I have setup nginx with SSL (SNI based).
My first served vHost uses
server {
...
listen 443 ssl;
server_name host1;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
....
On others vhosts I wanted to be stricter and only allow TLSv1.2
server {
...
listen 443 ssl;
server_name host2;
ssl_protocols TLSv1.2;
....
However, whatever I specify in all host configs except the first one, they all have no effect. The only change that occurs is when I change the first vhost.
So host2
ends up with: TLSv1 TLSv1.1 TLSv1.2
It works also the other way round:
- Only specify TLSv1.2 in first vhost
- Specify all protocols in upcoming vhosts
- Result is, all vhosts only use TLSv1.2
Is it not possible to use different protocols on different SSL SNI vhosts?