-1

I have multiple domain names, currently all of them are on a single SSL certificate through Lets Encrypt.

However I would like to break them off and get individual certificates for each domain. The problem I'm running into, and what I'm hoping to accomplish is this:

I have several subdomains that are being reverse proxied. IE sd1., sd2., sd3.*, etc. At the moment this works fine while having a single certificate for all domains. Regardless if someone accesses sd1.domain1.com or sd1.domain3.com it uses the single certificate and all is well.

I'm trying to find out if it's possible / the proper way to have the certificate be handled by the domain requested without having to create server blocks for each subdomain / domain combination.

I'd like to keep sd1.* as a server block for the reverse proxy but if sd1.domain1.com is accessed have it provide the domain1 certificate and if sd1.domain2.com is accessed have it provide the certificate for domain2.

Is it possible to have NGINX provide the certificate based on the host/URI that is requested rather than only by server block?

zackchadwick
  • 1
  • Does this answer your question? [nginx use $server\_name on ssl\_certificate path](https://serverfault.com/questions/505015/nginx-use-server-name-on-ssl-certificate-path). To cite *"ssl_certificate is __treated as a literal string__ and is one of the many directives where variables are unsupported."*. – Steffen Ullrich Jan 30 '21 at 22:42

1 Answers1

2

If you have separate TLS certificates, each of those requires a separate server block. You can use the include directive to make configuration snippets with directives that you may use in multiple places in your overall configuration.

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940