I have a bunch of https websites available over a single IP working with
sni
on nginx 1.0.15.
Currently, anyone accessing a domain name that resolves to the same IP
is
greeted with a certificate mismatch error due to nginx choosing the
first
server as the default.
Instead of using the first server as the default, I’d like to create a
catch-all https server that drops/resets the tcp connection. As such all
domain names that have an associated server block would still work using
sni, but IPs or other domain names would simply result in a dropped
connection.
Unfortunately, I can’t seem to get this to work. If I define the server
block below, all requests are handled by the catch-all server, and all
the
websites become inaccessible. Here is the server block I’ve defined:
server {
listen 443 default_server;
return 443;
}
Does anyone know how I could achieve this?
Thanks!
Arthur
Posted at Nginx Forum: