Re: Wildcard SSL and Wildcard hostnames

ELB had only our other SSL Cert configured and not our new one. Darn it. We don't use ELB for example.co because you can't CNAME the root domain so that hit our server directly and of course with the tweaked config worked fine. It's offtopic but technically you can or life always finds a way -

nginx_upstream_check_module doesn't work with nginx > 1.7.6

Hi, I'm not sure if this is the right place to report this issue, but perhaps someone has already run across it and has some insights... Basically, the "nginx_upstream_check_module" (versions 0.1.9 and 0.3.0) doesn't seem to be working with nginx 1.7 greater than 1.7.6. Upstreams don't get pinged

Re: Wildcard SSL and Wildcard hostnames

The SSL Checking service did indeed point out the error. I will admit to my own stupidity on this one. We're using Elastic Load Balancing on *.example.co ELB had only our other SSL Cert configured and not our new one. Darn it. We don't use ELB for example.co because you can't CNAME the root doma

Possible limitation of ngx_http_limit_req_module

Hi, I'm observing an inconsistent behavior of ngx_http_limit_req_module in nginx 1.7.12. The relevant excerpts from my config: http { ... # A fixed string used as a key, to make all requests fall into the same zone limit_req_zone test_zone zone=test_zone:1m rate=5r/s; ... server {

Re: Wildcard SSL and Wildcard hostnames

http://example.co - works fine and as expected. http://blah.example.co - returns curl: (60) SSL certificate problem: Invalid certificate chain This is actually picking up the SSL cert for the default site on the server. So the server_name is picking up example.co but *.example.co seems to be

Re: How to enable OCSP stapling when default server is self-signed?

173279834462 Wrote: --- > > Note that this isn't really indicate anything: there are two forms > of OCSP requests, POST and GET. And Firefox uses POST, while nginx > uses GET. Given the fact that the responder was completely broken just > a few da

Re: Wildcard SSL and Wildcard hostnames

Thanks for the tip. I have replaced the config with server_name example.co *.example.co with server_name .example.co While that is definitely more concise it didn't solve the problem. http://example.co - seems fine. http://test.example.co - curl: (51) SSL peer certificate or SSH remote key wa

Re: Wildcard SSL and Wildcard hostnames

braindeaf Wrote: --- > http://blah.example.co - returns curl: (60) SSL certificate problem: > Invalid certificate chain Forget one thing, you also need a wildcard DNS entry. DNS: so it arrives at your frontdoor Nginx.conf (server_name .example.c

Re: Wildcard SSL and Wildcard hostnames

itpp2012 provided you with the answer, also to be found in the server_name directive documentation. --- *B. R.* On Mon, May 11, 2015 at 3:54 PM, braindeaf wrote: > Sorry to be vague. > > http://example.co - works fine and as e

Re: Wildcard SSL and Wildcard hostnames

Sorry to be vague. http://example.co - works fine and as expected. http://blah.example.co - returns curl: (60) SSL certificate problem: Invalid certificate chain This is actually picking up the SSL cert for the default site on the server. So the server_name is picking up example.co but *.example.

Re: Wildcard SSL and Wildcard hostnames

braindeaf Wrote: --- > server { > port 443 > server_name .example.co; Would be a catch all. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,258792,258796#msg-258796 ___ nginx mailing lis

Official packages v1.8.0 do NOT include the GeoIP module

Hello, We are facing quite some trouble with the official nginx packages: their nginx -V does not show any sign of the GeoIP module. Confirmed for: - Debian package - CentOS 6 package As I have not read any deprecation message anywhere, and since its presence is confirmed in earlier versions, wh

Re: Wildcard SSL and Wildcard hostnames

This doesn't appear to work as I would expect it to. Would we need to set up a different server for each subdomain explicity. or could we get away with one config for example.co and another for *.example.co? Doesn't work in what way? (Does nginx or browser complain/what's the error?) Such c

Re: Wildcard SSL and Wildcard hostnames

What did you expect? What did you get? What did you think you configured? --- *B. R.* On Mon, May 11, 2015 at 1:11 PM, braindeaf wrote: > Hey there, I'm struggling to find the correct answer and unsure if there > even is one. > > We have a domain say, example.co and we've purchased a wildcard SS

Wildcard SSL and Wildcard hostnames

Hey there, I'm struggling to find the correct answer and unsure if there even is one. We have a domain say, example.co and we've purchased a wildcard SSL certificate for it. We want to be able to provide what amounts towith minimal configuration. https://example.co https://blah.example.co htt

Re: static file performance "staircase" pattern

Content should be accessible from one (and one only) location at any single time, so be careful to content overlap between subdomains. Not even talking about SEO, it is just pragmatically logical: no single URI should be served through different URL if you want your repository to be seen as 'clean'

Re: static file performance "staircase" pattern

It's not a requirement in any way and your SEO might turn out just fine using different subdomains. My suggestion is not just made up from my imagination, but advice from a Google employee since this have been a real problem for us. By serving the same image from multiple subdomains, from the same

Re: static file performance "staircase" pattern

It's not really required to serve it from the same sub-domain always. The most optimal solution would be to add the canonical link header when serving using domain sharding. But from a caching perspective, keeping the sharding consistent is indeed beneficial (you can use crc32 on the image nam