Nginx multiple domains SSL Certificates








Nginx multiple domains SSL is a digital security certificate that allows multiple hostnames protected by a single certificate.
However, improper redirection settings, misconfiguration of the Nginx file, and wrong SSL port entry in the configuration file cause problems.
Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to fix problems with Nginx multiple domains SSL.
In this context, we shall look into some common SSL issues, its causes and how to fix them.

SAN certificate & it's salient features

Nginx multiple domains SSL is also known as SAN (Subject Alternative Names) certificate.
The SAN certificate secures multiple fully qualified domain names with a single certificate. It is well known as a Unified Communication Certificate (UCC) or an Exchange certificate.
A single SAN certificate allows protecting multiple subdomains like www.domain.com, example.domain.com, www.domain.net.
Some of the important features include:
i. Can secure up to 2000 entries.
ii. Can use on unlimited multiple servers concurrently.
iii. It can reissue to change domains at any time without extra fees or costs.

Nginx multiple domains SSL – Common errors and fixes ?

From our experience in managing servers, we’ve come across customers who report us with errors in Nginx multiple domains SSL.
Let's take a closer look at some common errors it causes and how our Support Experts figure them out.

1. Improper redirection setting

Recently we had a customer reporting that once he set the redirection of the subdomains (domain2.com,domain3.com) to the main domain (domain1.com), he couldn’t access the main domain with HTTPS.
For redirection to work properly we need to configure it correctly. So, to solve this problem we took the following steps.
Initially, we open the Nginx configuration file /etc/nginx/nginx.conf.
Then we create https server blocks for every subdomain.
In order to do that, we add the following code in the configuration file:

server {
listen *:443 ssl;
server_name domain1.com;
ssl_certificate /path/to/domain1.crt; 
ssl_certificate_key /path/to/domain1.key;
return 301 https://www.domain1.com$request_uri;
}
server {
listen *:443 ssl;
server_name domain2.com www.domain2.com;
ssl_certificate /path/to/domain2.crt; 
ssl_certificate_key /path/to/domain2.key;
return 301 https://www.domain1.com$request_uri;
}

In addition, we verify the syntax by running the command:

nginx -t

Finally, we restart the service to reflect the changes made in the configuration file.

service nginx restart

This fixed the problem and the user could redirect the subdomain to the main domain which worked properly.

2. Misconfiguration of Nginx file

Similarly, another customer reported us with another issue. When he tries to access the subdomain (domain2.com), it results in the error, “502 bad gateway, Welcome to Nginx, further configuration is required, too many redirects”
Our Support Engineers executed the following steps to fix the error.
Initially, we open the /etc/nginx/nginx.conf file.
After checking the configuration file we found that because of the proxy, the subdomain redirects HTTP instead of HTTPS.
So, we removed all the proxy line from the subdomain’s configuration file.
Similarly, the parameter return and try_files cannot take place together with the current set up on port 80 as shown below.

server {
    listen 80;
    server_name domain2.com www.domain2.com;
    return 301 https://$server_name$request_uri;
    location / {
         try_files $uri $uri/ =404;
}

So we remove it and finally, the subdomain configuration setting will look like:

server {
listen 80;
server_name domain2.com www.domain2.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name domain2.com www.domain2.com;
root /home/Bas/domain2;
index index.html index.htm;
ssl_certificate /etc/letsencrypt/live/domain2.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain2.com/privkey.pem;
include /etc/nginx/snippets/ssl-params.conf;
location / {
try_files $uri $uri/ =404;
}
}

This solved the error and the user could access the subdomain without any error.

3. Wrong entry of SSL port

Occasionally, a wrong entry or incorrect SSL port added in the configuration file causes trouble in accessing the domain.
One of our customers reported that when he tries to access the domain with HTTPS it shows the wrong content or page.
Our first step was to check the Nginx configuration file.
By analyzing, we found that in the Nginx configuration file, /etc/nginx/nginx.conf the entry for SSL port was mistyped as “433”. Hence, it always results in the wrong page.
SSL uses port 443 to listen. By giving the right value for port SSL we were able to resolve this issue.

server {
    listen 80;
    listen 443 ssl;
    server_name example.com;
}

Once we edit, we restart the service.

[Having trouble with Nginx multiple domains SSL? We'll fix it for you.]



Conclusion

This article will guide you on steps to resolve common issues with "Nginx multiple domains #SSL". Basically, the multi-domain SSL #certificate offers security for multiple websites.
The technique for hosting more than one domain/subdomain on a single IP address/host is called #virtual #hosts. The http get request contains the domain name that the requests is for which allows the web server to match up the request with a particular virtual domain.
You can host multiple websites on #Nginx:
1. Configure Nginx to Host Multiple Websites.
2. Create Directory Structure.
3. Create Virtual Configuration.
4. Test Your #Websites.
5. Adding PHP-FPM Support to Nginx.


For Linux Tutorials

We create Linux HowTos and Tutorials for Sys Admins. Visit us on LinuxAPT.com

Also for Tech related tips, Visit forum.outsourcepath.com or General Technical tips on www.outsourcepath.com