0

Check this nginx config. If sending a request like - curl -H "Host: test.com" http://127.0.0.1:8200

Why does nginx use the second server block instead of the first block (with exact host and protocol match) and results in 400 error saying that plain HTTP request was sent to HTTPS port.

 server { listen 8200; server_name test.com; location / { return 200 'Block1'; } } server { listen 8200 ssl default_server; ssl_certificate /etc/ssl/server.cer; ssl_certificate_key /etc/ssl/server.key; location / { return 200 'Block2'; } }
Improve this question
3
  • 3
    You cannot run ssl and non-ssl on the same port. For any given port, ssl is either on of off. Commented Nov 26, 2024 at 21:43
  • 1
    @RichardSmith+ since 2018 you can -- but not the way OP tried Commented Nov 27, 2024 at 5:05
  • @dave_thompson_085 also one can have different settings on different interfaces, but it requires some fine tuning. Commented Nov 27, 2024 at 11:32

1 Answer 1

Reset to default
0

In this case flag ssl works for all servers that listen to port 8200. So both of yours server blocks expect https on port 8200.

Since you've sent plain http request to https port, nginx has no idea what host name you've send and request ends up in default server.

Improve this answer
3
  • Should nginx at config validation? Commented Nov 27, 2024 at 13:28
  • Woud love to understand what exactly happens internally in this case. Commented Nov 27, 2024 at 13:29
  • @Parzival Internally nginx opens only one socket for port, and all server blocks that listen to that port share config. Commented Nov 27, 2024 at 14:00

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.