invalid default_server parrameter

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

invalid default_server parrameter

Joel Parker
I have many servers sending ssl which I am trying to terminate. So I wanted to create a statement that was a catch all instead of listening for each ip address. I thought this would do it :

server {

      listen 443 ssl  default_server;

......

}

but when I run nginx -t, I keep getting the error : nginx: [emerg] the invalid "default_server" parameter in /etc/nginx/nginx.conf:13

Is this the correct way of doing a catch all incoming ssl traffic and what is wrong with my syntax ?

Joel

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: invalid default_server parrameter

Jeff Dyke
if you're using sni, you should be able to use _ as the server_name or remove default server b/c if this is going to represent many servers, from memory, default_server is not a value you want.  for example i run nginx behind haproxy to create letsencrypt certs, which will listen to currently dozens of request:  (of course you may not require proxy_protocol)

----
listen 8888 proxy_protocol;
server_name _;
----

On Mon, Apr 24, 2017 at 3:10 PM, Joel Parker <[hidden email]> wrote:
I have many servers sending ssl which I am trying to terminate. So I wanted to create a statement that was a catch all instead of listening for each ip address. I thought this would do it :

server {

      listen 443 ssl  default_server;

......

}

but when I run nginx -t, I keep getting the error : nginx: [emerg] the invalid "default_server" parameter in /etc/nginx/nginx.conf:13

Is this the correct way of doing a catch all incoming ssl traffic and what is wrong with my syntax ?

Joel

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx


_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: invalid default_server parrameter

Maxim Dounin
In reply to this post by Joel Parker
Hello!

On Mon, Apr 24, 2017 at 02:10:47PM -0500, Joel Parker wrote:

> I have many servers sending ssl which I am trying to terminate. So I wanted
> to create a statement that was a catch all instead of listening for each ip
> address. I thought this would do it :
>
> server {
>
>       listen 443 ssl  default_server;
>
> ......
>
> }
>
> but when I run nginx -t, I keep getting the error : nginx: [emerg] the
> invalid "default_server" parameter in /etc/nginx/nginx.conf:13
>
> Is this the correct way of doing a catch all incoming ssl traffic and what
> is wrong with my syntax ?

Are you trying to use it in a stream{} block?  There are no
virtual servers in the stream module, so the "listen" directive
has no "default_server" parameter - it is not needed, all
connections to the given listening socket will be handled in only
one server{} block.

--
Maxim Dounin
http://nginx.org/
_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: invalid default_server parrameter

Joel Parker
In reply to this post by Joel Parker
I'm still trying to figure this all out. I am just going to remove default_server for now like you suggested. The config checker doesn't complain anymore ... we'll see if it works.

Joel

On Mon, Apr 24, 2017 at 2:10 PM, Joel Parker <[hidden email]> wrote:
I have many servers sending ssl which I am trying to terminate. So I wanted to create a statement that was a catch all instead of listening for each ip address. I thought this would do it :

server {

      listen 443 ssl  default_server;

......

}

but when I run nginx -t, I keep getting the error : nginx: [emerg] the invalid "default_server" parameter in /etc/nginx/nginx.conf:13

Is this the correct way of doing a catch all incoming ssl traffic and what is wrong with my syntax ?

Joel


_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx