At the same time, when I go to sub.example.com, I get an error that the certificate is fake and does not match the address that I type in the browser. And the certificate of the main domain is shown. If I set a wildcard certificate in the main domain settings, then the subdomain opens (but for some reason the main site opens, but maybe I'll figure it out myself), but the main example.com domain opens with an error that the certificate is not suitable.
If anyone can help, please explain what is wrong. And what else can be added to the configuration files for the operation of two sites.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
S
SagePtr, 2021-10-12
@3epo

Because you are listening on one host on 127.0.0.1, and the second on all available network interfaces. Decide already.

Report
A
Alexander Karabanov, 2021-10-12
@karabanov

A wildcard includes *.sub.example.com , such as www.sub.example.com , but does not include sub.example.com .
sub.example.com needs a separate certificate.

Similar questions
K
Konstantin Khairov2017-10-16 14:19:42
How to make video download in nginx? 1Reply
V
vlarkanov2020-03-02 10:46:26
Nginx + limit_req: how to log dropped requests? 1Reply
G
GogenZZo2017-10-23 17:31:38
A large number of sites on nginx? 2Reply
N
nurzhannogerbek2017-10-24 13:36:31
Correct Nginx setup on Mac OS? 2Reply
K
Kostushko2017-10-26 20:04:15
How to escape percent character (%) in nginx rewrite rule? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question