In my configuration I have placed the ssl_* directives inside the http block and have been using a wildcard certificate certified by a custom CA without any problems. However, I now want to use a new certificate for a new subdomain (a server), that has been certified by a recognized CA.
Let's say the TLD is blah.org. I want my custom certificate with CN *.blah.org to be used on all domains except for new.blah.org that will use its own certificate/key pair of files with CN new.blah.org.
How would one do that? Adding new ssl_* directives inside the server block doesn't seem to override the global settings.
Answer
In my experience, settings in server stanzas do override those set in the surrounding http stanza, although I must admit I've never tried to set SSL parameters (given that you usually only have SSL config in your SSL vhosts).
You might want to describe exactly why you think it isn't working, and provide debug logs and your config files so the cause of your dilemma can be identified.
No comments:
Post a Comment