2

openssl req -new -x509 -days 8192 -newkey rsa:4096 -extensions v3_ca -config conf/caconfig.cnf -keyform PEM -keyout private/key.ca.pem -outform PEM -out certs/crt.ca.pem

I'm using nginx in conjunction with IPv6 without any issues for a while now, but when trying to deploy SSL it fails with bind() to [...]:443 failed (99: Cannot assign requested address)

nginx config (no server names etc.):

# Works like a charm server { listen 80; listen [2a03:4000:2:3c8:6e65:6f6b:6572:80]:80; return 301 https://$host$request_uri; } # Cannot assign requested address server { listen 443 ssl; listen [2a03:4000:2:3c8:6e65:6f6b:6572:443]:443 ssl; #... }

Using IPv6 addresses with the last two octets being the port works like a charm with other services, too. No other service uses :443 or that address (verified via ip addr show not mentioning it).

Improve this question
3
  • 3
    If ip addr show doesn't list that address, then the address isn't configured on the host, so of course it can't bind to that address... Unless I'm missing something here? Commented Oct 3, 2013 at 0:27
  • 1
    Another good question is why are you trying to use different IP addresses for HTTP and HTTPS. This isn't going to work. Commented Oct 3, 2013 at 0:30
  • Yeah saw that too, I can't have multiple AAAA/A records on the same DNS object. Commented Oct 3, 2013 at 11:31

1 Answer 1

Reset to default
3

You can't listen on an address that your server doesn't actually have configured on one of its interfaces. And you said that that your server's network interface isn't configured for that address.

To resolve the problem, add that address to your network interface configuration.

You should also consider having nginx bind to any address, e.g. with listen [::]:443 ssl.

Improve this answer
1
  • Oh. Well. I thought with IPv6 I wouldn't need to configure these by hand... but I actually did. Oops :-) Commented Oct 3, 2013 at 0:31

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.