If you only have one IP, then you cannot fix this. SNI is what determines which certificate to serve for the request. The only solution would be individual IPs for each domain, thus not needing SNI to get the correct cert for each domain.
Sent from my Galaxy -------- Original message -------- From: Saint Michael <vene...@gmail.com> Date: 3/11/24 02:34 (GMT-05:00) To: nginx@nginx.org Subject: No SNI support on multisite installation I have an openresty server, latest, compiled with http_ssl. So I have 5 websites on the same IP, each one with a server block, a listen statement XXXX:443 SSL; and its own server_name but when I test any of the certificates (example https:// 3y3. us), the online analyzer https://www.ssllabs.com/ssltest/ says that there is no SNI support, "This site works only in browsers with SNI support." " Certificate #2: RSA 2048 bits (SHA256withRSA) No SNI Server Key and Certificate #1 Subjectssnode1.minixel.com Fingerprint SHA256: 2c43df752c9f32a0b9072c9918c7f4064f215a75f321a3eed54f3ea53d377291 Pin SHA256: 0EYY9GZfp68L6vPN7Y0wSjXldFNAUDJBnJ3zFl+KhXs=Common namesssnode1.minixel.comAlternative namesssnode1.minixel.com MISMATCH. Revocation status Good (not revoked) Trusted No NOT TRUSTED Mozilla Apple Android Java Windows so how do I avoid this issue? Is there anything missing in my configuration? I need to use the same IP for every website. _______________________________________________ nginx mailing list nginx@nginx.org https://mailman.nginx.org/mailman/listinfo/nginx
_______________________________________________ nginx mailing list nginx@nginx.org https://mailman.nginx.org/mailman/listinfo/nginx
