nginx ssl proxy for one hostname only

Question

I want nginx to serve as a ssl proxy but for host: "ssl.example.com"

at the same time I want nginx to serve "nginx is ok" website for host: "ssl-check.example.com" (this is just example, please don't suggest any monitoring tools here)

for other hosts pointing to my IP I want to serve 404 or whatever.
- I don't care for certificate mismatch - so SNI is not what I want here.
- I don't want to use described as pitfall solution and use something like

if ($host != $server_name) { root /var/www/errors/404 

All these on single IP.

I have working ssl

server { 

with server_name ssl.example.com - working as I want.

another ssl

server { 

with server_name ssl_check.example.com - showing "nginx is ok"

and last server (also ssl) without server_name (or with "_" as name) which is supposed to serve 404 but it doesn't work...

SOLVED
My config using the solution looks now (and works) like:

1. server with "listen 443 ssl;" serving proxy
2. server with "listen 443 ssl;" serving "nginx is ok"
3. server with "listen 443 ssl default_server;" and with "location / return 404"

If this config can be in any way dangerous - don't hesitate to put me to shame. Thans

Answer 1

You specify the default virtual host using the default_server option to the listen directive. If you don't set this nginx will choose the first server block with a matching listen directive.

server { listen 443 ssl default_server; root /var/www/errors/404; }