SSL if pointing at wrong ipaddress

52.240.136.155
52.237.158.185
are public and can be reached. i only have lb in front as this was default setup on azure. i will be going direct as lb can not support ssl cert (or at lest the lb attached to my cluster setup)

i’m not sure what else to do. what am i not seeing, i really appreciate you looking at this with me !!!

Have a look into the output of command ip addr or ifconfig on the command line. Only these ip addresses can be used to setup nginx with.

To ease everyhing, you may omit the ip address at all in the listen directive.

ok so if i understand.

so if i have interanl ipaddress
50.0.0.8 -> 52.240.136.155
and
50.0.0.10 -> 52.237.158.185

i would need to set nginx up with
oilgear.com
listen 50.0.0.8:80;

testssl.oilgear.com l
listen 50.0.0.10:443 ssl;

is this what you mean.

If these 50.0.0-addresses are mentioned in the output of ifconfig, yes.
Or: just don’t use addresses in the listen statement.

i have had it working with out ip address for port 80 but according to nginx docs i have to have different ip’s as VH are not sent on ssl hand-shack so cert will always be wrong.

i’m happy to try but this is where i started my journey if that make sense?

i will try the internal ip address

again thank you so much !! will let you know how i get on in a few mins or so

Nginx should implement SNI which has been provided for exactly that purposes. You may put multiple ssl-hosts on one shared ip address.

ok this is now working on ssl testssl.oilgear.com using sni.

i’m guessing the issues was oilgear.com config had and 443 port open and no cert attached i have removed second ipaddress from DNS and all this still working…

#THANK YOU !!!

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.