In SSL protocol conduct, a typical problem occurs when two or more configured HTTPS servers listen on a single IP address.
server {
listen 443 ssl;
server_name www.yoursite.com;
ssl_certificate www.yoursite.com.crt;
...
}
server {
listen 443 ssl;
server_name www.yoursite.org;
ssl_certificate www.yoursite.org.crt;
...
}
As shown above, what exactly happens here is that the client browser starts to receive the default server’s certificate (www.yoursite.com) regardless of the name of the server requested.
This is pushed by SSL protocol conduct. Here, the connection via SSL is made before the browser sends another HTTP request and Nginx does not know the server name requested. Hence, it may only offer the default server’s certificate.
Here’s the solution:
server {
listen 192.168.1.1:443 ssl;
server_name www.yoursite.com;
ssl_certificate www.yoursite.com.crt;
...
}
server {
listen 192.168.1.2:443 ssl;
server_name www.yoursite.org;
ssl_certificate www.yoursite.org.crt;
...
}Above given is the ancientest and most powerful way used for resolving this issue. Here a separate IP address is assigned for each HTTPS server.