Opened 3 months ago

Closed 4 weeks ago

#1349 closed defect (fixed)

TLS doesn't require different IPs

Reported by: olafvdspek@… Owned by:
Priority: minor Milestone:
Component: documentation Version: 1.13.x
Keywords: Cc:
Sensitive: no
uname -a: -
nginx -V: -

Description

It should be kept in mind that due to the HTTPS protocol limitations virtual servers should listen on different IP addresses:

Not true anymore (I think)

http://nginx.org/en/docs/http/ngx_http_ssl_module.html

Change History (2)

comment:1 Changed 4 weeks ago by yar

This may be true in some cases as SNI is not turned on by default in some clients, and some live usecases, such as WinXP+MSIE, still may exist.

Text changed:
http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_certificate

The part about SNI in "Configuring HTTPS Servers" was also accordingly updated:
http://nginx.org/en/docs/http/configuring_https_servers.html#sni

http://hg.nginx.com/nginx.org/rev/093855e77388

comment:2 Changed 4 weeks ago by yar

  • Resolution set to fixed
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.