Question

NGINX: Is it possible to have two different SSLs pointing to the exact same webroot?

  • Posted September 26, 2019
  • Nginx

Newbie alert. Please be gentle.

Hi there!

I have a client who is going through a corporate rename so they currently have two URLs pointing to the same webroot on NGINX serving exactly the same content via PHP / Grav CMS. That’s all working fine. Clients can come in via http://www.companyname1.com or http://www.companyname2.com and they get exactly the same content and the client is happy.

Now the client wants to introduce HTTPS on both sites so that clients are forced to go https://www.website1.com or https://www.website2.com.

I’m not sure how to approach this problem. Do I need two SSL certificates or can I get it accomplished with one?

Can I bind the two certificates to the same webroot (which sounds crazy to me).

Any help / thoughts would be appreciated as I’m kind of stuck here now.

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hello,

Yes, this should not be a problem. You would just need to separate Nginx server blocks for the two domain names and their SSL certificates.

Here’s how you could create a server block:

https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-ubuntu-18-04#step-5-setting-up-server-blocks-(recommended)

So it would look something like this:

    server {
            charset UTF-8;
            listen 443 ssl http2;
            server_name website1.com www.website1.com;
            root /var/www/html/;
            ssl_certificate /etc/letsencrypt/live/website1.com/fullchain.pem;
            ssl_certificate_key /etc/letsencrypt/live/website1.com/privkey.pem;
            ssl_trusted_certificate /etc/letsencrypt/live/website1.com/chain.pem;
            include snippets/ssl.conf;
            include snippets/letsencrypt.conf;
 ...
    }

Then you need a second one with the same for website2.com pointing to the same document root: root /var/www/html/data/;.

Note: you need to adjust the path to the SSL certificate and you need to add any extra rules that you have to the new server blocks.

Hope that this helps! Regards, Bobby

Bobby, thanks for this. I really appreciate you taking the time to make a reply.

It’s a relief to know that this is something NGINX can handle. I will give this a try and report back.

Randy